Data Encryption and Communications
HTTPS/TLS Encryption
All communications between your browser and our servers are encrypted using HTTPS with TLS 1.2 or higher to protect data in transit.
Secure Data Storage
User account information and collected business data are stored using industry-standard encryption practices on secure hosting infrastructure.
API Security and Access Controls
API Key Management
Google Places API keys and other third-party service credentials are securely stored and rotated regularly to prevent unauthorized access.
Rate Limiting and Input Validation
Our platform implements rate limiting to prevent abuse and validates all user inputs to protect against injection attacks and data corruption.
Access Controls and Employee Security
- Limited employee access to user data on a need-to-know basis
- Multi-factor authentication required for administrative access
- Regular review and removal of unnecessary access permissions
- Secure development practices and code review processes
- Employee training on data protection and security practices
Infrastructure Security
Secure Hosting Practices
Our platform is hosted on secure, regularly updated infrastructure with appropriate firewalls, monitoring, and access controls in place.
Public Data Collection
It's important to understand that PlexLead collects only publicly available business information:
- Business names, addresses, and phone numbers from Google Places API
- Website URLs and publicly visible contact information
- Business descriptions and categories from public listings
- No personal data, private information, or sensitive business data
- No tracking of individual users or personal browsing behavior
Security Limitations and Disclaimers
While we implement reasonable security measures, we cannot guarantee absolute security. Users should be aware that:
- No system is completely immune to security breaches
- Internet communications inherently carry some risk
- The data we collect is already publicly available from other sources
- We are not responsible for the security of external websites or services
- Users are responsible for maintaining the security of their own accounts and passwords
User Responsibilities
You play an important role in maintaining the security of your account:
- Use strong, unique passwords for your PlexLead account
- Keep your login credentials confidential
- Log out of your account when using shared or public computers
- Be responsible for how you use and share the business data you access
- Ensure your own email security, as we may send account-related communications
- Report any suspicious account activity immediately
Data Breach Response
In the event of a security incident affecting user accounts or platform integrity:
- We will assess and contain the situation promptly
- Affected users will be notified within a reasonable timeframe
- We will provide guidance on protective actions users should take
- Necessary remediation measures will be implemented
- We will review and improve our security practices based on lessons learned
Third-Party Services
Our platform integrates with external services for data collection:
- Google Places API for business listings and location data
- Website scraping of publicly accessible business websites
- These services have their own security and privacy practices
- We are not responsible for the security practices of third-party services
Security Questions or Concerns?
If you have security questions or need to report a potential vulnerability:
Email: elijah@commonerapps.com
Company: Commoner Apps
Response Time: We aim to respond to security inquiries within 24-48 hours
Responsible Disclosure
If you discover a security issue with our platform, please contact us directly rather than posting publicly. We appreciate responsible disclosure and will work with you to address any legitimate security concerns.