Privacy
Policy.

We use analytics services to understand how users interact with our Services and to improve user experience.

Google Analytics: We use Google Analytics to collect anonymous usage statistics. This service may collect: • Pages viewed and navigation patterns • Time spent on pages • Browser and device information • Geographic location (country/city level) • Referral sources

Google Analytics uses cookies to track user interactions. You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

For more information about how Google uses data, visit: https://policies.google.com/privacy

Other Analytics: We may use additional analytics tools to monitor API performance, error rates, and service availability. These tools collect technical data necessary for maintaining service quality.

We use the information we collect for the following purposes:

Service Delivery: • Providing and maintaining our Services • Processing transactions and sending related information • Responding to your comments, questions, and support requests • Sending technical notices, updates, and administrative messages

Service Improvement: • Analyzing usage patterns to improve our Services • Developing new features and functionality • Monitoring and analyzing trends and user behavior • Detecting, preventing, and addressing technical issues

Communication: • Sending newsletters and updates (with your consent) • Providing customer support • Notifying you about changes to our Services or policies

Legal and Security: • Complying with legal obligations • Enforcing our terms of service • Protecting against fraudulent or illegal activity

We are committed to providing flexible data storage options to meet your regulatory and compliance requirements.

Data Residency Options: • European Union (EU): Data stored in EU-based datacenters, compliant with GDPR requirements • United States (US): Data stored in US-based datacenters, compliant with applicable US privacy laws

For standard website visitors, data is processed and stored in our primary infrastructure. Enterprise customers can request specific data residency arrangements based on their compliance needs.

Data Retention: • Usage analytics: Retained for 26 months, then automatically deleted • Contact form submissions: Retained for 3 years unless you request earlier deletion • Account data: Retained while your account is active, plus 1 year after closure • API logs: Retained for 90 days for debugging and security purposes

Security Measures: • All data is encrypted in transit using TLS 1.3 • Data at rest is encrypted using AES-256 encryption • Regular security audits and penetration testing • Access controls and monitoring for all systems

We use cookies and similar tracking technologies to collect and store information about your interactions with our Services.

Types of Cookies We Use:

Essential Cookies: Required for the website to function properly. These cannot be disabled. • Session management • Security features • Load balancing

Analytics Cookies: Help us understand how visitors interact with our website. • Google Analytics (_ga, _gid cookies) • Page view tracking • User journey analysis

Functional Cookies: Enable enhanced functionality and personalization. • Preference settings • Language preferences

Managing Cookies: You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

Most browsers allow you to: • View cookies stored on your device • Delete individual or all cookies • Block cookies from specific or all websites • Set preferences for first-party vs. third-party cookies

We do not sell your personal information to third parties. We may share your information in the following circumstances:

Service Providers: We share data with trusted third-party service providers who assist in operating our Services: • Payment processors (for subscription billing) • Email service providers (for transactional and marketing emails) • Analytics providers (for usage analysis) • Cloud infrastructure providers (for hosting)

All service providers are contractually obligated to protect your data and use it only for specified purposes.

Legal Requirements: We may disclose information if required to do so by law or in response to: • Valid legal process (subpoenas, court orders) • Government requests • Protection of our legal rights • Emergency situations involving potential threats to safety

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will provide notice before your information becomes subject to a different privacy policy.

Depending on your location, you may have certain rights regarding your personal information.

Rights for All Users: • Access: Request a copy of the personal information we hold about you • Correction: Request correction of inaccurate personal information • Deletion: Request deletion of your personal information • Opt-out: Unsubscribe from marketing communications at any time

Additional Rights (EU/EEA Residents - GDPR): • Portability: Receive your data in a structured, machine-readable format • Restriction: Request restriction of processing in certain circumstances • Object: Object to processing based on legitimate interests • Withdraw Consent: Withdraw consent for processing where applicable • Lodge Complaint: File a complaint with your local data protection authority

Additional Rights (California Residents - CCPA): • Know: Right to know what personal information is collected • Delete: Right to request deletion of personal information • Non-Discrimination: Right not to be discriminated against for exercising rights

To exercise any of these rights, please contact us through our contact page or email us directly. We will respond to your request within 30 days (or sooner as required by law).

As a global service, your information may be transferred to and processed in countries other than your country of residence.

Transfer Mechanisms: For transfers from the EU/EEA to countries without an adequacy decision, we rely on: • Standard Contractual Clauses (SCCs) approved by the European Commission • Data Processing Agreements with appropriate safeguards • Consent, where appropriate

For transfers from other jurisdictions, we comply with applicable local data protection laws and implement appropriate safeguards.

Our Commitment: Regardless of where your data is processed, we apply the same level of protection as described in this Privacy Policy. We ensure that any third parties receiving your data provide adequate protection.

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information.

For users between 16 and 18 years of age, we recommend reviewing this Privacy Policy with a parent or guardian before using our Services.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

How We Notify You: • Posting the updated policy on this page with a new "Last Updated" date • Sending email notification for significant changes (to registered users) • Displaying a prominent notice on our website

Your Continued Use: Your continued use of our Services after any changes indicates your acceptance of the updated Privacy Policy. If you do not agree with the updated policy, you should discontinue use of our Services.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Website: https://plufinder.com/contact • Application Portal: https://app.plufinder.com

For privacy-specific inquiries, please mark your communication as "Privacy Inquiry" to ensure proper routing to our privacy team.

Response Time: We aim to respond to all privacy-related inquiries within 30 days. For urgent matters or requests related to your legal rights, we will prioritize your inquiry.

Data Protection Officer: For EU-related privacy matters, you may also contact us to reach our designated data protection representative.