Legal

Privacy Policy

Last updated: 25 February 2026

Radalt ("we", "us", "our") is committed to protecting your privacy. This policy explains what information we collect, why we collect it, and how we handle it — for both this website (radalt.io) and the Radalt Toolkit desktop application.

The short version: we collect the minimum data needed to run the trial and licensing system. Your IFC files and project data never leave your machine.

1. Information We Collect

A. When you visit radalt.io

Our website is a static site. We do not use analytics scripts, tracking pixels, or advertising cookies. We do not run any form that collects personal information.

The only external requests your browser makes when visiting this site are:

  • Google Fonts (fonts.googleapis.com / fonts.gstatic.com) — to load the Inter typeface. Google may receive your IP address and browser information as part of this request. See Google's Privacy Policy.
  • GitHub API (api.github.com) — the Download page makes a single read-only API call to fetch the latest release version number to display on the download button. No personal data is sent; GitHub may log the request IP. See GitHub's Privacy Statement.

B. When you use Radalt Toolkit (desktop application)

The application collects and stores the following data to operate the trial and licensing system:

Data Purpose Stored locally? Sent to our servers?
Machine ID Bind your trial or licence to one computer; count registered users Yes, encrypted Yes, on every auth request
Email address Send you a magic-link sign-in email; count registered users Yes, in encrypted token file Yes, when you request a sign-in link
Authentication token (JWT) Verify your licence on startup Yes, encrypted (AES-256-GCM) Yes, on each validation check
Trial start date Track your 30-day trial period Yes, encrypted No

What we do not collect:

  • Your IFC, IDS, or BCF files — file contents never leave your machine
  • Usage analytics or feature tracking
  • Keyboard input or clipboard contents
  • System information beyond the machine identifier
  • Browsing history

2. How We Use Your Information

  • Machine ID — to bind your trial or licence to a single computer, prevent misuse, and count the number of registered users of the software
  • Email address — to send the magic-link sign-in email and to count registered users; we do not use it for marketing or share it with third parties
  • Auth token — to verify on each app startup that your licence is valid and has not been revoked
  • Trial start date — to calculate when your 30-day trial expires, stored only on your machine

We do not sell, rent, or trade your personal data with any third party for commercial purposes.

3. Third-Party Services

We rely on the following third-party services to operate the product:

  • Cloudflare — our website (radalt.io) and authentication server are hosted on Cloudflare Pages. Cloudflare processes network traffic and may log request metadata (IP address, timestamps). See Cloudflare's Privacy Policy.
  • Resend — we use Resend to deliver magic-link sign-in emails. Your email address is passed to Resend solely for the purpose of sending that email. See Resend's Privacy Policy.
  • GitHub — the application checks for software updates via GitHub Releases once per day (passive, no personal data sent). The download page also fetches the current version number from the GitHub API. See GitHub's Privacy Statement.

4. Data Retention

  • Authentication tokens expire after 30 days. Expired tokens are invalidated server-side.
  • Your email address and machine ID are retained on our servers for as long as the service operates, primarily to count registered users. You may request deletion at any time (see Section 5).
  • Magic-link tokens are single-use and expire within a short window after generation.
  • We do not retain logs of your IFC file operations.

5. Your Rights

You have the right to request access to, correction of, or deletion of the personal data we hold about you. To exercise any of these rights, email us at [email protected]. We will respond within a reasonable timeframe.

Deleting your account data will deactivate any active licence or trial tied to your email and machine.

6. Security

All data stored locally by the application (machine ID, tokens, trial date) is encrypted using AES-256-GCM with keys derived from your machine identifier via PBKDF2-SHA512. All communication between the application and our authentication server uses HTTPS (TLS).

7. Children

Radalt Toolkit is a professional tool for the AEC industry and is not directed at children under the age of 13. We do not knowingly collect personal data from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the website or application after changes are posted constitutes acceptance of the revised policy.

9. Contact

For any questions about this Privacy Policy or your personal data, contact us at:

Radalt
Email: [email protected]

Download unavailable

The installer isn't available right now. Please contact our support team and we'll get you set up as soon as possible.

[email protected]