This privacy policy explains how Datplan DataPull handles account information, source access, provider data, support information, and the third-party services used to provide the app and website.
Last updated: 12 June 2026
Datplan DataPull is a privacy-first desktop app for authorised business API pulls, built-in ETL, full and incremental pulls, BI-ready reporting, dashboards, audit output, reconciliation logs, and exports. Users choose a supported source, authorise access to that source, select the relevant tenant or account where applicable, and run pulls for reporting and analysis.
The app is designed so source datasets are downloaded through the desktop app to the user’s local PC and local app database. Datplan does not operate as a cloud-hosted analytics warehouse for provider datasets.
Datplan DataPull only accesses source data after the user authorises access through the relevant provider flow. The exact data available depends on the provider, the connected account or tenant, the authorised scopes, the selected source, and the plan tier.
Xero data may include organisation and tenant details, accounting contacts, invoices, bills, credit notes, payments, bank transactions, accounts, tax rates, tracking categories, journals, reports, attachments metadata where authorised, and related accounting records needed for reporting, reconciliation, dashboards, exports, and fact/dimension outputs.
HubSpot data may include account and portal details, contacts, companies, deals, tickets, owners, pipelines, stages, properties, lists, activities, engagements, notes, and related CRM records needed for reporting, dashboards, exports, reconciliation support, and fact/dimension outputs.
Provider source datasets are downloaded to the user’s local PC and stored in the app’s local database and output files for modelling, dashboards, ETL outputs, exports, audit review, and reconciliation work.
Users are responsible for protecting their own device, user profile, local app files, exported files, backups, and any reports or datasets created from the app. If a user deletes the app, local files, exports, or local database files, those local copies may be removed from that device according to the user’s own device and backup settings.
Datplan may store account, access, billing, and usage information needed to operate the service. This may include user identifiers, email address, sign-in claims or identity references, selected source ID, provider tenant or account ID, source tier, billing state, usage counters, allowance checks, execution state, run status, error state, cancellation state, renewal dates, and support communications.
This information is used to provide sign-in, source access, billing checks, usage limits, run tracking, support, product communications, fraud prevention, security, and service administration.
Xero and HubSpot access uses user-authorised OAuth or provider-authorised access flows where supported. Users grant Datplan DataPull permission to access the selected provider account or tenant. Access tokens and refresh tokens are handled securely and are used to request authorised data from the provider. Tokens are not shown in the website, support pages, or public app screens.
Users can remove provider access by revoking the app from the relevant provider account settings where the provider supports revocation. Datplan may also remove stored access records as part of an account deletion or support request, subject to legal, security, and operational retention requirements.
If you join the waitlist or contact Datplan, Datplan may collect the information submitted in the form or email, such as name, email address, company, role, interested source, expected plan, message, and support details. This information is used to respond to enquiries, provide product updates, manage waitlist interest, and support users.
Do not send access tokens, refresh tokens, OAuth codes, provider secrets, raw local databases, confidential client records, or screenshots containing sensitive identifiers unless Datplan specifically requests them through an appropriate support route.
Datplan does not sell user data or provider source data. Datplan does not use provider datasets for advertising resale or third-party data brokerage.
Datplan may share limited information with service providers only where needed to operate the app, website, billing, support, security, or source access. Datplan may also disclose information where required by law, regulation, court order, security investigation, fraud prevention, or to protect the rights and safety of Datplan, users, or others.
Provider datasets downloaded to the local PC remain under the user’s control on that device. Datplan cannot automatically remove every local export, backup, report, or local database copy created by the user outside the app’s controlled workflows.
Datplan retains account, billing, source access, usage, execution, support, and waitlist records for as long as needed to provide the service, resolve support issues, comply with legal and accounting duties, prevent fraud, maintain security, and manage disputes. Users may request deletion or access support by contacting info@datplan.com. Some records may need to be retained where required for legal, tax, accounting, security, or dispute-resolution purposes.
Datplan uses technical and organisational controls designed to protect account access, source access, usage records, and support data. These controls include access controls, provider authorisation flows, secure handling of tokens, separation between public website content and private service operations, and restricted support guidance that discourages users from sending secrets or raw sensitive files.
No software or online service can guarantee absolute security. Users should keep their device, operating system, sign-in details, provider accounts, and local files secure.
Datplan may use third-party services to provide the website, app distribution, account access, source authorisation, hosting, billing, email, support, and analytics. These may include Netlify for website hosting, Amazon Web Services for cloud service operations, Microsoft Store for app distribution where applicable, Stripe for payments when checkout is enabled, Xero for authorised Xero source access, HubSpot for authorised HubSpot source access, email service providers for communications, and privacy-conscious analytics services if enabled.
Each third-party service processes information according to its own terms, privacy policy, and role in the service. Datplan aims to limit third-party processing to what is needed for the product, website, billing, source access, security, support, and legal obligations.
For privacy questions, support requests, or deletion enquiries, contact info@datplan.com.