Privacy Policy

IssueLab ("we", "us", "our") operates Foreman, a construction project management platform built on Autodesk Construction Cloud. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal data when you access or use our services. By using Foreman, you agree to the practices described in this policy.

1. Information We Collect

Account Data

When you register for Foreman, we collect your name, email address, organisation name, and authentication credentials. If you sign in through Autodesk, we receive the profile information you authorise Autodesk to share.

Usage Data

We automatically collect information about how you interact with Foreman, including pages visited, features used, timestamps, browser type, operating system, IP address, and referring URLs.

Project & Construction Data

Foreman processes construction project data from your Autodesk Construction Cloud account, including project names, folder structures, member lists, role assignments, and permission configurations. This data is accessed via the Autodesk Platform Services API on your behalf.

2. How We Use Your Information

• To provide, maintain, and improve Foreman's features and functionality
• To authenticate your identity and manage your account
• To process role assignments, permissions, and compliance reporting
• To communicate with you about service updates, security alerts, and support
• To analyse usage patterns and improve user experience
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations

3. Lawful Basis for Processing

Under GDPR Article 6, we process your personal data on the following lawful bases:

• Contract performance: Processing necessary to deliver the Foreman service you have subscribed to
• Legitimate interest: Improving our services, ensuring security, and preventing fraud
• Consent: Where you have given explicit consent, such as for marketing communications
• Legal obligation: Processing required to comply with applicable laws and regulations

4. Data Sharing & Third Parties

We do not sell your personal data. We may share data with the following categories of third parties:

• Autodesk Construction Cloud: Foreman integrates with ACC to manage your construction projects. Data exchanged with Autodesk is governed by their privacy policy and your agreement with them.
• Sub-processors: We use carefully selected service providers for hosting, analytics, and email delivery. All sub-processors are bound by data processing agreements.
• Legal requirements: We may disclose data where required by law, court order, or governmental authority.

5. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission or transfers to countries with an adequate level of data protection as determined by adequacy decisions.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, regular security assessments, and incident response procedures. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When data is no longer needed, it is securely deleted or anonymised. Account data is retained for the duration of your subscription and for a reasonable period thereafter to allow for account reactivation.

8. Your Rights Under GDPR

If you are located in the EEA or UK, you have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data ("right to be forgotten")
• Right to restriction: Request restriction of processing in certain circumstances
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interest or for direct marketing
• Rights related to automated decision-making: Not be subject to decisions based solely on automated processing that produce legal or significant effects

You can download a copy of all your personal data at any time from your Account Settings > Personal Data page. To exercise any other rights listed above, please contact us at tech@issuelab.co. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

9. Cookies & Tracking Technologies

Foreman uses essential cookies required for authentication and session management. We may also use analytics cookies to understand how our service is used. You can manage your cookie preferences through your browser settings. Essential cookies cannot be disabled as they are necessary for the service to function.

10. Children's Privacy

Foreman is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by posting the updated policy on this page and updating the effective date. Your continued use of Foreman after changes are posted constitutes acceptance of the revised policy.

12. Data Protection Officer & Contact

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: