Privacy Policy

Pluto ("we", "us", "our") operates the Pluto mobile app and web dashboard at plutosuite.com. We provide bookkeeping, expense tracking, invoicing, mileage tracking, and payroll tools for small businesses.

For questions about this policy, contact us at privacy@plutosuite.com.

We collect information in three ways: information you provide, information generated by your use of the service, and information from third-party integrations.

Account & Identity

• Name, email address, phone number
• Business name, address, ABN/business number, website
• Profile and business logo images
• Authentication credentials (managed securely by Firebase Authentication)

Financial Data

• Receipts — images, PDFs, and the data extracted from them (merchant, amount, date, GST/tax)
• Transactions — amounts, descriptions, categories, dates
• Invoices — customer names, line items, payment status
• Bank account data synced via Plaid (see Section 5)
• Expense categories, labels, and tags you create

Location & Trip Data

• GPS coordinates recorded during active trip tracking sessions
• Trip start/end points, route, distance (km/miles), and duration
• Trip purpose, categories, and notes you add
• Location is only collected while you have an active trip recording — we do not track you in the background

Team & Labour Data

• Team member names, email addresses, and roles
• Shift times, durations, break periods, and notes
• Hourly wage rates (stored encrypted)
• Clock-in and clock-out timestamps

Usage & Device Data

• App and feature usage patterns (for improving the product)
• Device type, OS version, and app version
• Crash reports and error logs
• IP address and general geographic region

We use the information we collect solely to operate and improve Pluto. Specifically:

• Provide, maintain, and improve the Pluto service
• Process and categorise your receipts, transactions, and invoices
• Generate financial reports, summaries, and GST/tax estimates
• Track mileage and calculate reimbursable distances
• Sync your bank transactions via Plaid
• Send invoices to your customers on your behalf
• Manage your team's schedules and payroll estimates
• Send you important notifications (shift reminders, payment confirmations)
• Detect and prevent fraud or unauthorised access
• Comply with legal obligations

We do not use your financial data to train AI models, sell to data brokers, or serve advertising. Your data is yours.

We do not sell your personal information. We share data only in the following limited circumstances:

Service Providers

We work with a small number of trusted third-party providers to operate the service. Each is bound by data processing agreements and may only use your data as directed by us:

• Firebase (Google) — authentication, push notifications, and crash reporting. Firebase processes your email and device identifiers.
• Plaid — bank account connectivity. Plaid connects directly to your financial institution; we receive transaction data but never your banking credentials. Plaid's privacy policy applies to this connection.
• Google Cloud Vision / Tesseract — OCR processing of receipt images. Receipt images are sent to our OCR pipeline; we do not store raw images on third-party servers beyond processing.
• Amazon Web Services — cloud infrastructure and file storage for receipt images, logos, and exports.
• Cloudflare — CDN and DDoS protection for our API and web app.

Within Your Business

If you use Pluto in a team, other members of your business can see the data you've shared within your account, subject to role-based access controls. Owners and Managers can see all data; Employees can only access data appropriate to their role.

Legal Requirements

We may disclose information if required to do so by law, court order, or a government authority, or to protect the rights, property, or safety of Pluto, our users, or the public.

When you connect a bank account, Plaid acts as the intermediary between Pluto and your financial institution. Pluto receives read-only transaction data — we never store your bank login credentials. You can revoke bank access at any time from the Finance Settings screen in the app, which calls Plaid's item removal API and stops further syncing.

Plaid's use of your data is governed by Plaid's End User Privacy Policy.

Pluto records GPS coordinates only when you explicitly start a trip recording session. We use device location services in "always on" mode during an active trip to capture the route accurately, but this stops the moment you end the trip. We do not collect background location data outside of active trips.

Trip GPS coordinates are stored on our servers to generate your route map and calculate distance. You can delete individual trips at any time, which permanently removes the associated GPS data.

• Active accounts: We retain your data for as long as your account is active and for a reasonable period afterward to allow you to recover it.
• Deleted items: When you delete a receipt, trip, or invoice, it is marked as deleted and excluded from views. It is permanently purged from our databases within 30 days.
• Account deletion: When you close your account, your personal data is deleted within 30 days. We may retain anonymised aggregate data (e.g. total transaction counts) that cannot be linked back to you.
• Legal hold: In certain cases (e.g. ongoing legal disputes), we may be required to retain data for longer periods.

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you.
• Correction: Ask us to correct inaccurate or incomplete data.
• Deletion: Request that we delete your personal data ("right to be forgotten"). You can delete your account directly from the app settings, or contact us.
• Portability: Request an export of your data in a machine-readable format (CSV export is available in-app for receipts and trips).
• Objection: Object to certain types of processing, including direct marketing (we don't do this, but you have the right regardless).
• Withdrawal of consent: Where processing is based on consent (e.g. push notifications), you can withdraw consent at any time via device settings.

To exercise any of these rights, contact us at privacy@plutosuite.com. We will respond within 30 days.

We implement industry-standard security measures to protect your data, including TLS encryption in transit, AES-256 encryption at rest, role-based access controls, and regular security reviews. For a full overview of our security practices, see our Security page.

Pluto is not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or an in-app notification at least 14 days before the changes take effect. Continued use of Pluto after the effective date constitutes acceptance of the updated policy.

For privacy-related questions, requests, or concerns: