Privacy Policy

Last updated: April 1, 2026  ·  Blocks  ·  blocksdiy.org

This Privacy Policy describes how Blocks (“we”, “us”, “our”) collects, uses, and shares personal data when you visit blocksdiy.org or use our workflow platform services. We process data in accordance with the EU General Data Protection Regulation (GDPR) where applicable.

1. Who we are

Blocks is an agentic workflow platform operated by Blocks (the company). Our registered address is:

Sarona Tower, 121 Menachem Begin Rd, Tel Aviv 6701203, IL

For data protection inquiries: [email protected]

2. Data we collect

2.1 Website visitors

When you visit blocksdiy.org, we may collect:

  • IP address and approximate location (country/city level)
  • Browser type, device type, and operating system
  • Pages visited, referrer URL, and time on page
  • Cookie identifiers (see our Cookie Policy)

2.2 Account and platform users

When you create an account or use the Blocks platform, we collect:

  • Name and work email address
  • Company name and role
  • Workflow configuration data you create in the platform
  • Audit log entries generated by your team’s workflow activity
  • Integration credentials (stored encrypted, never logged in plaintext)
  • Payment information (processed by our payment provider; we do not store card data)

2.3 Contact and inquiry data

If you contact us directly (email, contact form), we collect the information you provide in that communication.

3. Legal bases for processing (GDPR)

Processing purposeLegal basis
Providing the platform and services you signed up forContract performance (Art. 6(1)(b))
Sending transactional emails (account, billing, security)Contract performance (Art. 6(1)(b))
Website analytics (aggregate, anonymized)Legitimate interest (Art. 6(1)(f))
Marketing emails (product updates, blog)Consent (Art. 6(1)(a))
Fraud prevention and security monitoringLegitimate interest (Art. 6(1)(f))
Legal compliance and regulatory obligationsLegal obligation (Art. 6(1)(c))

4. How we use your data

  • To operate, maintain, and improve the Blocks platform
  • To authenticate users and manage accounts
  • To send you service communications (transactional emails, security alerts)
  • To respond to support requests and inquiries
  • To generate aggregate analytics about platform usage (never sold to third parties)
  • To comply with applicable legal obligations

5. Data sharing and sub-processors

We do not sell your personal data. We share data only with the following categories of service providers:

CategoryPurposeData shared
Cloud infrastructureHosting and data storageAll platform data (encrypted at rest)
Payment processorBilling and subscription managementName, email, billing address
Email deliveryTransactional and marketing emailName and email address
AnalyticsAggregate website usage analysisAnonymized event data
Error monitoringPlatform reliabilityError traces (no personal data in payloads)

All sub-processors are contractually bound to process data only as instructed and to maintain appropriate security measures.

6. International data transfers

Our infrastructure is hosted primarily within the EU/EEA. Where data is transferred outside the EEA (for example, to sub-processors with US operations), we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission to ensure adequate protection.

7. Data retention

  • Account data: retained for the duration of your subscription plus 90 days after cancellation
  • Audit log data: retained according to your plan (Starter 30 days, Growth 1 year, Enterprise configurable)
  • Marketing preferences: until you withdraw consent or request deletion
  • Legal/financial records: as required by applicable law (typically 7 years)

8. Your rights under GDPR

Access

Request a copy of the personal data we hold about you.

Rectification

Request correction of inaccurate or incomplete data.

Erasure

Request deletion of your personal data (“right to be forgotten”).

Portability

Receive your data in a structured, machine-readable format.

Restriction

Request that we limit how we process your data in certain circumstances.

Objection

Object to processing based on legitimate interest, including direct marketing.

To exercise any of these rights, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority.

9. Cookies

We use cookies for essential functionality, analytics, and (with your consent) marketing. For full details, see our Cookie Policy.

10. Security

We implement appropriate technical and organisational measures to protect personal data, including encryption at rest and in transit, access controls, and regular security reviews. However, no system is completely secure; we cannot guarantee absolute security of your data.

11. Children

The Blocks platform is intended for business users aged 18 and over. We do not knowingly collect personal data from anyone under 16. If we become aware of such collection, we will delete it promptly.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users by email before material changes take effect. The “last updated” date at the top of this page reflects the most recent revision.

13. Contact us

For privacy questions, requests, or complaints:

Blocks
Sarona Tower, 121 Menachem Begin Rd, Tel Aviv 6701203, IL
Email: [email protected]
Phone: +972 3-547-7884