skip to Main Content

Last Updated August, 2019  


Building Engines, Inc. (“Building Engines”) is committed to protecting the privacy of individuals who visit Building Engines’ Web sites (“Visitors”), individuals who register to use the Services as defined below (“Clients”), and individuals who register to attend Building Engines’ corporate events (“Attendees”). This Privacy Statement describes Building Engines’ privacy practices in relation to the use of Building Engines’ Web sites and the related applications and services offered by us (the “Services”).

Building Engines, through its data center partner, Amazon Web Services., complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Building Engines service provider, Amazon Web Services, is certified by the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will govern. To learn more about the Privacy Shield program, and to view Amazon Web Service’s certification, please visit

1.  Web Sites Covered

This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including:;;;; (collectively referred to as “ Web sites” or “Building Engines’ Web sites”).

Building Engines and affiliates Web sites may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. Building Engines encourages you to review the privacy statements of other Web sites to understand their information practices.

2.  Information Collected

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Building Engines requires you to provide us with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Building Engines may require you to provide us with financial qualification and billing information, such as billing name and address, contact and purchasing information, and the size of the company real estate portfolio, the number of assets to be stored by services along with the number of employees within the organization that will be using the Services (“Billing Information”). Required Contact Information, Billing Information, and Optional Information about Clients are referred to collectively as “Data About Building Engines’ Clients”, or in the case of Attendees, “Data About Company’s Attendees”.

As you navigate Building Engines’ Web sites, Building Engines may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on Building Engines’ Web sites (such as the Web pages viewed and the links clicked).

3.  Use of Information Collected

The Company uses Data About Building Engines’ Clients to perform the services requested. For example, if you fill out a “Contact Me” Web form, Building Engines will use the information provided to contact you about your interest in the Services.

The Company also uses Data About Building Engines’ Clients to plan and host corporate events, host online forums and social networks in which event attendees may participate, and to populate online profiles for Attendees on Building Engines’ Web sites.

The Company may also use Data About Building Engines’ Clients and Data About Building Engines’ Clients for marketing purposes. For example, Building Engines may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding Building Engines, its affiliates, and its partners, such as information about promotions or events.

Building Engines does not collect and store credit card information from “Visitors”, “Clients” or “Attendees”.

4.  Web Site Navigational Information

Cookies, Web Beacons and IP Addresses

Building Engines uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate Building Engines’ Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on Building Engines’ Web sites and how this information may be used.

4.1 Cookies

Building Engines uses cookies to SECURE interactions with Building Engines’ Web sites easy and meaningful. When you visit one of Building Engines’ Web sites, Building Engines servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Building Engines, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Me” Web form), you remain anonymous to Building Engines.

Building Engines uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Please note that if you disable your Web browser’s ability to accept cookies, you will be able to navigate Building Engines’ Web sites, but you will not be able to successfully use the Services.

4.2 Web Beacons

Building Engines uses Web Beacons alone or in conjunction with cookies to compile information about Clients and Visitors’ usage of Building Engines’ Web sites and interaction with emails from Building Engines. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Building Engines may place Web beacons in marketing emails that notify Building Engines when you click on a link in the email that directs you to one of Building Engines’ Web sites. Building Engines uses Web beacons to operate and improve Building Engines’ Web sites and email communications.

4.3 IP Addresses

When you visit Building Engines Web sites, we collect your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Building Engines uses IP addresses to monitor the regions from which Clients and Visitors navigate Building Engines’ Web sites.

Building Engines also collects IP addresses from Clients whey they log into the Services as part of Building Engines’ “Identity Confirmation” and “IP Range Restrictions” security features.

5.  Public Forums and Client Testimonials

Building Engines may provide bulletin boards, blogs, or chat rooms on Building Engines’ Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Building Engines is not responsible for the personal information you choose to submit in these forums.

Building Engines posts a list of Clients and testimonials on Building Engines’ Web sites that contain information such as Client’s. Building Engines obtains the consent of each Client prior to posting any information on such a list or posting testimonials.

