Privacy & Security

Your data stays yours.

PLUMdata processes your file metadata in session to generate naming suggestions nothing is stored once that session ends. We dont sell your data, we dont train AI on it, and we dont share it with third parties. Designed with the principles of GDPR and CCPA in mind.

The short version

Session-only processing
File data lives in memory only and is discarded when your session ends
No AI training on your data
Your files are never used to train, fine-tune or evaluate any AI model
No change without explicit approval
Every suggested change is shown to you before anything is applied
No third-party data sharing
We dont sell, share or broker your information under any circumstance
01

The data lifecycle inside PLUMdata

Here is the exact sequence from sign-in through to session end. No gaps, no vague language.

Step by step
1

You connect your storage

You sign in through your storage providers own authorisation flow — Google, Microsoft or Dropbox. We never see your password, only a temporary access token issued directly to us by your provider.
Temporary token only
2

Metadata analysis

PLUMdata reads your file names, folder names and structure the descriptive metadata of your estate. Where the metadata alone is not sufficient context to suggest a good rename, we may briefly process the files content to classify what it is. All of this is handled in memory and never written to disk or stored.
Processed in memory, never stored
3

Naming suggestions generated

The metadata is processed by our AI to generate naming suggestions aligned with the convention you have set. Your data is not used to train, fine-tune or evaluate any AI model — by us or our providers. Once the suggestions are generated the input data is discarded.
Zero AI training on your data
4

You review every change

Every suggested change is presented for your review. You can approve, skip, edit or bulk apply — nothing in your Drive changes until you explicitly approve it.
5

Session data discarded

When your session ends, every piece of data we processed — file names, content, folder structure — is permanently discarded. We retain only your email address and a record of your payment.
Deleted on session end
02

What we never do

Never

Store the content of your files or documents
Train, fine-tune or evaluate AI on your data
Share your data with third parties
Sell or broker your information
Access your storage without explicit permission
Retain your access token beyond the session
Apply any change without your approval

Always

Show every proposed change before it is applied
Provide one-click undo for any applied change
Discard session data the moment your session ends
Process payments via Stripe (PCI-DSS compliant)
Let you revoke access at any time
Respond to data requests within 48 hours
Delete your account record on request
03

Permissions — what we ask for and why

When you connect your storage, your provider will show you a permissions screen. Heres what we actually need each one for.

Read access to your files Requested

Required to read file names, folder structure and — where needed — file content to generate accurate rename suggestions. Nothing is downloaded to any server or written to disk.

Write access to your files Requested

Required to apply renames after you approve them. We use this only to update file names — nothing is moved, deleted or modified without your explicit instruction.

Access to email, calendar or other services Not requested

PLUMdata only touches your file storage. We never request access to email, calendar, contacts or any other service your provider offers.
You can revoke PLUMdatas access at any time through your storage providers account settings. This immediately ends our ability to read or modify anything.
04

What we actually store

Short list.

Your email address Stored

Used to identify your account and send payment receipts. Never shared or sold.

Payment records Via Stripe

Payment processing is handled by Stripe. We keep a record of transactions (amount, date, file count) for receipts. Card details are never held by PLUMdata.

File names, folder names, document content Not stored

Processed in memory during your session only. Gone when youre done.
05

Your data, your control

If youre signed in you can download everything PLUMdata holds or controls about you, or revoke our access and delete your record no email required.

Download your data

A single JSON bundle with your naming convention, usage record, audit log, and index summary all read live from your own Drive.

Delete my account

Revokes PLUMdatas access to your Drive and deletes any Stripe customer record we hold. Your own Drive files are untouched.
All four items in the download convention, usage, audit log, and index also live as plain JSON files in your own Drive (appDataFolder and root). You can open them directly from Drive at any time, with or without PLUMdata.
06

Questions we get asked

Sometimes, where it needs to. If a file name like “New Document (3)” doesn’t give enough context, PLUMdata may briefly process that file’s content to understand what it is. That content is handled in memory and never stored, logged or retained.

Ready to secure and organise your data workspace?