Privacy Policy

Even Level — operated by Plumbob Software LLC | Effective Date: May 28, 2026 | support@evenlevel.com

Even Level is a B2B SaaS platform built for trade contractors and restoration companies to manage their accounts receivable and collections workflows. This Privacy Policy explains what data we collect, how we use it, how we protect it, and what rights you have.

We keep this plain and readable on purpose. If something isn't clear, email us at support@evenlevel.com.

1. Who This Policy Applies To

This policy applies to:

Account holders — businesses and individuals who sign up for Even Level
Team members — users added to an account by an account holder
End contacts — clients of our customers whose information is managed within Even Level (e.g., invoice recipients)

Even Level is a business-to-business (B2B) service. We are not directed at consumers or children under 13.

Data processor vs. data controller: For account holder and team member data, Plumbob Software LLC acts as a data controller. For end contact data (your clients' information managed within Even Level), Plumbob Software LLC acts as a data processor on behalf of the account holder, who is the data controller. If you are an end contact seeking to exercise privacy rights, please contact the Even Level customer who manages your account directly.

2. Information We Collect

2.1 Account Information

Name and email address
Company name
Password (stored as a one-way hash — we never store your plain-text password)
Subscription and billing information (processed via Stripe — see Section 6)

2.2 QuickBooks Data

If you connect QuickBooks Online, we sync invoice data (customer names, amounts, balances, due dates) and customer contact information. We access QBO via OAuth authorization you grant. Depending on features used, Even Level may read from and write to your QBO account — we will always clearly indicate within the product when an action writes to QuickBooks. Your OAuth token is stored encrypted at rest.

2.3 Contact Information You Add

You may add or import client contact information including names, emails, phone numbers, notes, and activity history. When you delete an end contact record within Even Level, that deletion is processed promptly. Backup copies may persist up to 30 days before being fully purged.

2.4 Email and SMS Credentials

SMTP passwords and Twilio API credentials are stored encrypted at rest and used solely to send communications on your behalf.

2.5 Activity and Usage Data

We collect platform action logs (emails sent, SMS sent, calls logged, notes, payments) and general usage data (pages visited, features used, error logs) to operate and improve the service.

2.6A Call Recordings and Transcripts

When you use Even Level's calling feature, we store audio recordings of calls made through the platform and AI-generated transcripts, summaries, and extracted commitments from those recordings. Call recordings and transcripts are associated with the relevant customer record and accessible to authorized users in your organization. Recordings are retained while your account is active and deleted per our standard data retention policy in Section 5.

2.6B AI Processing

Even Level uses artificial intelligence and large language model technology to provide features such as email draft generation, account summaries, call transcript analysis, and suggested next steps. To deliver these features, your invoice data, customer information, communication history, and call transcripts may be sent to third-party AI service providers for processing. AI service providers are listed in our subprocessor table in Section 6. AI providers process your data solely to generate outputs for your use within Even Level and do not use your data to train their models.

2.6C Email Open Tracking

Emails sent through Even Level may include a tracking pixel that records when the email is opened by the recipient. Open tracking data is used to measure the effectiveness of your follow-up communications and is displayed in your template performance reports. Recipients are not individually notified of the tracking pixel. If you prefer not to use open tracking, contact support@evenlevel.com.

2.6 Cookies and Analytics

We use session cookies to keep you logged in. Disabling cookies will prevent login.

Product analytics on the application. We use product-usage tools to understand how you and your team use the Even Level application, so that we can improve the Service. These tools may set their own cookies and collect usage data such as pages visited and features used.

Website analytics and advertising. On our marketing website, we use analytics and advertising technologies — which may include cookies, remarketing, conversion tracking, and services such as Google Analytics and Google Ads — to understand how our website is used and to reach potential customers. These technologies may set their own cookies.

What we never do with your account or customer data. We do not use the data within your Even Level account, data about your customers, or data about the recipients of your communications for advertising, and we never sell that data. The analytics and advertising technologies described above relate to usage of the Even Level application and our marketing website — not to your account contents or your customers. The specific analytics and usage providers we currently use are listed in our subprocessor table in Section 6.

3. How We Use Your Information

Provide the service — sync QBO data, send emails/SMS, display AR dashboard
Manage billing — process subscriptions, send receipts
Customer support — respond to questions and troubleshoot
Improve the product — aggregate usage analysis to improve Even Level (see Section 3A regarding the optional cross-organization benchmark feature)
Security — detect fraud and unauthorized access
Legal compliance — respond to lawful government requests. Where permitted by law, we will attempt to notify you before disclosing your information and will push back on requests we believe are overbroad.

We do not sell your data. We do not use your data for advertising.