6.  Sharing of Information Collected

6.1 Service Providers

Building Engines may share Data About Building Engines’ Clients and Attendees with Building Engines’ contracted service providers so that these service providers can provide services on our behalf. Without limiting the foregoing, Building Engines may also share Data About Building Engines’ Clients and Attendees with Building Engines’ service providers to ensure the quality of information provided, and with third-party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, Building Engines does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Business Partners

Occasionally, Building Engines may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Building Engines, we may share Data About Company’s Clients collected in connection with your purchase or expression of interest with our joint promotion partner(s). Building Engines does not control our business partners’ use of the data about Building Engines’ clients we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service. Building Engines does not share data about Building Engines’ attendees with business partners.

Compelled Disclosure

Building Engines, Inc reserves the right to use or disclose information provided if required by law or if Building Engines reasonably believes that use or disclosure is necessary to protect Building Engines’ rights and/or to comply with a judicial proceeding, court order, or legal process.

7.  Communication Preferences

Building Engines offers Visitors, Clients, and Attendees who provide contact information a means to choose how Building Engines uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of Building Engines’ marketing emails. Additionally, you may send a request specifying your communications preferences to Clients cannot opt out of receiving transactional emails related to their account with Building Engines or the Services. Mobile carriers are not responsible or liable for undelivered or delayed messages.

8.  Correcting and Updating Your Information

Clients may update or change their registration information by editing their record. For additional information please email your inquiry to

9.  Client Data & Building Engines Data

Building Engines Clients may electronically submit data or information (activity data) to the Services for hosting and processing purposes (“Client Data”). Building Engines will not, share, distribute, or reference any such Client Data except as provided here; in the Building Engines Master Subscription Agreement executed with Client, or as may be required by law. In accordance with the terms and conditions of each Client Software License Agreement, or Building Engines Master Subscription Agreement, Building Engines may access Client Data only for the purpose of providing the Services, preventing or addressing service or technical problems, at a Client’s request in connection with client support matters, or as may be required by law.

Building Engines may also electronically collect Client Data or information (activity data) through the Services and may compile such data and information while eliminating Personal Identifiable Information (“Cleansed Data”) and combining it with the Cleansed Data and information from other clients.  This de-identified or anonymized data is “Building Engines Data” and may be co-mingled with other non-Systems data for reporting, portfolio and market baselining and for other analytical purposes.

10.  Security

Building Engines uses robust security measures to protect Client Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of Client Data. When the Services are accessed using Internet Explorer version 10.0 or later, or the latest version of Google Chrome, Firefox, or Safari, Transport Layer Security (TLS) technology protects Client Data using both server authentication and data encryption. These technologies help ensure that Client Data is safe, secure, and only available to the Client to whom the information belongs and those to whom the Client has granted access. Building Engines also implements an advanced security method based on dynamic data and encoded session identifications, and Building Engines hosts its Web sites in a secure server environment that use firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. Building Engines also offers enhanced security features within the Services that permit Clients to configure security settings to the level they deem necessary. Clients are responsible for maintaining the security and confidentiality of their Building Engines usernames and passwords.

11.  Changes to Privacy Statement

Building Engines reserves the right to change this Privacy Statement at any time and will provide notification of the material changes to this Privacy Statement through Building Engines’ Web sites, and/or directly to its Clients at least thirty (30) business days prior to the change taking effect.

12.  Contacting Us

Questions regarding this Privacy Statement or the information practices of Building Engines’ Web sites should be directed to Building Engines by emailing us at the following address: or by mailing your question to Building Engines at the following address:  Building Engines, Inc., Legal Department, 33 Arch Street, Suite 3200, Boston, MA 02110

13. General Data Protection Regulations (“GDPR”) – Specific Disclosures

This section applies to data processing activities of data subjects residing in the European Economic Area regardless of residence, to the processing of any Personal Data in the European Economic Area.

