Privacy PolicyEffective March 22, 2026Last updated March 22, 2026

How PLINTH handles your data

This page is the human-readable privacy policy for PLINTH. It reflects the actual product behavior in the repo: waitlist capture, secure auth cookies, consent-based analytics, billing records, share links, diagnostics, and AI-powered design workflows.

Join Private Beta Open Privacy & Data

At a glance

Primary data

Account details, project files, waitlist submissions, billing records, and support requests.

Technical data

IP address, user-agent, request logs, consent state, and abuse-prevention metadata.

Third parties

Cloud hosting, analytics, email delivery, payment processing, AI providers, and monitoring.

Controls

Analytics banner choices, account export/delete, and waitlist removal via email reply.

We collect only the information needed to run the product, secure the service, and support your account.

Analytics is consent-based and the choice is stored locally in your browser.

We do not sell personal information or use your private project files for advertising.

Section

Scope

This policy explains how we collect, use, disclose, retain, and protect personal information when you use PLINTH websites, apps, APIs, waitlist forms, share links, support flows, and related services.

It applies to registered accounts, waitlist submissions, public share links, and any other interaction where PLINTH processes personal information.

Section

Information we collect

We collect the information you provide directly, information created when you use the service, and limited technical data needed to keep the product reliable and secure.

Account and identity data

  • Email address, name, avatar URL, password hash, role, organization membership, active workspace, session version, and preference settings.
  • If you sign in with Google, we may receive the Google account identifier, email address, display name, and profile image associated with that login.
  • Authentication cookies are used to keep you signed in and to protect your session.

Project and design content

  • Floor plans, reference images, prompts, render outputs, project metadata, room templates, revisions, comments, threads, share links, and collaboration activity.
  • Assets you upload may be processed to generate AI outputs, previews, or related design artifacts.

Waitlist submissions

  • Email address, source page, IP address, user-agent, timestamps, delivery status, and anti-abuse metadata recorded when you join the private beta waitlist.
  • We also keep a suppression-style duplicate record when needed to prevent repeated spam submissions and to protect the signup flow.

Billing and transaction data

  • Wallet ledger entries, top-up orders, payment provider identifiers, billing events, receipt references, and legal acceptance timestamps.
  • Payment instrument details are handled by the payment processor and are not stored by us in raw card form.

Technical and diagnostic data

  • Request path, request ID, IP address, user-agent, browser/device information, error reports, logs, and rate-limit metadata.
  • Consent choices for analytics are stored locally in your browser so the site can remember your preference.

Support and feedback

  • Messages, feedback submissions, review comments, and support-related correspondence you send to us or through our external forms.

Section

How we use data

We use the information we collect to provide the service, maintain your account, deliver the features you request, and keep the platform secure.

Service delivery

  • Create and manage accounts, sessions, organizations, projects, renders, share links, and collaboration workflows.
  • Process prompts, images, files, and related context to generate the outputs you request.
  • Send waitlist confirmations, transactional notices, and product updates related to the beta or your account.

Security and abuse prevention

  • Detect spam, bot activity, duplicate submissions, suspicious logins, and unauthorized use.
  • Enforce rate limits, session security, and access controls on protected routes.

Product improvement and analytics

  • Measure product usage, improve conversion flows, understand feature adoption, and debug reliability issues.
  • Analytics is only activated according to the consent choice you make in the banner.

Billing, legal, and compliance

  • Process payments, maintain ledger records, verify transactions, handle chargebacks or disputes, and comply with law.
  • Keep records required for accounting, security reviews, or legal obligations.

Section

How we share data

We do not sell personal information. We share personal information only when needed to operate the product, satisfy your request, or comply with law.

Service providers

  • Cloud hosting, database, file storage, email delivery, analytics, payment processing, AI inference, and error monitoring providers may process data on our behalf.
  • These providers process data only to the extent needed to provide their services to us.

Public or link-based sharing

  • If you create a share link or publish feedback externally, the content you choose to share may be accessible to anyone with the link or by the third-party provider involved.
  • You are responsible for the information you intentionally make public.

