← Back to Home

Privacy Policy

Last updated: January 13, 2025

Note: This policy prioritizes service functionality while maintaining compliance

1. Information We Collect

DATA COLLECTION NOTICE: We collect extensive data to provide advanced AI and business intelligence features. By using our service, you consent to all data collection described below.

A. Personal Information You Provide

PlexLead ("we," "our," or "us") collects personal information you directly provide:

  • Account Information: Name, email address, password, company name
  • Communication Data: Messages, support requests, feedback
  • Search Parameters: Search queries, filters, preferences you set
  • Email Configuration: SMTP settings you provide for outreach functionality

B. Business Data We Collect (Not Personal Information)

Our platform collects publicly available business information including:

  • From Google Places API: Business names, addresses, phone numbers, ratings, reviews, hours, categories
  • From Public Websites: Business email addresses, social media profiles, website URLs
  • Geographic Data: Location coordinates, service areas
  • Business Intelligence: Industry classifications, business size estimates
  • AI-Enhanced Data: Machine learning analysis, categorizations, and insights generated from public business data

C. Usage and Technical Data

  • Platform Analytics: Feature usage, search patterns, export activities, AI feature interactions
  • Technical Data: IP address, browser type, device information, session data, cookies
  • Performance Data: API response times, error logs, system performance metrics
  • AI Interaction Data: Queries sent to AI systems, AI-generated content, user feedback on AI outputs
  • Email Tracking Data: Email delivery status, engagement metrics, bounce data
  • Contact Status Data: Email history, engagement tracking, lead scoring data

2. How We Use Your Information

DISCLAIMER: While we describe our data uses below, technology evolves rapidly. We may use data in additional ways that provide business value while maintaining reasonable privacy protections.

A. Personal Information Uses

  • Provide and maintain your account and platform access
  • Process your search requests and generate business leads
  • Enable email outreach functionality with your provided SMTP credentials
  • Process data through artificial intelligence and machine learning systems for enhanced functionality
  • Generate AI-powered content, suggestions, and business intelligence insights
  • Track and analyze user interactions with AI features
  • Communicate about your account, billing, and service updates
  • Provide customer support and respond to inquiries
  • Improve our services based on usage patterns and AI model performance
  • Conduct automated analysis for business optimization

B. Business Data Uses

  • Deliver search results and business intelligence reports to you
  • Enable data export functionality (CSV, JSON formats)
  • Enhance search accuracy through data enrichment algorithms and AI processing
  • Cache frequently accessed data to improve performance
  • Process through AI systems (including Google Gemini) for analysis and insights
  • Generate automated categorizations, scores, and recommendations
  • Train and improve AI models (using aggregated, anonymized data only)

3. Legal Basis for Processing (GDPR)

We process personal information based on the following legal grounds:

  • Contract Performance: To provide services you've requested
  • Legitimate Interest: To improve our services and prevent fraud
  • Consent: Where you have explicitly consented (e.g., marketing communications)
  • Legal Compliance: To comply with applicable laws and regulations

4. Information Sharing and Disclosure

WE DO NOT SELL, RENT, OR TRADE YOUR PERSONAL INFORMATION TO THIRD PARTIES.

We may share information in these limited circumstances:

  • With Your Consent: When you explicitly authorize sharing
  • Service Providers: Third-party vendors under strict confidentiality agreements (hosting, analytics)
  • Legal Requirements: To comply with subpoenas, court orders, or legal processes
  • Business Protection: To protect our rights, property, or safety
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

Third-Party Services We Use:

  • Google Places API: For business data sourcing (subject to Google's privacy policy)
  • Google Gemini AI: For artificial intelligence features and content generation (subject to Google's AI terms)
  • Google Firebase: For data storage, authentication, and analytics (subject to Google's privacy policy)
  • Web Hosting Services: For platform infrastructure
  • Analytics Services: For usage tracking and improvement
  • Email Service Providers: For transactional and marketing communications

IMPORTANT: We have no control over how third-party AI services process your data. By using AI features, you acknowledge and accept the risks associated with third-party AI processing.

5. Data Security and Protection

  • Encryption: Data transmission secured with HTTPS/TLS encryption
  • Access Controls: Limited access to personal information on need-to-know basis
  • Rate Limiting: Protection against abuse and unauthorized access
  • Regular Updates: Security patches and system updates
  • Monitoring: System monitoring for security threats
  • Firebase Security: Data stored using Google Firebase security infrastructure
  • API Security: Rate limiting and authentication for all API endpoints

SECURITY DISCLAIMER: Despite our security measures, no method of transmission or storage is 100% secure. WE PROVIDE NO GUARANTEES REGARDING DATA SECURITY and shall not be liable for any security breaches, unauthorized access, or data loss. You acknowledge that you provide information at your own risk.

AI SECURITY NOTICE: Data processed by AI systems may be subject to additional security risks inherent in machine learning technologies. We disclaim liability for AI-related security incidents.

6. Data Retention

  • Account Data: Retained while your account is active, plus 30 days after account closure
  • Business Data: Cached for up to 90 days for performance optimization
  • AI Training Data: Aggregated, anonymized data may be retained indefinitely for AI model improvement
  • Usage Analytics: Aggregated data retained indefinitely for service improvement
  • Support Communications: Retained for 2 years for quality assurance
  • Email Tracking Data: Retained for up to 1 year for campaign analysis
  • Legal Requirements: Some data may be retained longer to comply with legal obligations
  • Backup Systems: Data may persist in backup systems for extended periods

RETENTION DISCLAIMER: Actual retention periods may vary due to technical limitations, legal requirements, or business needs. We reserve the right to modify retention periods without notice.

7. Your Privacy Rights

All Users:

  • Access your personal information
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data in a portable format

Additional Rights for EU/UK Users (GDPR):

  • Object to processing based on legitimate interests
  • Restrict processing in certain circumstances
  • File complaints with supervisory authorities
  • Withdraw consent where processing is based on consent

California Users (CCPA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to non-discrimination for exercising privacy rights
  • Right to opt-out of sale (Note: We do not sell personal information)

8. Cookies and Tracking Technologies

We use various cookies and tracking technologies:

  • Essential Cookies: Required for platform functionality (login sessions, preferences)
  • Analytics Cookies: To understand platform usage and improve services
  • Firebase Cookies: For authentication, data synchronization, and analytics
  • AI Feature Cookies: To maintain AI session state and preferences
  • Email Tracking: To monitor email delivery and engagement
  • Performance Cookies: To optimize platform performance and user experience
  • Third-Party Cookies: From Google services (Places API, Firebase, Gemini AI)

You can control cookie settings through your browser, but disabling cookies may impair platform functionality. By using our service, you consent to all cookies described above.

9. International Data Transfers

Your personal information may be processed in countries other than your residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for transfers to countries with adequate protection
  • Other legally approved transfer mechanisms

10. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware of such collection, we will delete the information promptly.

11. Changes to This Policy

  • We may update this Privacy Policy to reflect changes in our practices or legal requirements
  • Material changes will be posted with 30 days advance notice
  • Continued use after changes constitutes acceptance of the updated policy
  • We will notify you via email for significant changes affecting your rights

Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: elijah@commonerapps.com

Company: Commoner Apps