Plentiful logo plentiful

Privacy Policy

Last updated: 20th March 2026

1. Introduction

Plentiful ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (getplentiful.com) (the "Site") or use our application (the "App") and tell you about your privacy rights and how the law protects you.

2. Information We Collect

We collect and process the following categories of personal data:

  • Account Data: your email address and a securely hashed password, collected when you register for an account.
  • Financial Data: bank account details and transaction data, which we access through our authorised open banking provider with your explicit consent. We do not store your bank login credentials.

We do not collect names, usernames, or any analytics, advertising, or usage tracking data.

Error Monitoring Data: To maintain service reliability, we use Sentry to capture technical error information when something goes wrong. This may include stack traces, request URLs, and browser or operating system type. This data is used solely for diagnosing and resolving technical issues and does not contain any personally identifiable information (PII) or financial data.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you (providing the Plentiful service).
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

4. Disclosures of Your Personal Data

We may share your personal data with the following parties:

  • Service Providers: We use third-party service providers to help us provide the Service, such as:
    • An authorised open banking provider for securely connecting your bank accounts.
    • Database and hosting providers (e.g., Cloudflare).
    • Error monitoring services (Sentry, hosted in the EU) for diagnosing technical issues. No personally identifiable information or financial data is sent to Sentry.
  • Professional Advisers: acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
  • Regulators: and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances.

5. Data Security

We use zero-knowledge encryption to protect your personal and financial data. Your data is encrypted using AES-256-GCM with a key derived from your password, which means that neither we nor anyone who gains access to our database can read your information. We limit access to your data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

For a full explanation of how we encrypt your data, please visit our Data Security page.

6. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.

If you wish to exercise any of the rights set out above, please contact us.

7. Contact Details

If you have any questions about this privacy policy or our privacy practices, please contact us at:

Plentiful
Email: support@getplentiful.com