PlainOpsJoin beta
Privacy

Privacy Policy

How P&B Perspective Ltd, trading as PlainOps, handles your data during our private beta. Plain English, UK GDPR aligned.

Last updated: 9 June 2026

This is a practical privacy policy for our private beta. It is written to be honest and current; as the product grows we will keep it updated and have it reviewed. It does not replace formal legal advice for your own circumstances.

Who we are

The data controller is P&B Perspective Ltd (company number 11340172), trading as PlainOps. Registered office: 5 Jardine House Harrovian Business Village, Bessborough Road, Harrow, England, HA1 3EX. You can contact us about privacy at privacy@plainops.ai.

What data we process

We keep what we process deliberately small:

  • Xero accounting data (read-only). When you connect Xero via OAuth, we read accounting evidence: bills, invoices, payments, vendor names, amounts, and billing cadence. We do not receive your Xero password, and we request no write scopes.
  • Website and contact data. If you ask for a waste check or contact us, we process the details you submit through our intake form — typically your name, work email, company, and any message. The intake form is currently hosted on Google Forms.
  • Basic technical data. Standard server and hosting logs (such as IP address and request data) generated by our hosting provider to deliver and secure the site.

What we use it for, and our lawful basis

  • To provide the waste check — reading your Xero evidence and producing your report. Lawful basis: performance of, or steps prior to, a contract, and our legitimate interests in operating the beta.
  • To respond to enquiries and run the beta — lawful basis: legitimate interests and, where relevant, your consent.
  • To keep the service secure and working — lawful basis: legitimate interests.

Where we rely on consent (for example, beta updates by email), you can withdraw it at any time.

Processors and subprocessors

We use a small number of trusted providers to run PlainOps, for example website hosting, the intake form, and Xero as the accounting data source you connect. These providers process data on our instructions. We keep an up-to-date list of subprocessors — ask us at privacy@plainops.ai for the current list. We do not sell your data.

Retention

We keep Xero-derived data only as long as needed to produce and discuss your report during the beta, and then delete or anonymise it on request or when it is no longer needed. Contact and enquiry data is kept while we are in touch about the beta. You can ask us to delete your data at any time.

Your rights

Under UK GDPR you have the right to access, rectification, erasure, restriction, objection, and data portability, and the right to withdraw consent where we rely on it. To exercise any of these, email privacy@plainops.ai. You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk.

Security boundaries

PlainOps is read-only by design. We authenticate through Xero’s official OAuth flow, so no passwords are shared with us; we request no write scopes; we make no changes, cancellations, or payments in your accounting; and you can revoke access in Xero at any time. We take reasonable technical and organisational measures to protect data, though no online service can promise perfect security.

International transfers

Some providers may process data outside the UK. Where that happens, we rely on appropriate safeguards (such as UK-approved transfer mechanisms) offered by those providers.

Changes

We may update this policy as PlainOps develops. We will change the “last updated” date above when we do.

Contact

P&B Perspective Ltd, trading as PlainOps — privacy@plainops.ai. Registered office: 5 Jardine House Harrovian Business Village, Bessborough Road, Harrow, England, HA1 3EX.

PlainOps is a trading name of P&B Perspective Ltd, company number 11340172.