How your data is protected
Isolated per account
Your data is stored in a secure database with row-level security. Each user
can only access their own clients, settings, and connected accounts.
Encrypted credentials
Sensitive credentials like your Stripe key are encrypted at rest and used
only to read the data you’ve authorized.
Read-only integrations
ClientPlug only reads from Stripe, Meta, and Google. It never charges
clients, edits campaigns, or modifies your connected accounts.
Secure sign-in
Sign in with email and password or with Google. Connections to ad platforms
use industry-standard OAuth — ClientPlug never sees your Meta or Google
password.
Team data boundaries
On the Agency plan, access is enforced by role:- Employees can only see clients explicitly assigned to them, and never see revenue, analytics, or connected-account credentials.
- Admins act within the owner’s account so the team shares one consistent set of data.
Controlling your connections
You can disconnect any integration at any time from the Integrations page. You can also revoke ClientPlug’s access directly from the source:- Meta — Facebook Settings → Business Integrations
- Google — Google Account Security → Third-party access
- Stripe — remove or rotate the key in your Stripe dashboard, then update or remove it in ClientPlug
Deleting your data
You have two ways to remove your data:- Delete your account from Settings → Security — permanently removes your account and associated data.
- Request data deletion via the data deletion page — for requesting deletion of data ClientPlug has stored, including data pulled from connected ad platforms.
Deleting your ClientPlug account or data does not affect your Stripe
account, your clients’ subscriptions, or your Meta/Google ad accounts —
ClientPlug only ever read from them.