Plan Pullby Wolf AI

Legal · Plan Pull · A Wolf AI company

Privacy Policy

Last updated: April 27, 2026

This Privacy Policy describes how Wolf AI, Inc (“Wolf AI”, “we”, “us”) collects, uses, and protects information when you use Plan Pull (the “Service”), available at planpull.ai and app.planpull.ai. By using the Service, you agree to this policy.

The short version

  • We don’t sell your data. Ever. Not to advertisers, not to brokers, not to anyone.
  • We don’t train AI on your plans. The construction documents you upload are yours — full stop.
  • You can delete everything. Plans, account, takeoffs, proposals — gone, including from our backups within 30 days.
  • Encrypted at rest and in transit. Standard industry encryption on every file you upload.
  • Scoped to your account. No other Plan Pull user can see your work.

What we collect

Account information

When you sign up, we collect your email address, name (if provided), and any authentication identifiers from your sign-in provider (Google OAuth, etc.). Authentication is handled by Clerk; see Clerk’s privacy policy for details on how authentication data is processed.

Plans + takeoff documents

When you upload a construction plan or other document, we store the file in our cloud storage (Vercel Blob), scoped to your account. We also store metadata you provide — trade selection, scope, project name, ZIP code, custom requests. These are used solely to generate your takeoff and proposals; they are not shared with third parties.

Usage data

We collect basic usage data to operate the Service: pages visited, actions taken, error logs. We use Vercel Analytics for aggregate page views (no personal identifiers). We do not use third-party advertising trackers.

Payment information

When you subscribe, payment information is processed by Stripe. We never see or store your full credit card number. We retain only the last four digits, card brand, expiration, and a Stripe customer ID for billing purposes.

How we use your information

  • To provide the Service — generating takeoffs, proposals, and reports
  • To communicate with you about your account, billing, or important Service updates
  • To improve the Service — diagnosing bugs, monitoring performance
  • To comply with legal obligations

We do not use your plans, takeoffs, or proposals to train any artificial intelligence or machine-learning model. Period.

How we share your information

We share information only with service providers who help us operate Plan Pull, under strict data-protection agreements:

  • Vercel (hosting, file storage, analytics)
  • Clerk (authentication)
  • Stripe (payment processing, when paid plans are active)
  • Resend (transactional email — account confirmations, takeoff-ready notifications)
  • Anthropic (AI model used to read plans — content is processed but not retained or used for training, per Anthropic’s data usage policy)

We may also disclose information if required by law (subpoena, court order, valid legal request). We will tell you about any such request unless legally prohibited from doing so.

Your rights

  • Access — request a copy of all data we have on you
  • Deletion — delete your account and all associated data anytime from your account settings, or by emailing us
  • Correction — update inaccurate information about you
  • Portability — export your takeoffs and proposals as PDFs anytime
  • Opt-out — unsubscribe from non-transactional emails (we’ll still send billing + critical Service emails)

California residents have additional rights under the CCPA. EU/UK residents have rights under GDPR. Email hello@planpull.ai with your request — we respond within 7 days.

Data retention

We keep your plans, takeoffs, and proposals as long as your account is active. After account deletion, we permanently remove your data from production systems within 7 days and from backups within 30 days. Anonymized aggregate usage logs (no personal identifiers) may be retained longer for service-improvement purposes.

Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Authentication uses industry-standard OAuth and session-token protocols via Clerk. We restrict employee access to user data on a need-to-know basis, with audit logging.

No system is 100% secure. If we ever experience a security incident affecting your data, we’ll tell you within 72 hours of discovery.

Children

Plan Pull is not intended for users under 18. We do not knowingly collect data from children.

Changes to this policy

We may update this policy. Material changes will be announced via email and posted here at least 30 days before taking effect.

Contact

Questions, requests, or concerns:
Wolf AI, Inc
Pleasanton, California, USA
hello@planpull.ai