Your Privacy Matters

Privacy Policy

Last updated: November 7, 2025

Our Commitment to Your Privacy

At PlabIQ, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered compliance analysis service.

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

Information We Collect

1.1 Information You Provide to Us

Account Information

  • Name and email address
  • Password (encrypted and hashed)
  • Company/business name (optional)
  • Profile picture (if using Google OAuth)

Payment Information

  • Billing details processed securely through Stripe
  • We do NOT store credit card numbers on our servers
  • Payment history and transaction records

Product Label Data

  • Product label images you upload
  • Product names and categories
  • Target marketplaces (USA, UK, Germany)
  • Scan results and compliance reports

Communications

  • Support requests and correspondence
  • Feedback and survey responses
  • Email preferences and notifications

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent, scan history
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, referring URLs
  • Cookies: Session cookies, preference cookies, analytics cookies

1.3 Information from Third Parties

  • Google OAuth: Name, email, profile picture (if you sign in with Google)
  • Stripe: Payment processing and transaction data
  • Analytics Services: Aggregated usage statistics

How We Use Your Information

We use the information we collect for the following purposes:

To Provide Our Service: Process label scans, generate compliance reports, manage your account
To Process Payments: Handle subscriptions, process transactions, send invoices
To Communicate: Send welcome emails, password resets, team invitations, service updates
To Improve Our Service: Analyze usage patterns, train AI models, fix bugs, develop new features
To Ensure Security: Detect fraud, prevent abuse, protect against security threats
To Comply with Legal Obligations: Respond to legal requests, enforce our Terms of Service

AI Model Training

We may use anonymized, aggregated data from label scans to improve our AI compliance algorithms. Individual product labels are never shared publicly or with third parties.

How We Share Your Information

We do NOT sell your personal information. We may share your information in the following circumstances:

Service Providers

We work with trusted third-party service providers:

  • Stripe: Payment processing
  • Resend: Transactional emails
  • Anthropic (Claude AI): AI-powered label analysis
  • Railway/Hosting: Infrastructure and database hosting
  • MinIO: Secure file storage

Team Members

If you're on a Deluxe or One-Time plan, your scan results may be visible to other team members in your workspace.

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted over HTTPS/TLS. Passwords are hashed with bcrypt.
  • Access Controls: Role-based permissions. Multi-factor authentication available.
  • Secure Storage: PostgreSQL database with encryption at rest. MinIO for file storage.
  • Monitoring: Regular security audits and vulnerability scanning.

Important Note

While we implement strong security measures, no system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

  • Account Data: Retained while your account is active, plus 90 days after deletion
  • Scan Results: FREE plan - 30 days; Deluxe - unlimited; One-Time - 30 days
  • Payment Records: Retained for 7 years for tax and accounting purposes
  • Support Communications: Retained for 2 years
  • Analytics Data: Aggregated data retained indefinitely

You can request deletion of your data at any time by contacting support. Some data may be retained as required by law or for legitimate business purposes.

Your Privacy Rights

Depending on your location, you may have the following rights:

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information (subject to legal requirements)
Portability: Request a copy of your data in a machine-readable format
Opt-Out: Unsubscribe from marketing emails (transactional emails cannot be opted out)
Restrict Processing: Request limitation on how we use your information
Object: Object to processing of your information for certain purposes

To exercise these rights, please contact us at privacy@plabiq.com. We will respond within 30 days.

Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies

Required for authentication, security, and basic functionality. Cannot be disabled.

Analytics Cookies

Help us understand how you use our Service to improve performance and features.

Preference Cookies

Remember your settings like theme preference and language.

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete it.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

For users in the European Economic Area (EEA), we comply with GDPR requirements for international data transfers.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on our Service at least 30 days before the changes take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

Contact Us About Privacy

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Officer: privacy@plabiq.com

Support: support@plabiq.com

Website: www.plabiq.com

Data Protection Rights: If you are located in the EEA or UK, you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.