← LinkedIn demo

AILANG×pleo.io

AI privacy generated 2026-05-14

§1 · AI-readiness

agent-ready privacy portable

pleo.io scored 2/10 on privacy.

The radar shows AILANG-readiness across three commercial concerns. High means pleo.io is already strong there; low means AILANG could meaningfully help.

Why privacy scored 2/10
  • Page mentions end-to-end encryption, E2EE, zero-knowledge, or client-side encryption — data is sealed before leaving the client.
  • Page mentions SOC 2, ISO 27001, GDPR, HIPAA, or CCPA — formal commitments to data-handling practice.
  • Page mentions "we do not sell", "no third-party sharing", "privacy-first", "data minimization", or "purpose limitation" — explicit constraints on data flow.
  • Fewer than 5 distinct external script/image domains — indicates fewer third-party data flows.
  • Page mentions EU hosting, data residency, on-premises deployment, or sovereign cloud.

Full breakdown ↓ · View rubric ↗

§2 · what an AI sees on pleo.io

Businesses, legal professionals, and individuals seeking to review legal agreements and policies related to Pleo's financial management and spend solution services.

This legal page serves as a centralized hub for Pleo's official documentation, including master service agreements, privacy policies, GDPR information, and data processing agreements. It provides access to essential legal resources for businesses utilizing or considering their spend management solutions.
Master Service Agreement Privacy Policy GDPR Data Processing Agreement Cookie Policy Complaints Process

What AILANG Parse sees on pleo.io

Structural extraction — the same content an AI agent would consume from this page.

2 headings2 images0 lists0 tables49 linksHTML parsing by AILANG Parse

12 sections — page skeleton

1 header 8 navs 1 main 1 section 1 footer

2 headings

Here's the important legal stuff, in one place. Are you looking for...

2 images

HomeHome

49 links

(link) Master Service Agreement Download PDF Cookie Policy Learn More Terms and Conditions for Overdraft Download PDF Granting and Revoking Power of Attorney Learn More Overview Pricing Integrations Status About us Careers Press
Show the full extract — what AILANG Parse pulled from this page
# Legal Page - Pleo


[Skip to content](#content)

*Header:*
[Image: Home]

[(link)](/en)

[Image: Home]

[(link)](/en)

Products

Solutions

Resources

Partners

[Pricing](/en/pricing)

# Here's the important legal stuff, in one place.

## Are you looking for...

[Master Service Agreement
Download PDF](https://www.pleo.io/legal-documents/pleo-master-service-agreement-uk-pfs.pdf)

[Privacy Policy
Download PDF](https://www.pleo.io/legal-documents/pleo-privacy-policy-en.pdf)

[GDPR
Learn More](/en/legal/gdpr)

[Cookie Policy
Learn More](/en/legal/cookie-policy)

[Data Processing Agreement
Download PDF](https://www.pleo.io/legal-documents/pleo-data-processing-addendum-en.pdf)

[Sub-processors
Learn More](/en/sub-processors)

[Whistleblowing Policy
Learn More](/en/whistleblowing)

[Terms and Conditions for Overdraft
Download PDF](https://www.pleo.io/legal-documents/pleo_fs_uk_overdraft_tcs.pdf)

[Granting and Revoking Power of Attorney
Learn More](/en/grant-and-revoke-poa)

[Complaints Process
Download PDF](https://www.pleo.io/legal-documents/pleo-complaint-process-en.pdf)

*Footer:*
Product

[Overview](/en/features)

[Pricing](/en/pricing)

[Integrations](/en/integrations)

[Status](https://status.pleo.io/)

Company

[About us](/en/about)

[Careers](/en/careers)

[Press](/en/press)

[Legal](/en/legal)

[Brand](https://www.pleobrand.site/)

[Contact us](/en/contact)

Partnerships

[Pleo partnerships](/en/partnerships)

[Consulting partnerships](/en/consulting-partnerships)

[Accounting partnerships](/en/partners)

[Partner directory](/en/partner-directory)

Resources

[Blog](https://blog.pleo.io/en)

[Help centre](https://help.pleo.io/en/support/home)

