Privacy Policy for Unbrained GmbH

We collect only the data we need to provide, secure, improve, and bill for Pluno. The exact data depends on which Pluno product you use and how it is configured.

For business products, our customer usually decides what data Pluno may access. In that case, we usually process product, ticket, community, or end-user data on behalf of that customer under our agreement with them. For direct consumer Product Agent use, we usually decide how Pluno account and Product Agent usage data is processed.

We may collect the following categories of data:

• Account data, such as name, email address, company, login details, and workspace settings.
• Billing and commercial data, such as plan, usage, invoices, and payment metadata.
• Product data that you or our customers connect to Pluno, described below.
• Content you send to us, such as support messages, demo requests, feedback, files, and attachments.
• Usage and device data, such as IP address, browser, device, pages visited, logs, and diagnostics.
• Cookies and analytics data, where allowed by your choices and applicable law.

Support product. For Zendesk, Intercom, Slack, Jira, Linear, and similar tools, Pluno may process tickets, conversations, customer and agent metadata, comments, attachments, tags, fields, knowledge-base content, escalation records, and integration settings.

Troubleshooting Agent. Pluno may process issue descriptions, ticket context, logs, screenshots, files, device or environment details, knowledge sources, and other information made available through the connections you configure. It may also process generated questions, recommendations, and summaries.

Product Agent. Product Agent may process prompts, chat history, URLs, product origins, page content the agent reads, browser or SDK tool results, action logs, session metadata, and diagnostics. In the browser extension, Product Agent can only be useful when it can access the active product page or website according to the permissions and controls shown to you. In embedded business use, the business that embeds Product Agent controls the product environment and the metadata it sends to Pluno.

Community product. For Discord and Telegram communities, Pluno may process server, channel, group, user, role, message, thread, and bot interaction data where Pluno is installed or configured.

We use data to:

• Provide and operate Pluno products.
• Answer questions, draft responses, summarize issues, troubleshoot problems, and perform requested actions.
• Configure integrations, sync data, route escalations, and maintain knowledge sources.
• Authenticate users, manage workspaces, calculate usage, and process billing.
• Keep Pluno secure, prevent abuse, debug errors, and monitor reliability.
• Improve Pluno, subject to customer agreements, user settings, and applicable law.
• Communicate with you about support, product updates, security, billing, and marketing where permitted.

Pluno products use AI. Some answers, summaries, recommendations, and actions may be generated by AI and should be reviewed where the result matters.

We do not sell personal data. We do not use personal data from Pluno products for personalized advertising.

We may share data with:

• Service providers that help us host, secure, analyze, support, and bill for Pluno.
• AI model providers and infrastructure providers needed to provide Pluno features.
• Connected services you or our customer choose to integrate, such as Zendesk, Discord, Slack, Jira, or Linear.
• Authorities, advisors, or other parties when required by law, security, corporate transactions, or legal claims.

Where required, we use data processing agreements, confidentiality terms, and international transfer safeguards with our providers.

Depending on the context, we process personal data to perform a contract, with your consent, to comply with legal obligations, or for legitimate interests such as security, support, fraud prevention, product operation, and improvement.

We may process and store data in countries outside your country or the European Economic Area. Where required, we use appropriate safeguards such as standard contractual clauses.

We use subprocessors and service providers to operate Pluno. A current subprocessor list is available upon request and is also covered in our DPA where applicable.

We keep personal data only as long as needed for the purposes described in this policy, unless a longer period is required by law, security needs, billing records, backups, or customer agreements.

Business customers may configure or request deletion of customer-controlled product data according to their agreement with us. Consumers may contact us to request deletion of their Pluno account or Product Agent data.

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to the processing of your personal data. You may also have the right to withdraw consent where processing is based on consent.

If your data was processed by Pluno on behalf of a business customer, we may need to direct your request to that customer. To make a request, email privacy@pluno.ai.

We use technical and organizational measures designed to protect personal data, including access controls, encryption, logging, confidentiality obligations, and provider security reviews. No system is perfectly secure, but we work to reduce risk and respond to security issues quickly.

Pluno is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to Pluno, contact us and we will take appropriate steps to delete it.

Controller: Unbrained GmbH, Schwindstr. 23, 84453 Mühldorf am Inn, Germany.

If you have questions, requests, or complaints about privacy at Pluno, contact us at privacy@pluno.ai.

You may also have the right to contact your local data protection authority or privacy regulator.