Explore More
Accessories
About Us
Cart

Privacy Policy

How I collect, use, and protect your data.

Data I Collect

When you use Build Factory X, I collect the following information to process and fulfil your orders:

  • Full Name, Email Address, and Mobile Number (provided during registration or checkout).
  • Delivery Address (street, landmark, city, PIN code) for shipping purposes.
  • PC build configuration selections, order history, and budget preferences.
  • Login/logout actions are rate-limited by email address for abuse prevention.

Authentication — Firebase

I use Google Firebase Authentication to handle user login via Google Sign-In. Firebase processes your Google account data (name, email, profile photo) to authenticate your identity. Firebase stores a session token locally in your browser using Local Persistence, keeping you signed in across page reloads. For full details, see Firebase’s Privacy Policy.

Data Storage — MongoDB

All order data, user profiles, rate-limit records, and accessory catalogue information are stored securely in a MongoDB Atlas cloud database. Your data is encrypted in transit (TLS) and at rest. Cancelled orders are automatically purged from the database 6 hours after cancellation. See MongoDB’s Privacy Policy.

Cookies & Session Persistence

I use the following cookies and local storage mechanisms:

  • Firebase Auth Token — stored in browser Local Storage to maintain your login session across visits.
  • Admin JWT Cookie — an HTTP-only session cookie issued to verified admin users for secure dashboard access.
  • Cart Data — your shopping cart contents are saved in Local Storage and optionally synced to the server for persistence.
  • Auth Rate Limit — login/logout attempts are tracked in-memory by email address (no persistent storage).

Payments — Razorpay

Payments are processed through Razorpay. Build Factory X does not store your card details, bank account numbers, or UPI PINs. All payment data is handled directly by Razorpay in a PCI-DSS compliant environment. See Razorpay’s Privacy Policy.

Data Retention & Deletion

  • Active order data is retained until the order is completed or cancelled.
  • Cancelled orders are automatically deleted from my database 6 hours after cancellation.
  • Rate-limiting records (login/logout attempts) expire automatically per their configured TTL.
  • You may request full account and data deletion by contacting us at buildfactoryx@gmail.com.

BFX AI Assistant

Our chatbot assistant uses the Google Gemini API and OpenRouter API to generate responses to your queries. Please **do not enter any private personal details** (such as credit card numbers, passwords, bank account info, or government IDs) in the chat box. Build Factory X does not store, process, or ask for payment credentials in the chat, and BFX is not responsible for any security issues or data exposure resulting from sharing private details in the chatbot window.

Communications

I use Resend to send transactional emails (order confirmations, status updates). I do not send marketing or promotional emails unless you explicitly opt-in.

This policy was last updated on 17 May 2026. I reserve the right to update this policy at any time. Continued use of the platform constitutes acceptance of the latest policy.