legal

Privacy Policy

Last updated May 13, 2026 · ← back to cooperbuild.ai

Cooper (“Cooper,” “we,” “us”) builds the ontology layer for construction — software that turns the unstructured artifacts of a construction firm into a coherent, queryable object graph. We take the privacy and confidentiality of that data seriously, because it is the entire point of the product. This policy explains what we collect, how we use it, who we share it with, and the choices you have.

1. Who this policy covers

This policy applies to cooperbuild.ai, the Cooper web application, and related services, demos, and communications (together, the “Services”). It is operated by CooperBuild, headquartered in New York, with an additional office in Miami, Florida.

When you use Cooper as part of an organization (a “Customer”), that organization is generally the controller of the project data, specifications, and other content it puts into Cooper, and Cooper acts as its processor under a separate customer agreement and data processing addendum (“DPA”). For that content, the Customer's own privacy notices govern; this policy describes how Cooper itself handles personal information.

2. Information we collect

Information you give us

  • Account & contact details — name, work email, company, role, and credentials when you request access, book a demo, or create an account.
  • Customer content — the documents, data, and objects you or your organization load into Cooper to be modeled: plans and drawings, specification sets, RFIs, change orders, schedules, estimates, line items, subcontractor and vendor records, purchase orders, and the relationships between them.
  • Communications — messages, support requests, and feedback you send us, including any attachments.

Information we collect automatically

  • Usage data — pages and features used, queries run, actions taken, timestamps, and approximate location derived from IP address.
  • Device & log data — browser type, operating system, device identifiers, referring URLs, and error logs.
  • Cookies & similar technologies — used to keep you signed in, remember preferences, and understand aggregate product usage. You can control cookies through your browser settings; some features may not work without them.

Information from third parties

We may receive information from identity providers (single sign-on), analytics and infrastructure vendors, and — where applicable — billing providers, in each case to operate and secure the Services.

3. How we use information

  • To provide, operate, and maintain the Services, including modeling your data into the ontology graph and running the queries you request.
  • To authenticate users, secure accounts, and prevent fraud and abuse.
  • To provide support, respond to inquiries, and communicate about the Services, including service and security notices.
  • To monitor, debug, and improve the Services — for example, fixing errors and tuning performance — using usage and log data.
  • To send product updates and marketing communications where permitted; you can opt out of marketing at any time.
  • To comply with legal obligations and enforce our agreements.

Where required by law, we rely on the following bases to process personal information: performance of a contract, our legitimate interests in operating and securing the Services, your consent (for example, for non-essential cookies or marketing), and compliance with legal obligations.

4. AI models and your data

Your business data is never used to train a public model. Cooper is the harness — your data, modeled so a frontier model can reason over it. The model is a swap; the graph is yours.

Cooper is model-agnostic by design. To answer your queries, the Services route reasoning through one or more frontier models — which may be operated by third-party providers (for example, Anthropic, OpenAI, or Google) or run on infrastructure you control in a self-hosted deployment. We will identify the model providers in use as subprocessors in our DPA and subprocessor list.

  • No training on your content. We do not use Customer content to train, fine-tune, or improve any foundation model that is offered to other customers or the public. Where we use third-party model APIs, we use offerings and contractual terms that exclude your inputs and outputs from provider model training.
  • The wiki and ontology compound for you alone.Templates, pricing heuristics, and the object graph that get sharper with every closed project belong to your organization's deployment. They are not pooled across customers.
  • Self-hosting. Where you run Cooper in your own environment, your Customer content stays in your infrastructure and is not transmitted to us except as you configure (for example, diagnostic logs you choose to share).
  • Aggregate, de-identified telemetry. We may use aggregated, de-identified usage statistics that do not identify you, your organization, or any project to operate, secure, and improve the Services.

5. How we share information

We do not sell personal information. We share it only as described here:

  • Service providers / subprocessors — hosting, storage, model providers, analytics, error monitoring, email, and (if applicable) payment processors, each bound by confidentiality and data-protection obligations and permitted to use the data only to provide services to us.
  • Within your organization— content and activity may be visible to other authorized users and administrators of your organization's Cooper workspace.
  • Legal & safety — when we believe disclosure is required by law or legal process, or is necessary to protect the rights, property, or safety of Cooper, our users, or others.
  • Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to this policy or a successor policy with comparable protections.
  • With your direction — when you ask us to share information or integrate with a third-party service you connect.

6. Data retention

We retain personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Customer content is retained for the term of the applicable customer agreement and deleted or returned thereafter as described in that agreement and our DPA, subject to backup retention cycles and any legal hold. Account and contact data tied to demos or trials that do not convert is retained for a limited period and then deleted or anonymized.

7. Security

We use administrative, technical, and physical safeguards designed to protect information, including encryption in transit and at rest, access controls and least-privilege practices, network segmentation, logging and monitoring, and regular review of our controls. Cooper's security program is built toward SOC 2 attestation. No system is perfectly secure; you are responsible for keeping your credentials confidential and for the security of devices you use to access the Services. See our Terms of Service for more on your responsibilities.

8. International data transfers

Cooper is headquartered in the United States and may process information in other countries where we or our service providers operate. Where required, we use appropriate safeguards — such as the European Commission's Standard Contractual Clauses or equivalent mechanisms — for transfers of personal data out of the EEA, the UK, or Switzerland.

9. Your rights and choices

Depending on where you live, you may have the right to access, correct, delete, or port your personal information; to object to or restrict certain processing; and to withdraw consent. You can also opt out of marketing emails using the unsubscribe link in any such message. To exercise these rights, contact us at hello@cooperbuild.ai. If you are a user within a Customer organization, please direct requests about Customer content to that organization; we will assist them as their processor. We will not discriminate against you for exercising your rights. You may also have the right to lodge a complaint with your local data protection authority.

10. Mobile messaging (SMS) and your phone number

We collect mobile phone numbers only when you provide them — for example, when you book a demo, create an account, contact support, or expressly opt in to receive SMS messages from CooperBuild. We use those numbers to send account-related and transactional messages (such as security codes, confirmations, and service notices), to respond to support requests, and — where you have specifically opted in — to send program-related SMS communications (such as product updates or demo follow-ups).

No mobile information (mobile phone numbers, opt-in data, or consent records) will be shared with third parties or affiliates for marketing or promotional purposes. We do not sell or rent mobile phone numbers, and we do not pass them to lead generators.

If you opt in to an SMS program from CooperBuild:

  • You may opt out at any time by replying STOP to any message. We will send a single confirmation that you have been unsubscribed and will stop sending you messages from that program.
  • You may request assistance by replying HELP, or by contacting us at hello@cooperbuild.ai.
  • Message frequency varies by program; for recurring programs the frequency will be disclosed at the point of opt-in.
  • Message and data rates may apply, depending on your wireless plan.
  • Wireless carriers — including T-Mobile, AT&T, and Verizon — are not liable for delayed or undelivered messages.

Even if you opt out of marketing or program SMS, we may still send essential transactional or security messages where permitted by law. The SMS program terms that govern your enrollment are in our Terms of Service.

11. Children's privacy

The Services are intended for businesses and are not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. If we make material changes, we will update the “Last updated” date and, where appropriate, provide additional notice (for example, by email or in-product). Your continued use of the Services after an update means you accept the revised policy.

13. Contact us

Questions about this policy or our data practices? Email hello@cooperbuild.ai. Postal address: CooperBuild, 276 5th Ave STE 704 PMB 170, New York, NY 10001.