Skip to main content

Legal

Privacy Policy

Last updated: June 24, 2026

1. Who We Are

Plexa Trust (“we”, “us”, “our”) operates the website and platform at plexatrust.com. For privacy enquiries contact [email protected] or use our contact form.

2. Information We Collect

Account data: name, email address and password (stored as a secure hash).

Website data: URLs you submit for scanning, scan results, findings, settings and generated documents.

Billing data: processed by Stripe — we store customer and subscription IDs, not full card numbers.

Usage data: audit logs, IP addresses for rate limiting, and technical data needed to operate the service.

Communications: messages you send via contact forms or support requests.

Newsletter: if you subscribe in the footer, we store your email address, consent timestamp and an unsubscribe token. We use this only to send occasional product updates you opted into. You can unsubscribe via the link in every email or our unsubscribe page.

3. How We Use Your Information

4. Legal Basis (UK/EU)

We process data on the basis of contract (providing the service), legitimate interests (security and improvement), and consent where required (e.g. optional marketing emails).

5. Sharing Your Data

We do not sell your personal data. We share data only with processors needed to run the service — for example Stripe (payments), email delivery providers, and OpenAI (when you use AI features). All processors are bound by appropriate agreements.

6. Retention

We retain account and scan data while your account is active. Newsletter emails are kept until you unsubscribe. You may delete websites from your dashboard. On account deletion request we will remove or anonymise personal data unless retention is required by law.

7. Security

We use HTTPS, hashed passwords, prepared database statements, access controls and industry-standard hosting practices. No method of transmission over the internet is 100% secure.

8. Your Rights

Depending on your location you may have rights to access, rectify, erase, restrict, port or object to processing of your data, and to withdraw consent. Contact us to exercise these rights.

9. International Transfers

Some processors may process data outside the UK/EEA. Where this occurs we ensure appropriate safeguards are in place.

10. Cookies

See our Cookie Policy for details on cookies and similar technologies.

11. Changes

We may update this policy. Material changes will be posted on this page with an updated date.

12. Contact

Privacy questions? Contact us or email [email protected].