[FAQ](/en/faq)

[Webinars and events](/en/webinars-and-events)

[Customer stories](/en/customers)

[Free accounting resources](/en/accounting-resources-directory)

[Reviews](/en/credits)

[Developers](https://developers.pleo.io/reference/api-introduction)

Solutions

[Startups](/en/for-startups)

[Small businesses](/en/small-businesses)

[Larger businesses](/en/multi-entity-businesses)

[Business travel expenses](/en/business-travel-expenses)

[Software subscriptions](/en/subscription-management)

[Marketing spend](/en/marketing-spend-management)

Legal

[Master Service Agreement](/en/legal)

[Data Processing Agreement](https://www.pleo.io/legal-documents/pleo-data-processing-addendum-en.pdf)

[Sub-processors](/en/sub-processors)

[Privacy policy](https://www.pleo.io/legal-documents/pleo-privacy-policy-en.pdf)

[GDPR](/en/legal/gdpr)

[Fraud awareness](https://www.pleo.io/legal-documents/pleo-fraud-awareness-en.pdf)

[Complaints process](https://www.pleo.io/legal-documents/pleo-complaint-process-en.pdf)

[Anti-Modern Slavery Statement](https://www.pleo.io/legal-documents/anti_modern_slavery_statement.pdf)

[Trust & Security](/en/trust-and-security)

[Vulnerability Disclosure Policy](/en/vulnerability-disclosure-policy)

[Code of Conduct](/en/code-of-conduct)

[Whistleblowing Policy](/en/whistleblowing)

[LinkedIn](https://www.linkedin.com/company/pleo-company)

[Twitter](https://www.twitter.com/pleo)

[Facebook](https://www.facebook.com/pleo.io)

[Instagram](https://www.instagram.com/pleo.io)

[YouTube](https://www.youtube.com/channel/UCQQitvQIlEgIxNyLlOgilXQ)

Pleo Technologies A/S (36538686)

Ravnsborg Tværgade 5C
2200 København N
Danmark

Pleo Financial Services UK Ltd is authorised by the Financial Conduct Authority under the Electronic Money Regulations 2011 with firm reference number: 1020730. Pleo Financial Services UK Ltd’s registered office is: 3rd Floor 11 St John Street, Farringdon, London, United Kingdom, EC1M 4AA and company number is: 15842283. Cards are issued pursuant to a license from Mastercard International Incorporated. Mastercard and the Mastercard Brand Mark are registered trademarks of Mastercard International Incorporated.

Pleo Technologies A/S (36538686), 2026. All rights reserved.
The claim “Europe’s leading business spend solution” is based on the number of customers served by Pleo in Europe compared to similar solutions and according to public information.
page preview · the URL we fetched https://www.pleo.io/en/legal ↗
Screenshot of pleo.io

Couldn't render a preview for this site. Open the URL in a new tab ↗

Screenshot via thum.io

§3 · AILANG × your business

pleo.io scored 2/10 on privacy. AILANG opportunity is therefore 8/10. Here's where it would land first.

Information-flow labels on customer data

Mark fields containing PII at the type level. The compiler refuses to let a labelled value reach a public sink without an explicit Declassify boundary. Privacy by type, not by code review.

type Customer = {
  email:    string<pii>,
  postcode: string<pii>,
  signupDate: string
}
-- assigning customer.email to a log line is a type error.
→ AILANG docs

Capability scoping

A function declares the network endpoints, file paths, and AI providers it touches. Anything outside the declaration is rejected by the runtime. "This part of the system can talk to Stripe; it cannot talk to anyone else" is enforced.

func chargeCard(c: Card) -> Result[Receipt, Error]
  ! {Net @endpoint="api.stripe.com", AI @limit=0}
→ AILANG docs

Three-runtime deploy

The same module runs in the browser via WASM, on Cloud Run, and as a native binary. Sensitive workflows can stay in the user's tab — no server ever sees the data.