  • “Personal Data,” for purposes of this section, means any information relating to an identified or identifiable natural person (‘data subject’).  An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person 
  • “Services” means any of our products, services, or deliverables.
  • “Site” means any website operated and controlled by us.

Pursuant to the European Union General Data Protection Regulation (GDPR), we function as a “processor” for the Services we offer to our clients. The scope of applicable data protections and processing for those Services are set forth in contractual agreements with our clients and are therefore not covered by this Privacy Notice.

We may process certain Personal Data in order to maintain and provide the Services to our clients, such as names, addresses, email addresses, and other contact information for designated client representatives or personnel (“Client Relationship Data”). In addition, we may send marketing materials or communications to potential or existing clients (“Marketing Activities”). For purposes of Client Relationship Data and Marketing Activities, we function as a “controller.” Our disclosures with respect to our processing of data as a controller are set forth in this section.

13.1 How we Collect Personal Data

We describe how we collect and use Personal Data in the Information Collected section of the Privacy Notice.  The Information Collected section is expressly incorporated by reference herein.

13.2 How We Disclose Personal Data

Our disclosure is limited to circumstances where we are permitted to do so under applicable European and national data protection laws and regulations.  A list of companies with whom we share data for purposes of marketing our Services to potential and existing clients is available here:

  • Amazon Web Services Inc.
  • ClientSuccess, Inc.
  • Constant Contact, Inc.
  • Engagio, Inc.
  • Google, Inc.
  • Marketo, Inc.
  • Mixedpanel Inc.
  • Inc
  • QuickBase Inc
  • Salesforce, Inc.
  • Salesloft
  • Survey Monkey, Inc.
  • Teamwork
  • Zendesk Inc.

13.3 Legal Basis for Processing

We collect and process your Personal Data for a variety of different purposes which are set out in further detail in this section.

In some cases, we will ask for your consent so that we may process your Personal Data.  However, in certain circumstances, applicable data protection laws allow us to process your Personal Data without needing to obtain your consent.

13.3(a) Processing Personal Data Where Consent Not Required

In certain cases, separate consent is not required, including:

For the performance of a contract

To perform our contractual obligations to you, including our fulfilling orders or purchases you have made, contacting you in relation to any issues with your order or use of our Services, in relation to the provision of our Services, or where we need to provide your Personal Data to our service providers related to the provision of the Services, including for license activation and management.

To comply with legal obligations

To comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process.

Legitimate Interests

To operate our business and provide our Services (other than in performing our contractual obligations to you) for our “legitimate interests” and for the purposes of applicable law, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.  Legitimate interests may include:

  • To communicate with you regarding the Services, including to provide you important notices regarding changes to our Online Services Agreement (OSA) and to address and respond to your requests, inquiries, and complaints.
  • For our direct marketing purposes.
  • To send you surveys in connection with our Services.
  • To assist in the investigation of suspected illegal or wrongful activity, and to protect and defend our rights and property, or the rights or safety of third parties.
  • To develop, provide, and improve our Services.
  • To enforce our OSA, License Agreements, this Privacy Notice, or agreements with third parties.

13.3 (b) Consent for Processing

In cases where we are not already authorized to process the Personal Data under applicable law, we may ask for your consent to process your Personal Data, including:

  • Marketing
    We may ask for your consent for [Client Name] or our partners or vendors to contact you by telephone, SMS, post and/or email about other offers, products, promotions, developments or Services which we think may be of interest to you and for other marketing purposes.
  • Use of Cookies
    Our Site uses cookies and similar technologies to improve user experience and for analytics.  We also use cookies and similar technologies for purposes of marketing and advertising, including interest-based advertising. For more information on interest-based advertising, see section 3 (Interest-Based Advertising). In those jurisdictions that require it, we allow the data subject to give explicit permission or to deny the use of certain categories of cookies.

