Version 1.1.1\nEffective Date: April 8, 2026\nLast Updated: April 8, 2026
At a Glance
Before the legal details, here's what matters:
| What | The Short Version |
|---|---|
| Your Data | You own it. We don't sell it. |
| Collection | We collect only what's needed to run the Service. |
| Sharing | Only with service providers who help us operate. |
| AI (Chloe) | Your conversations are processed by Anthropic. You can delete them. |
| Security | Encryption in transit and at rest. Tenant isolation. |
| Your Rights | Access, correct, delete, export your data anytime. |
| Cookies | Essential cookies only. No ad tracking. |
1. Introduction
This Privacy Policy explains how Passionate Pursuit Design Studio LLC ("we," "us," "our") collects, uses, and protects your personal information when you use Plero (the "Service").
We respect your privacy and are committed to protecting your data. This policy applies to all users of Plero, including Studio Owners, Team Members, and Contractors.
By using the Service, you agree to the practices described in this Privacy Policy.
2. Information We Collect
2.1 Information You Provide
Account Information
- Email address
- Name
- Password (hashed, never stored in plain text)
- Profile photo (optional)
- Phone number (optional)
Studio Information
- Studio name
- Business address
- Logo and branding assets
- Payment information (processed by Stripe)
Business Data
- Clients and client contacts
- Projects and project details
- Invoices and financial records
- Contracts and legal documents
- Contractors and contractor information
- Expenses and bills
Communications
- Support requests
- Feedback you provide
- AI assistant (Chloe) conversations
2.2 Information Collected Automatically
Usage Data
- Pages visited and features used
- Time spent in the application
- Device type and browser information
- IP address
Technical Data
- Error logs and crash reports
- Performance metrics
- API usage patterns
2.3 Information from Third Parties
Payment Processors (Stripe)
- Transaction status
- Payment method last four digits
- Billing address
OAuth Providers (if applicable)
- Basic profile information from Google, GitHub, etc.
3. How We Use Your Information
We use your information for the following purposes:
3.1 Providing the Service
- Creating and managing your account
- Processing payments and invoices
- Enabling collaboration with Team Members and Contractors
- Generating reports and analytics for your Studio
3.2 Improving the Service
- Analyzing usage patterns to improve features
- Debugging errors and performance issues
- Developing new functionality
3.3 Communication
- Sending transactional emails (invoices, password resets)
- Notifying you of changes to the Service
- Responding to support requests
- Sending product updates (with your consent)
3.4 Security and Compliance
- Preventing fraud and abuse
- Enforcing our Terms of Service
- Complying with legal obligations
- Protecting our rights and the rights of others
3.5 AI Features (Chloe)
When you use Chloe, the AI assistant:
- Your questions and business context are sent to Anthropic for processing
- Responses are generated based on your Studio's data
- Conversations are stored in your Studio for reference
- We do not use your conversations to train AI models
4. How We Share Your Information
We do not sell your personal information. We share data only in these circumstances:
4.1 Service Providers
We work with trusted providers to operate the Service. These providers have access to data only as needed to perform their services:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database and authentication | All user data (encrypted at rest) |
| Stripe | Payment processing | Payment details, transaction data |
| Resend | Email delivery | Email addresses, email content |
| Vercel | Hosting and CDN | Request logs, IP addresses |
| Anthropic | AI assistant (Chloe) | Conversation content, prompts |
All providers are bound by data processing agreements and are required to protect your data.
4.2 Your Studio's Data
Within your Studio:
- Studio Owners can access all Studio data
- Team Members can access data based on their permissions
- Contractors can access only projects explicitly shared with them
4.3 Legal Requirements
We may disclose information when required by law, such as:
- Valid legal process (subpoenas, court orders)
- To protect our rights or property
- To prevent fraud or abuse
- In emergencies involving danger to any person
4.4 Business Transfers
If we merge with or are acquired by another company, your data may be transferred as part of that transaction. We will notify you of any such change.
5. Data Retention
We retain your data for as long as needed to provide the Service:
| Data Type | Retention Period |
|---|---|
| Account Information | Until account deletion, then 30 days |
| Business Data | Until deletion, plus 7 years for financial records |
| Usage Logs | 90 days |
| AI Conversations | Until you delete them |
| Backups | 30 days |
5.1 Financial Record Retention
We retain invoices and financial records for 7 years after creation to comply with tax and accounting requirements, even if you delete your account.
