Plumb Logo

Privacy Policy

Last Updated: November 3, 2025

1. Introduction

Welcome to Plumb ("we," "our," or "us"). Plumb Software Inc. is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our construction project management and payment platform.

By using Plumb, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Company Information

Plumb Software Inc.

135 N 200 E, Lindon, UT 84042

Email: contact@buildwithplumb.com

For privacy-related inquiries and to exercise your privacy rights, please contact: privacy@buildwithplumb.com

3. Information We Collect

3.1 Information You Provide Directly

We collect information that you provide directly to us, including:

  • Account information (name, email address, phone number, company name)
  • Profile information (business details, company size, role)
  • Payment information (processed securely through Stripe)
  • Project and work order data (project names, descriptions, timelines, budgets)
  • Communication data (messages, support requests, feedback)
  • Documents and files you upload to the platform

3.2 Information Collected Automatically

When you use our services, we automatically collect:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent on platform)
  • Log data (access times, error logs, performance data)
  • Cookies and similar tracking technologies (see Cookie Policy below)

3.3 Information from Third Parties

We may receive information from third-party services, including:

  • Authentication providers (Supabase)
  • Payment processors (Stripe)
  • Analytics services (Datadog)

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process payments and transactions securely
  • Create and manage your account
  • Enable project and work order management features
  • Communicate with you about your account and our services
  • Provide customer support and respond to your requests
  • Detect, prevent, and address fraud and security issues
  • Comply with legal obligations and enforce our terms
  • Analyze usage patterns to improve user experience
  • Send you important updates, notifications, and administrative messages

5. Payment Processing

We use Stripe as our third-party payment processor. When you make or receive payments through Plumb:

  • Payment card information is collected and processed directly by Stripe in compliance with PCI-DSS standards
  • We do not store your complete payment card information on our servers
  • Stripe's use of your payment information is governed by their Privacy Policy at https://stripe.com/privacy
  • We receive limited payment information from Stripe (such as the last four digits of your card and transaction status) for account management purposes
  • By using our payment features, you authorize us to share your information with Stripe as necessary to process payments

6. How We Share Your Information

We may share your information in the following circumstances:

6.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our platform:

  • Stripe - Payment processing
  • Supabase - Authentication and database services
  • Gigalixir - Backend infrastructure hosting
  • Vercel - Frontend hosting and deployment
  • Datadog - Analytics, monitoring, and performance metrics

6.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

6.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal requests by public authorities
  • Court orders or subpoenas
  • Requests to comply with legal process
  • Situations involving potential threats to safety

6.4 With Your Consent

We may share your information for other purposes with your explicit consent.

7. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction:

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on data protection and security best practices

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Factors we consider in determining retention periods include:

  • The length of time you use our services
  • Whether you have an active account with us
  • Legal obligations to retain data (tax, accounting, legal requirements)
  • Business needs for record-keeping and audit purposes
  • Dispute resolution and enforcement of our agreements

When we no longer need your information, we will securely delete or anonymize it.

9. Your Privacy Rights

9.1 General Rights

You have the following rights regarding your personal information:

  • Access: Request access to the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Data Portability: Request a copy of your data in a structured, machine-readable format
  • Objection: Object to our processing of your personal information
  • Restriction: Request restriction of processing of your information

9.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and disclose
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (Note: We do not sell your personal information)
  • Right to non-discrimination for exercising your CCPA rights

9.3 GDPR Rights (European Residents)

While we primarily serve U.S. customers, if you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

9.4 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@buildwithplumb.com. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our platform and hold certain information. Cookies are files with small amounts of data that are sent to your browser from a website and stored on your device.

Types of Cookies We Use:

  • Essential Cookies: Required for the platform to function properly (authentication, security)
  • Performance Cookies: Help us understand how users interact with our platform (analytics)
  • Functionality Cookies: Remember your preferences and settings

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our platform.

Third-party services we use that may set cookies include:

  • Stripe (for payment processing)
  • Datadog (for analytics and monitoring)

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and you become aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

12. Third-Party Links

Our platform may contain links to third-party websites or services that are not owned or controlled by Plumb. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

13. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. Our servers and service providers are primarily located in the United States.

By using our services, you consent to the transfer of your information to the United States and other countries where we operate. We will take reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy.

14. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this policy.

We will notify you via email and/or a prominent notice on our platform prior to the change becoming effective. You are advised to review this Privacy Policy periodically for any changes.

Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the platform after any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide by the modified Privacy Policy.

15. Do Not Track Signals

We do not currently respond to Do Not Track (DNT) signals from browsers. We may adopt a DNT standard if and when one is established for internet-wide use.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Plumb Software Inc.

135 N 200 E, Lindon, UT 84042

General Inquiries: contact@buildwithplumb.com

Privacy Rights: privacy@buildwithplumb.com