-- Browser: load AILANG WASM, run the module in the user's tab.
-- Cloud Run: same .ail file packaged as a container.
-- Native CLI: same .ail file, ailang run.
→ AILANG docs

How this page was made

func sketchSite(url: string<pii>, topic: Topic) -> Sketch
  ! {Net @limit=1, AI @limit=5, FS @limit=4, Process, Declassify}
SignalTopicResultPointsAILANG primitive
agent.json referencedagent-ready0/1ailang serve-api generates A2A agent cards automatically — bonus if you're an early adopter
openapi.json referencedagent-ready0/2ailang serve-api generates OpenAPI 3.1 from Hindley-Milner type signatures
MCP endpoint referencedagent-ready0/2ailang serve-api --mcp-http exposes typed functions as MCP tools
Public API docs linkedagent-ready2/2ailang serve-api hosts Swagger + ReDoc at /api/_meta/ by default
Webhooks documentedagent-ready0/2ailang serve-api handles webhooks as typed handler functions with effect-tracked side effects
Rate limits documentedagent-ready0/2Capability budgets — Net @limit=N is the symmetric server-side primitive for what agents see as rate limits
Streaming / SSE endpointagent-ready0/2std/stream — ssePost and Stream effect handle event-source endpoints with typed event types
Sandbox / test environment offeredagent-ready0/2ailang --ai-stub plus mock effect handlers — deterministic, capability-scoped fakes for any effect, including Net and AI
Authentication documentedagent-ready0/2std/jwt for verification, IFC labels (string / string) to keep credentials out of public sinks at the type level
Idempotency keys documentedagent-ready0/2Pure functions are idempotent by construction; requires/ensures contracts express idempotence as a static guarantee
AG-UI streaming protocolagent-ready0/1std/stream — the AG-UI event lifecycle (RUN_STARTED → TEXT_MESSAGE_CONTENT → TOOL_CALL_RESULT → RUN_FINISHED) is a textbook sum type. ADTs + exhaustive pattern matching make every event-type branch a compile error to skip.
HTTP 402 agent payments (x402 / pay-per-crawl)agent-ready0/1Net @endpoint-scoped capability budgets bound payment destinations; requires { amount <= budget } gates the payload; IFC labels keep the signed payment key out of public sinks. Same primitives cover x402 payload signing and Cloudflare's crawler-price negotiation.
AP2 Agent Payments Protocolagent-ready0/1Mandates ARE contracts. requires { intent.price <= mandate.maxPrice } + ensures { cart.total <= intent.price } is a one-to-one translation of an Intent/Cart Mandate into AILANG. Z3 can verify the bounds at compile time.
UTCP tool-calling protocolagent-ready0/1Typed function signatures are the manifest. ailang serve-api emits the same metadata as a UTCPManual (name, input/output schema, native endpoint) — direct-call discovery without a proxy server.
End-to-end encryption documentedprivacy0/2IFC labels (string) force decryption to flow through a typed boundary; the compiler refuses to publish sealed values without explicit declassification
Compliance certifications citedprivacy2/2requires/ensures contracts express machine-verifiable claims; capability budgets bound audit-trail effects; effect rows leave nothing un-declared
Data minimisation languageprivacy0/2Capability scoping — each Net call declares its endpoint in the effect row, so "doesn't sell" becomes a type-system-enforceable claim, not a marketing one
Third-party domains restrainedprivacy0/2Capability scoping — each Net call declares its endpoint in the effect row
Data residency / on-prem languageprivacy0/2Three-runtime deploy — same module runs in WASM (browser), Cloud Run, and native CLI
Single-vendor LLM languageportable2/2std/ai multi-provider — switch from Anthropic to Gemini to OpenAI without rewriting
Multiple AI providers citedportable0/2std/ai — one Step API across Anthropic, OpenAI, Gemini, OpenRouter, Ollama, and custom-package providers
Cross-runtime / deployment portabilityportable0/2Effect handlers as runtime adapters — same .ail runs as WASM in the browser, a Cloud Run container, and a native CLI; only the handlers change
BYO key / model-agnosticportable0/2AILANG WASM — the full interpreter ships as a browser bundle, so caller-held keys (BYOK), offline apps, and embedded demos all work client-side

The rubric that scored this page is open-source AILANG code — every signal extractor is contract-verified. View rubric →