Privacy Policy

Effective Date: 3rd April 2025

This Privacy Policy ("Policy") explains how Plexe Ltd ("Plexe AI", "we", "us", or "our") collects, uses, shares, and protects personal data in connection with our AI platform ("Platform") and related services ("Services"), as defined in our Terms of Service. This Policy is incorporated by reference into our Terms of Service. Capitalised terms used but not defined inline have the meanings given in the Terms of Service.

By using our Services, you agree to the practices described here. If you do not agree, please do not use the Services.

1. Definitions

Plexe Ltd is a company registered in England and Wales (Company No. 16361092).

For the purposes of UK and international data protection laws:

We act as a data controller for account information, usage logs, and communications.

We act as a data processor for any personal data you upload to the Platform as part of Your Content.

Our Data Processing Agreement (DPA) governs this processing relationship.

2. Information We Collect

2.1 Information You Provide

Account information: name, email address, password, organisation (if applicable)

Payment data: handled via Stripe; we do not store your full payment details

Uploaded content: datasets, models, or other data you input via the Platform

Communications: emails, support tickets, feedback

2.2 Information We Collect Automatically

Usage data: IP address, activity logs, timestamps, API usage

Device data: browser, operating system, device type

Cookies: used for login, preferences, and analytics.

2.3 Information from Third Parties

Identity providers (e.g., social login or SSO)

Integration partners or analytics providers

3. How We Use Your Information

We use your personal data to:

Provide, maintain, and improve the Services

Authenticate users and manage accounts

Process payments and subscriptions

Respond to your queries and support requests

Monitor, secure, and prevent abuse of the Platform

Comply with legal obligations

We do not use your personal data, including any personal data contained in uploaded content, for product development, model training, or service improvement purposes unless we have obtained your explicit consent. However, we may use anonymised or non-personal usage data, including aggregated technical content, to analyse platform performance and improve functionality.

Legal Bases

We rely on:

Contractual necessity: to deliver the Services you signed up for

Legitimate interests: platform maintenance, fraud prevention, analytics

Consent: where explicitly required (e.g., marketing communications)

Legal obligations: for regulatory or tax purposes

We do not conduct automated decision-making that has legal or similarly significant effects.

4. Sharing Your Information

We do not sell your personal data. We may share it with:

Subprocessors (e.g., AWS, Stripe), under strict data protection terms

Affiliates or corporate acquirers, in connection with mergers or acquisitions

Authorities, where required by law or court order

Other third parties, but only with your explicit consent

See our DPA for a list of subprocessors and data handling terms.

5. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your personal data

Correct or delete inaccurate data

Object to or restrict processing

Withdraw consent where applicable

Request data portability

To exercise these rights, email us at privacy@plexe.ai. We may need to verify your identity. You may also have the right to lodge a complaint with your local data protection authority.

You may opt out of marketing communications at any time by contacting us or adjusting your preferences through your account.

6. Data Retention

We retain personal data only for as long as required by law, or necessary to fulfil the purposes for which it was collected, including:

Providing and maintaining the Services

Meeting legal, accounting, and regulatory requirements

Resolving disputes or enforcing agreements

Upon closure of your account, we will retain personal data for up to 90 days to allow for retrieval or export, unless deletion is requested sooner and no legal obligation requires continued retention.

You may request deletion of your personal data at any time, subject to our legal obligations and legitimate interests. After the 90-day period, personal data will be securely deleted unless required for regulatory or fraud prevention purposes.

7. International Data Transfers

Plexe AI is headquartered in the United Kingdom, but we may process personal data in other countries where we or our service providers operate. This may include jurisdictions outside your country of residence.

Whenever we transfer personal data internationally, we do so in compliance with applicable data protection laws. For example:

For transfers from the UK or EEA, we rely on safeguards such as Standard Contractual Clauses (SCCs) or transfers to countries recognised as providing adequate protection

For transfers from India (once the Digital Personal Data Protection Act, 2023 is enforced), we will comply with applicable cross-border transfer rules

We require our third-party processors to implement contractual and technical safeguards to ensure an adequate level of protection for your personal data.

8. Security

We implement appropriate technical and organisational measures to protect your personal data, including:

Encryption of data in transit

Access controls and authentication

Monitoring and logging for unauthorised activity

However, no system is completely secure. You are responsible for safeguarding your login credentials.

9. Children's Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may revise this Policy from time to time. We will notify you of material changes via our Website or by email. Your continued use of the Services constitutes acceptance of the revised Policy.

11. Contact

For any privacy-related questions or concerns, please contact us:

Email: privacy@plexe.ai