Data Act

This text applies exclusively to EU entities and does not apply to US entities; in the case of a US entity, please refer to your relevant terms and conditions or the applicable contract.

Exit and Switching Information

The ICT infrastructure deployed for data processing of Plauti’s cloud‑based Services (including Plauti Cloud and Plauti Verify) is subject to the jurisdiction of the Netherlands. Please note that only Plauti Cloud and Plauti Verify services currently process data on Plauti‑managed infrastructure; other services are native CRM applications or run locally within the Customer’s environment.

In line with the EU Data Act, Plauti has taken the following technical, organizational, and contractual measures to prevent international governmental access to or transfer of (non‑)personal data held in the European Union where such access or transfer would create a conflict with European Union law or the national law of the relevant Member State:

  • All production data centers and primary hosting locations for the Services are located within the European Union, in data centers subject to the jurisdiction of the Netherlands or Germany. Unless our product offers customers the option to switch to a US data center, and the customer chooses this option.
  • Access to systems processing (non‑)personal data is restricted based on the need‑to‑know and least‑privilege principles and is enforced using strong authentication and role‑based access control.
  • All data in transit between Customer systems and Plauti’s Services, as well as between internal components of the Services, is encrypted using industry‑standard protocols (such as TLS). Data at rest is encrypted using strong encryption algorithms.
  • Where Plauti considers that a request from a non‑EU/EEA public authority conflicts with Union or applicable Member State law, Plauti will challenge such request to the extent permitted by law, and, where appropriate, request that the authority uses applicable international cooperation mechanisms, in accordance with the EU Data Act.
  • Plauti commits not to disclose non‑personal data in response to a request from a non‑EU/EEA authority unless it is satisfied that the request is lawful under Union or Member State law, and only to the minimum extent required.
  • Logs are maintained for access to systems and data in order to detect and investigate unauthorised or unlawful access attempts, including potential governmental access that conflicts with applicable law.

Data and Digital Assets subject to porting and switching

In accordance with the EU Data Act rules on switching and data porting, the following categories of Data and Digital Assets can be transferred using Switching Tools:

Application configuration in JSON format.

Note: Plauti Apps run natively in your CRM system. The Application Objects/Entities and Records can be exported via the default export functionality as provided by your CRM. Plauti Apps modify records in and from within your CRM system. Customers can therefore perform switching andporting of these records and associated data directly via their CRM provider’s export and migration tools.

When data processing is outsourced to Plauti Cloud services (e.g. Plauti Cloud, Plauti Verify), the Customer’s data only persists on Plauti‑managed infrastructure for the duration of the processing (e.g. deduplication, verification) and is deleted immediately after the processed data has been ingested by theCustomer’s CRM system, in line with our data retention policies.

Plauti does not impose any additional technical or contractual obstacles that would prevent Customers from switching to another service provider or from porting their data out of Plauti’s Services, beyond what is strictly necessary to maintain security and the integrity of the Services.

Data and Digital Assets excluded from export

The following categories of Data and Digital Assets specific to the internal functioning of Plauti’s Services are exempted from the obligation to export data, in accordance with the EU Data Act, as there is a risk of breach of Plauti’s trade secrets and/or Data and Digital Assets protected by the intellectual property rights of Plauti or third parties:

  1. source code, object code, algorithms, models, architectures and internal documentation of the Services;
  2. internal system configuration, monitoring data and security logs which, if disclosed, would reveal security controls, detection rules or other sensitive internal processes;
  3. proprietary reference data, taxonomies, look‑up tables and other datasets developed by Plauti or licensed from third parties and used to provide or enhance the Services, where such data is not customer‑specific;
  4. internal performance metrics, capacity management data, and benchmarking information that relate to Plauti’s platform as a whole;
  5. any data or digital assets of third parties that Plauti is contractually or legally prohibited from sharing or exporting.

These exclusions do not affect the Customer’s ability to export their own data and configuration, nor their ability to switch to another service provider.

Procedures for switching and porting

  1. All Plauti applications (including non‑native cloud applications) perform their operations on records in Salesforce (or another supported CRM). As a result, all business data remains stored in the Customer’s CRM environment, and no separate switching and porting process is required at Plauti level for such data.
  2. Application configuration can be exported in JSON format via the Setup pages in the native applications, using the Switching Tools described in our documentation.
  3. The time needed to export and transfer the Data and Digital Assets out of Plauti’s environment is limited to the time required to export the configuration (JSON) and any other exportable items described in our documentation, since all processing data is always transferred back to the Customer’s CRM system after every data processing job and is then deleted from Plauti‑managed infrastructure.

Continuity risks

Because:

  1. all core business records remain stored and managed within the Customer’s CRM system; and
  2. Plauti only processes data temporarily and returns the results to the CRM,

the risks to continuity in the provision of the functions or services during switching and exit are minimal. Customers remain able to continue using their CRM data and to migrate it to other services without dependency on Plauti for data export.

Ready to take control?

Ensure clean, reliable data with Plauti.

Get a demo
Try for free
Platform capabilities
Plauti  Verify Plauti  Deduplicate Plauti  Manipulate Plauti  Assign Plauti  Agentforce Plauti  Restore Plauti  SDK
Solutions by Role
By Use Case
Solutions by Initiative
Resources
Company
Salesforce Partner
BC Certified logo
Terms and conditions
Privacy Policy
Cookie Policy
Responsible Disclosure
Data Act
© 2026 Plauti B.V.
Development:  Pixel&Code