Last updated: July 2022
The privacy of your data — and it is your data, not ours! — is a big deal to us. We’ll only ever access your account to help you with a problem or squash a software bug.
When you sign up for Plinth, we ask for your name, organisation name, and email address. That's just so you can personalize your new account, and we can send you invoices, updates, or other essential information. We’ll never sell your personal info to third parties without your permission, and we won’t use your name or company in marketing statements without your permission, either.
When you pay for Plinth, we may ask for your credit/debit card details, billing address or bank details. That's so we can charge you for service, calculate taxes due, and send you invoices. Your card details and/or bank details are passed directly to our payment processor and don't ever go through our servers. We store your billing address to detect fraudulent credit card transactions, and to print on your invoices.
When you write Plinth with a question or to ask for help, we'll keep that correspondence, and the email address, for future reference. When you browse our marketing pages, we'll track that for statistical purposes (like conversion rates and to test new designs). We also store any information you volunteer, like surveys, for as long as it makes sense.
The only times we’ll ever share your info:
You may have heard about the General Data Protection Regulation (“GDPR”). GDPR gives people under its protection certain rights with respect to their personal information collected by us on the Site. Accordingly, Plinth recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:
Many of these rights can be exercised by signing in and directly updating your account information. We also provide a way for you to easily provide these rights to any of your organisation’s contacts. If you have questions about exercising these rights or need assistance, please contact us at privacy@plinth.org.uk.
As part of the services we provide, and only to the extent necessary, we may use certain third party processors to process some or all of your personal information. For identification of these processors, and where they are located, please see our Subprocessor listing.
Plinth won’t hand your data over to third parties including the police or other similar agencies unless a court order says we have to, unless we're legally prevented from it, we’ll always inform you when such requests are made.
All data is encrypted via SSL/TLS when transmitted from our servers to your browser. All data is encrypted at rest in both our databases and our backups. For more detail on Plinth’s security, scale and resilience see here.
When you cancel your account, we'll ensure that nothing is stored on our servers past 30 days. Anything you delete on your account while it's active, is stored in our recovery log for 90 days and held in backups for 1 year, after which time it is completely deleted. This allows for recovery of accidentally deleted data.
This Site is operated in the UK, and our data is held and processed inside the UK and the European Union.
If you are being asked by a funder to share your data with them, we have an FAQ here.
Plinth may update this policy once in a blue moon — we’ll notify you about significant changes by emailing the account owner or by placing a prominent notice on our site. You can access, change or delete your personal information at any time by contacting our support team.
Questions about this privacy policy? Please get in touch and we’ll be happy to answer them!