Ploro AI logo

Legal information

Privacy Policy

Overview of how PloroAI processes account, billing, project, uploaded file, AI, payment, and support data.

Controller

The controller for this service is Živić Elektro j.d.o.o., OIB/VAT ID HR90344764519, 204. vukovarske brigade 39, 32000 Vukovar, Hrvatska. Privacy requests can be sent to contact@ploroai.io.

  • Product name: PloroAI
  • Service type: SaaS application for AI-assisted electrical quote preparation
  • Contact email: contact@ploroai.io

Personal data collected

PloroAI collects data needed to create accounts, provide the SaaS service, analyze uploaded files, prepare quotes, manage subscriptions, process invoices, and protect the service.

  • Account data: name, email, password hash, session and settings data
  • Billing profile data: billing name, company, OIB/VAT/tax identifiers where provided, address, country, billing email, customer type
  • Project data: project names, client names, object type, areas, project status, rooms, materials, quotes, and exports
  • Uploaded files: floor plans and project documentation PDFs
  • Generated data: AI analysis results, room data, material and labor candidates, quote data, PDF and Excel exports
  • Payment/subscription data: Stripe customer, checkout, subscription, payment, and invoice identifiers
  • Technical/security data: logs, rate-limit data, IP or request metadata where applicable
  • Password reset metadata: email delivery and reset-token metadata without exposing token values

Purposes of processing

Data is processed for operating the product, fulfilling subscriptions, generating project outputs, and meeting security, support, and accounting needs.

  • Account creation, authentication, password reset, and account management
  • Providing project, floor-plan, material, quote, PDF, and Excel workflows
  • AI analysis of uploaded floor plans and project documentation
  • Candidate review and accepted material import into quotes
  • Billing, subscription management, and Stripe payment handling
  • Manual invoice processing and accounting workflow where applicable
  • Support, contact, complaints, and product feedback
  • Security, abuse prevention, rate limiting, troubleshooting, and legal/accounting obligations

Legal bases

The legal bases may include contract performance, legal obligations, legitimate interests, and consent where applicable.

  • Contract performance for account access, SaaS functionality, subscriptions, and support
  • Legal obligations for billing, accounting, tax, and invoicing records
  • Legitimate interest for security, abuse prevention, service improvement, and support
  • Consent where optional cookies, future analytics, or similar optional processing are introduced

Processors and subprocessors

The service uses or may use third-party processors for infrastructure, payments, AI analysis, and email.

  • Hosting, database, and storage provider, including Supabase or equivalent configured infrastructure
  • Stripe for card payments, checkout, subscriptions, and customer portal
  • OpenAI or another AI service provider for analysis of uploaded plans and project documents
  • SMTP/email provider for password reset and service emails
  • Analytics are not currently described as active; if added later, this policy must be updated

Storage and infrastructure region

Project data and uploaded files are stored on cloud infrastructure configured for the application, with access controls and provider safeguards.

  • Uploaded project files and generated data are stored through configured cloud infrastructure
  • Infrastructure regions depend on the configured hosting, database, storage, AI, and payment providers
  • AI and payment providers may process data through their own infrastructure and safeguards

Data retention

Data is generally kept only as long as needed for the service, legal/accounting duties, security, backups, and support.

  • Account data while the account exists or while needed for legitimate support/security needs
  • Billing and accounting records according to applicable legal and accounting retention periods
  • Project data until user deletion or account closure, subject to backups and legal obligations
  • Rate-limit, security, and operational logs for a limited operational period

GDPR rights

Subject to legal conditions, users may exercise GDPR rights by contacting contact@ploroai.io. Users also have the right to lodge a complaint with the Croatian data protection authority, AZOP.

  • Access to personal data
  • Correction of inaccurate or incomplete data
  • Deletion where applicable
  • Restriction of processing
  • Objection to processing where applicable
  • Data portability where applicable
  • Withdrawal of consent where processing is based on consent
  • Complaint to AZOP, the Croatian Personal Data Protection Agency

International transfers

Some providers, including AI or payment providers, may process data outside the EU/EEA under appropriate safeguards where applicable. This must be verified in final processor documentation.

  • Some processing may depend on provider infrastructure outside the EU/EEA
  • Provider safeguards and transfer mechanisms depend on the applicable processor terms

Privacy contact

For privacy requests, account-data questions, project deletion requests, or processor questions, contact PloroAI at contact@ploroai.io.

  • Include the account email related to the request
  • Do not send passwords or sensitive access tokens by email

Questions about these terms?

Use the contact email for privacy requests, written complaints, billing questions, or legal/informational page corrections.

contact@ploroai.io