๐Ÿ“‹ Privacy Policy โ€” KoinCad ร—
KoinCad โ€” koincad.com ยท Last updated: June 2026

This Privacy Policy explains what personal data KoinCad ("we", "us") collects when you use our web application, why we collect it, and the rights you have over it. KoinCad is operated by Civ. Eng. Panagiotis Koinis (Greece).

1. What we collect

DataWhyRequired?
UsernameIdentifies your account at loginRequired
Email addressAccount verification, support, security noticesRequired
Password (hashed)Authentication โ€” stored as a one-way bcrypt hash, never in readable formRequired
Full nameAddressed correspondence, invoicesOptional
AddressBilling/invoicing where applicableOptional
Activation codeLinks a payment to your accountRequired to activate access

Your drawings are stored only in your own browser (localStorage), not on our servers. We do not see or store what you draw.

2. What we do NOT collect

3. Local storage

The app stores a short-lived login token and your drawing in your browser's localStorage. This data never leaves your device except for the explicit API calls you make (drawing exports, calculations), which require your authenticated session.

4. Payment data

Payments are handled by our merchant-of-record provider. We never receive or store your full card number or banking details โ€” those go directly to the payment processor under their own compliance (PCI-DSS). We retain only the record that a payment occurred and the activation code it generated.

5. Legal basis (GDPR)

Under the EU General Data Protection Regulation (Regulation 2016/679) and Greek Law 4624/2019, we process your data on the following bases:

6. Your rights

To exercise any right, email privacy@koincad.com. We respond within 30 days.

7. Data retention

We keep your account data for as long as your account is active. Inactive accounts and their associated data are deleted after 24 months of inactivity, unless retention is required by law (e.g. tax records, retained per Greek tax law).

8. Security

Passwords are bcrypt-hashed. All traffic is served over HTTPS. Access to the application is token-gated. The calculation, export, and scripting engines run server-side and are never exposed to the browser. No method of transmission or storage is fully secure, but we apply measures appropriate to the sensitivity of the data.

9. Changes to this policy

We may update this policy. Material changes will be notified by email or in-app. Continued use after a change constitutes acceptance.

10. Contact

Data Controller: Civ. Eng. Panagiotis Koinis
Email: privacy@koincad.com
Website: www.koincad.com
KoinCad Web 2025 ยท Civ.Eng. Panagiotis Koinis ยท koinistechnical.gr