A “cookie” is a small text file that a web server stores in browser software.  A browser sends cookies to a server when the browser makes a connection to the server (for example, when requesting a web page from the same domain that created the cookie). The purpose of cookies is to remember the browser over time and distinguish one browser instance (or user) from all others.  Some cookies and other technologies may serve to track Personal Data previously entered by a web user on our site. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them.   Cookies can remember login information, preferences, and similar information.  

Cookies, as well as other tracking technologies such as HTML5 local storage, and Local Shared Objects (such as “Flash” cookies), and similar mechanisms, may record information such as a unique identifier, information you enter in a form, IP address, and other categories of data.

We also use web beacons or “pixels,” and in certain circumstances may collect IP address, screen resolution and browser software and operating system types; clickstream patterns; dates and times that our site is accessed, and other categories of data.

If you want to block the use and saving of cookies from the Site on to their computers hard drive, you should take the necessary steps within your web browser’s settings to block all cookies from the Site and its external serving vendors, or use the cookie control system, which, if available upon your first visit, will be linked here.  Please note that if you choose to erase or block your cookies, certain parts of our Site may not function correctly. For information on how to disable cookies, refer to your browser’s documentation.  

13.4 Interest-based Advertising

Interest-based advertising is advertising that is targeted to you based on your web browsing and app usage over time and across websites or apps. You have the option to restrict the use of information for interest-based advertising and to opt-out of receiving interest-based ads. Depending on from where you access our Site, you may also be asked to consent to our use of cookies, including advertising cookies.

The opt-outs for interest-based advertising require that strictly necessary cookies are not blocked by the settings in your web browser. We support the Self-Regulatory Principles for Online Behavioral Advertising of the Digital Advertising Alliance in the U.S., the Canadian Digital Advertising Alliance in Canada, and the European Digital Advertising Alliance in the EU. If you live in the United States, Canada, or the European Union, you can visit Ad Choices (US), Your Ad Choices (Canada), or Your Online Choices (EU) to find a convenient place to opt-out of interest-based advertising with participating entities for each region. These websites also provide detailed information about how interest-based advertising works. Opting out does not mean that you will no longer receive advertising from us, or when you use the Internet. It just means that the data collected from our website will not be used for interest-based advertising and that the advertising you see displayed on websites will not be customized to your interests.

13.5 Withdrawing Your Consent

You may at any time withdraw the consent you provide for the processing of your Personal Data for the purposes set forth in this Privacy Notice by emailing us at, provided that we are not required by applicable law or professional standards to retain such information.

If you want to stop receiving future marketing messages and materials, you can do so by clicking the “unsubscribe” link included in our email marketing messages or by emailing us at

13.6 Data Subject Rights

You have the right in certain circumstances to request confirmation from us as to whether or not we are processing your Personal Data.  Where we are processing your Personal Data, you also have the right to request access to, modification of, or deletion of such Personal Data.

You also have the right in certain circumstances to receive the Personal Data concerning you that you provided to us, to restrict processing of your Personal Data, or to transmit such data to another controller.

To exercise your rights with respect to your Personal Data, please email us at As permitted by law, certain data elements may not be subject to access, modification, portability, restriction, and/or deletion.  Furthermore, where permissible, we may charge for this service. We will respond to reasonable requests as soon as practicable and as required by law.

13.7 De-identified or Anonymized Data

We may create de-identified or anonymous data from Personal Data by removing data components (such as your name, email address, or linkable tracking ID) that make the data personally identifiable to you or through obfuscation or through other means.  Our use of anonymized data is not subject to this Privacy Notice.

13.8 Data Retention

We will retain your Personal Data for as long as long as you maintain an account or subscription agreement or as otherwise necessary to provide you the Services.  We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

13.9 Right to Lodge a Complain with a Supervisory Authority

You may have a right to lodge a complaint with a supervisory authority.  

13.10 Contact Us

For questions regarding this Privacy Notice, please contact us by sending an email to or by mailing your question to Building Engines at the following address: Building Engines, Inc., Legal Department, 33 Arch Street, Suite 3200, Boston, MA 02110.