top of page

PlanFinder – Data Protection & Security Overview
For customer risk assessments (GDPR / security).

​

A. Controller / Contact

PlanFinder
Dr. Claas Noorduijnstraat 9A-28, 6541 PM Nijmegen, The Netherlands
Primary contact: contact@planfinder.xyz

​

B. Product summary

PlanFinder is a Revit plugin with optional cloud-based layout generation (“Generate”) and a licensing backend. Core authoring and model interaction runs locally inside Revit. Cloud services are used only for computation and license validation.

​

C. Data processed

Generate: The plugin transmits:

  • Geometry in PlanFinder’s internal plain geometry format (boundary polygon, façade geometry, entrance geometry).

  • User-selected generation preferences (e.g., preferred room counts).

No BIM parameters, metadata, user names, or other non-geometric model information are included in the Generate payload.

Licensing: Email address, company name, machine identifier (stored in AWS RDS).

​

D. Hosting and data location

Cloud services run on AWS in eu-central-1 (Frankfurt). Database storage (AWS RDS) is configured in the same region.

​

E. Storage and retention

  • Generate payload: Not stored persistently; processed transiently in Lambda.

  • Licensing records: Stored for the term of the customer relationship plus a limited period for support/accounting.

  • CloudWatch logs: Technical logs retained per configured AWS policy (retention can be set per log group).

​

F. Security controls (high level)

  • Transport security: HTTPS/TLS.

  • Access control: restricted AWS IAM access (least privilege).

  • Operational logging for troubleshooting and security monitoring.

​

G. Encryption and backups (AWS configuration)

Database encryption-at-rest and backup location/retention are managed via AWS RDS configuration. If required for procurement, PlanFinder can provide the current configuration details upon request.

​

H. Sub-processors

  • Amazon Web Services (AWS) – compute, database, logging (EU region Frankfurt).

  • Stripe – payment processing and subscription management.

​

I. Payments / Stripe and transfers

Payments are handled via Stripe. Stripe may process data internationally using appropriate safeguards (e.g., SCCs).

bottom of page