5.2 Deletion Process
When you request account deletion:
- Your account becomes inaccessible immediately
- Non-essential data is deleted within 30 days
- Financial records are retained per legal requirements
- Backup copies are purged within 30 days
6. Your Rights
You have the following rights regarding your personal information:
6.1 Access
You can view your data at any time through your account settings. You may request a complete export of your data in JSON or CSV format.
6.2 Correction
You can update your account information through the Service. For data you cannot update yourself, contact support@plero.ai.
6.3 Deletion
You can delete your account through settings. Specific data (like individual invoices) can also be deleted within the application.
6.4 Portability
You can export your data at any time. We provide exports in standard formats (JSON, CSV) that can be used with other services.
6.5 Objection
You can object to certain processing activities. If you object to essential processing, you may need to stop using the Service.
6.6 Withdraw Consent
Where we rely on consent, you can withdraw it at any time. This does not affect the lawfulness of prior processing.
6.7 Exercising Your Rights
To exercise these rights:
- Most actions are available in your account settings
- For complex requests, email privacy@plero.ai
- We will respond within 30 days
7. International Data Transfers
7.1 Where Data Is Stored
Your data is processed in the United States. Our service providers may process data in other locations.
7.2 Safeguards
For data transferred from the European Economic Area (EEA), UK, or Switzerland, we rely on:
- Standard Contractual Clauses approved by the European Commission
- Service provider certifications and data processing agreements
7.3 California Residents (CCPA)
If you are a California resident, you have additional rights:
- Right to know what data we collect and how it's used
- Right to delete your data
- Right to opt out of data sales (we don't sell data)
- Right to non-discrimination for exercising your rights
8. Security
We implement security measures to protect your data:
8.1 Technical Measures
- Encryption in transit: All data transmitted using TLS 1.3
- Encryption at rest: Database encrypted using AES-256
- Access controls: Role-based access, principle of least privilege
- Tenant isolation: Row-level security prevents cross-studio data access
- Secure authentication: Password hashing, optional 2FA
8.2 Organizational Measures
- Regular security reviews and audits
- Employee training on data protection
- Incident response procedures
- Vendor security assessments
8.3 Data Breach Response
In the event of a data breach affecting your data:
- We will notify you within 72 hours of discovery
- We will describe the nature of the breach and data affected
- We will explain the measures taken to address the breach
- We will report to relevant authorities as required by law
9. Cookies and Tracking
9.1 Essential Cookies
We use essential cookies to:
- Maintain your login session
- Remember your preferences
- Ensure security
These cookies are necessary for the Service to function and cannot be disabled.
9.2 Analytics
We collect anonymized usage data to improve the Service. This data cannot identify individual users.
9.3 What We Don't Do
- We do not use advertising cookies
- We do not track you across other websites
- We do not sell data to advertisers
- We do not use third-party marketing pixels
10. Children's Privacy
Plero is not intended for children under 18. We do not knowingly collect data from children. If you believe a child has provided us data, please contact privacy@plero.ai.
11. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes:
- We will update the "Last Updated" date
- We will notify you of material changes via email or in-app notification
- We will provide at least 30 days notice for significant changes
Your continued use of the Service after changes take effect constitutes acceptance of the new policy.
13. Contact Us
For privacy questions or to exercise your rights:
Privacy Contact Email: privacy@plero.ai
Data Protection Inquiries Email: legal@plero.ai
General Support Email: support@plero.ai
14. Regulatory Information
14.1 Legal Basis for Processing (GDPR)
For users in the EEA, UK, or Switzerland, we process data under these legal bases:
| Purpose | Legal Basis |
|---|---|
| Providing the Service | Contract performance |
| Payment processing | Contract performance |
| Security and fraud prevention | Legitimate interest |
| Service improvement | Legitimate interest |
| Marketing emails | Consent |
| AI features (Chloe) | Consent |
| Legal compliance | Legal obligation |
14.2 Data Controller
Passionate Pursuit Design Studio LLC acts as the data controller for user account data and as a data processor for your Studio's business data.
14.3 Complaints
If you have concerns about our data practices, you may lodge a complaint with your local data protection authority.
Version History
| Version | Date | Summary of Changes |
|---|---|---|
| 1.0.0 | February 2, 2026 | Initial Privacy Policy |
Your privacy matters to us. If you have questions about this policy, please don't hesitate to contact us at privacy@plero.ai.