Legal and safety disclosures

  • We may disclose information if we believe it is necessary to comply with law, respond to lawful requests, protect our rights, investigate abuse, or protect users and the platform.

Section

Cookies, local storage, and analytics

We use essential cookies and browser storage to authenticate sessions, keep the product stable, and remember your preferences.

Essential cookies

  • Secure auth cookies keep you signed in and protect protected routes.
  • These cookies are necessary for the product to function and cannot be fully disabled without breaking account access.

Analytics consent storage

  • We store your analytics choice locally in the browser so we can remember whether you granted or declined analytics.
  • If you change your mind, you can clear browser storage or use browser controls to reset the choice.

Analytics mode

  • Analytics loads in consent mode. When you accept analytics, Google Analytics can collect usage data to help us measure and improve the product.
  • When you decline analytics, the site keeps analytics storage denied and limits collection according to the configured consent mode.

Section

AI processing and third-party vendors

Some product features rely on third-party services to perform rendering, image processing, AI assistance, storage, email delivery, or payments.

AI and rendering providers

  • Prompts, images, masks, and related context may be sent to the provider that performs the requested generation or transformation.
  • We route only the data required for the specific feature you are using.

Email and notifications

  • We use an email delivery provider to send waitlist confirmations and other transactional messages.
  • Waitlist emails include an unsubscribe mechanism where supported by the email client and provider configuration.

Payments

  • Payment processing is handled by our payment provider. We store order, ledger, and legal acceptance data needed to reconcile transactions.

Monitoring and reliability

  • Operational logs and error monitoring may include request metadata, IP address, user-agent, and stack traces for debugging and abuse prevention.

Section

Retention

We retain information only for as long as needed to provide the service, meet legal obligations, resolve disputes, maintain security, and support backups or audit requirements.

Account data

  • Account, project, and collaboration data may remain available while your account is active and for a limited period afterward if needed for recovery, support, or legal obligations.

Waitlist data

  • Waitlist records are kept until the beta process no longer needs them or until you ask us to remove them, subject to abuse-prevention and legal requirements.

Billing and logs

  • Billing, security, and audit records may be retained longer where required by law, tax, fraud-prevention, or dispute-resolution rules.

Section

Your rights and controls

Depending on where you live, you may have rights to access, correct, export, delete, or restrict some of your personal information, and to object to certain processing.

Self-service controls

  • Use Settings → Privacy & Data to export or delete your account information if you are signed in.
  • Use the analytics banner to accept or decline analytics on the website.

Waitlist controls

  • If you joined the waitlist, reply to the confirmation email to request removal or follow the email workflow available for that record.

Jurisdictional rights

  • Where required by law, we will honor requests for access, portability, correction, deletion, objection, or restriction, subject to identity verification and lawful retention limits.

Section

Security

We use administrative, technical, and organizational safeguards designed to protect information, including transport security, secure cookies, access controls, password hashing, rate limiting, and logging.

No system is perfectly secure, and we cannot guarantee absolute protection against unauthorized access or misuse.

Section

Children

PLINTH is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a child has provided us information without appropriate consent, contact us so we can review and delete it where appropriate.

Section

International transfers

Your information may be processed in countries other than your own, including countries where our service providers or infrastructure vendors operate.

Where required, we take steps intended to provide appropriate protection for cross-border transfers.

Section

Changes to this policy

We may update this policy as the product or legal requirements evolve.

When we make material changes, we will update the effective date and, where appropriate, surface the update in-product or by email.

Section

Contact

If you have a privacy request, use the product controls available to you or reply to the email associated with the record you want reviewed.

Best route for each record type

  • Registered account: Settings → Privacy & Data export/delete tools.
  • Waitlist record: reply to the confirmation email from PLINTH.
  • External form or third-party service: contact the provider or reply to the email that brought you there when possible.

Need a request handled

Use the product controls already available to you

Registered users can export or delete their data from Settings. Waitlist users can reply to the beta email. If you are interacting through a public share or external form, the third-party provider’s privacy terms also apply.

Back HomeJoin Private Beta