Privacy Policy

Last updated: October 9, 2025

1. Introduction

LowerPlane ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance automation platform and related services.

2. Information We Collect

2.1 Information You Provide

  • Account information (name, email, company)
  • Billing and payment information
  • Communications with us (support tickets, emails)
  • Compliance documentation and evidence uploaded to the platform

2.2 Information Collected Automatically

  • Device and browser information
  • IP address and location data
  • Usage data and analytics
  • Cookies and similar tracking technologies

2.3 Information from Integrations

  • Data from connected third-party services (AWS, Okta, etc.)
  • Configuration and security settings
  • User access logs and audit trails

3. How We Use Your Information

  • Provide and maintain our compliance automation services
  • Process your transactions and send related information
  • Send administrative information, updates, and security alerts
  • Respond to your inquiries and provide customer support
  • Monitor and analyze usage trends and preferences
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our terms

4. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption at rest and in transit (TLS 1.3, AES-256)
  • SOC 2 Type 2 certified infrastructure
  • Multi-factor authentication (MFA) enforcement
  • Regular security audits and penetration testing
  • Role-based access controls (RBAC)
  • Automated backup and disaster recovery

5. Data Retention

We retain your information for as long as your account is active or as needed to provide services. After account termination, we retain data for 90 days before permanent deletion, unless required by law to retain longer.

6. Your Rights

Depending on your location, you may have the following rights:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability
  • Withdraw consent

To exercise these rights, contact us at privacy@lowerplane.com

7. International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

8. Cookies

We use cookies and similar tracking technologies to improve your experience. You can control cookie preferences through your browser settings. See our Cookie Policy for more details.

9. Third-Party Services

Our platform integrates with third-party services. We are not responsible for the privacy practices of these services. Please review their privacy policies separately.

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected such information, contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or platform notification. Continued use after changes constitutes acceptance.

12. Contact Us

If you have questions about this Privacy Policy, contact us at:

LowerPlane

Email: privacy@lowerplane.com