Privacy Policy

Last updated: 23 March 2026

BQ Wizard ("the Add-in") is developed and operated by Ryan Christopher, an individual developer based in the United Kingdom. This policy explains what data the Add-in collects, how it is used, and your rights under the UK General Data Protection Regulation (UK GDPR).

1. Data Controller

Ryan Christopher
Contact: ryan-qs@outlook.com

2. Data We Collect

Data	Purpose	Stored Where
Email address	License activation & cloud sync identity	Cloudflare D1 (server)
Name (optional)	Displayed with license record	Cloudflare D1 (server)
Device ID	Limit activations to 2 devices per licence	Cloudflare D1 (server) & IndexedDB (local)
Licence key	Validate your subscription	Cloudflare D1 (server)
Activity logs	Audit trail of logins, activations, and sync events	Cloudflare D1 (server)
User database backup	Cloud sync of your project data	Cloudflare D1 (server)
PDF measurement data	Cloud sync of take-off measurements	Cloudflare D1 (server)
User settings	Sync your preferences across devices	Cloudflare D1 (server) & localStorage (local)
PDF files	Cached locally for performance	IndexedDB (local only)

3. Lawful Basis for Processing

Contract performance — processing your email and licence key is necessary to provide the service you have licensed.
Legitimate interest — cloud sync of your project data so you can access it across devices, and activity logging for security and abuse prevention.

4. Third Parties

Your data is not sold or shared with any third party for marketing or analytics purposes.

The Add-in uses Cloudflare (Pages and D1) as its hosting and database infrastructure provider. Cloudflare processes data on our behalf under their privacy policy. Data is stored in Cloudflare's infrastructure and may be processed in data centres outside the UK, subject to Cloudflare's data protection commitments.

5. Analytics & Tracking

The Add-in does not use any third-party analytics, tracking scripts, or advertising pixels. No cookies are set. Local storage (IndexedDB and localStorage) is used solely for application functionality.

6. Data Retention

Your data is retained on our servers for as long as your account is active. If you request deletion, all server-side data associated with your email address will be removed within 30 days.

7. Your Rights

Under UK GDPR you have the right to:

Access — request a copy of the data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete all your server-side data.
Data portability — export your local database at any time using the Add-in's export feature.
Object — object to processing based on legitimate interest.

To exercise any of these rights, email ryan-qs@outlook.com.

8. Data Security

All data in transit is encrypted via HTTPS/TLS. Server-side data is stored in Cloudflare D1, which provides encryption at rest. Access to server-side data is restricted to the data controller.

9. Children

The Add-in is not directed at individuals under the age of 13. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy from time to time. The "last updated" date at the top of this page will be revised accordingly.

11. Contact

For any privacy-related questions or requests, contact:
ryan-qs@outlook.com