3A. Even Level Insights (Optional Cross-Organization Benchmarks)

By default, your organization's data is not shared with any other organization. Your invoices, contacts, notes, communications, and the specifics of your accounts remain private to your organization.

Even Level offers an optional feature called Even Level Insights. If — and only if — you explicitly enable it, your organization contributes anonymized, aggregated metrics about insurance adjuster behavior (such as response-time patterns and counts of communications by channel) to a shared benchmark pool that other participating organizations can also see. This feature is off by default and requires your affirmative opt-in.

When Even Level Insights is enabled:

Only anonymized, aggregated metrics are contributed. Your notes, your customers' personal information, specific dollar amounts, and individual records are never shared.
Aggregated figures for a given adjuster are shown only when at least 3 organizations have contributed to that metric, so that no individual organization's data can be singled out or reverse-identified.
Access is reciprocal — you can see the shared benchmark pool only while your organization is contributing to it. If you turn the feature off, your data is removed from future aggregates and you no longer see the pool.

This anonymized aggregate is the only circumstance in which any of your organization's data is made visible to another organization, and it occurs only with your opt-in.

4. How We Store and Protect Your Data

Encryption at rest — QBO tokens, SMTP passwords, Twilio credentials encrypted in the database
Encryption in transit — all traffic over HTTPS (TLS)
Password hashing — one-way hash; we cannot recover your password
Access controls — production access limited to authorized personnel
No card data stored — Stripe handles all payment data (PCI-DSS compliant)

While we take these measures seriously, no system can guarantee absolute security. If you believe your account has been compromised, contact us immediately at support@evenlevel.com.

Security incidents: In the event of a data breach affecting your information, we will notify you as required by applicable law.

5. Data Retention

Data is retained while your account is active. Upon cancellation, your access is suspended and your data is retained rather than immediately deleted, so that you can request reactivation or a data export.

You may request export or deletion of your data at any time by emailing support@evenlevel.com. We process deletion requests promptly, except for records we are required or permitted to retain.

We retain certain records — including financial, transaction, and billing records — as necessary to comply with legal, tax, audit, and regulatory obligations, and to resolve disputes or enforce our agreements, even after a deletion request.

6. Subprocessors and Third-Party Services

Even Level engages the following third-party subprocessors to help deliver the service. Your data may flow through these providers as part of normal platform operation.

Service	Purpose	Their Privacy Policy
Stripe	Subscription billing, payment processing, and payment collection from your customers via Stripe Connect	stripe.com/privacy
Twilio	SMS messaging and in-browser voice calling (including call recording) on your behalf	twilio.com/legal/privacy
Intuit / QuickBooks	Invoice data sync and write-back	intuit.com/privacy
Google	Gmail OAuth (if you connect Gmail), Google Places (review monitoring), and Google Analytics (website usage)	policies.google.com/privacy
Anthropic	AI processing of text and call recordings/transcripts to generate drafts, summaries, transcripts, and related features	anthropic.com/privacy
Postmark	Transactional and inbound email delivery	postmarkapp.com/privacy-policy
Sentry	Error monitoring and application performance	sentry.io/privacy
PostHog	Product analytics — how you and your team use the Even Level application	posthog.com/privacy
Plausible	Privacy-friendly analytics for our marketing website	plausible.io/privacy

This list is current as of May 28, 2026 and is subject to change. We share only what's necessary for each integration. We do not authorize these subprocessors to use your data for their own marketing. We will notify customers of material changes to our subprocessor list.

7. California Privacy Notice (CCPA/CPRA)

Even Level is a B2B platform and does not sell to California consumers directly. However, if your business operates in California or manages information about California residents as end contacts within Even Level, you (as the account holder and data controller) may have obligations under the CCPA/CPRA. We encourage customers who may be subject to CCPA to review their own obligations regarding end contact data managed through Even Level. Contact us at support@evenlevel.com if you need a Data Processing Agreement (DPA) for enterprise compliance purposes.

8. Your Rights

Access — request a copy of your data
Correction — fix inaccurate information
Deletion — delete your account and associated data
Data portability — export your data

Contact support@evenlevel.com. We respond within 10 business days.

End contacts: please contact the Even Level customer managing your account directly — they are the data controller for their clients' information.

9. Business Transfers

If Plumbob Software LLC is involved in a merger, acquisition, or asset sale, your data may transfer. We will notify you by email before it happens and describe your choices.

10. Changes to This Policy

Material changes will be notified by email or in-app at least 14 days before taking effect. The Effective Date always reflects the last update.

11. Governing Law

Governed by the laws of the State of Texas, without regard to conflict-of-law provisions.

12. Contact Us

Plumbob Software LLC
Email: support@evenlevel.com
Website: evenlevel.com