Privacy policy

Last updated: Oct 11, 2024

What Information We Collect

We gather information from you based on how you use the Services, which Services you use, and what information you choose to supply or make accessible to us.

A. Information You Provide

Account Creation: We collect information like your name, email, password, role, and optional profile photo when you create an account or use our services.

Communication: We gather information from your emails, phone calls, and messages when you contact us for information, support, or to subscribe to our newsletter.

Payment: When you purchase a subscription, we collect payment details (billing address, transaction info) through third-party providers. We don't store payment information directly.

Surveys: We might invite you to participate in surveys, collecting contact and other relevant information.

Interactive Features: Information shared on public forums, blogs, or social media platforms is considered public and not covered by our privacy policy.

Contests and Sweepstakes: We may collect contact information for contest or sweepstake entries and use it for promotional purposes.

Events: We collect contact information from people who show interest in our services at events.

B. Information Collected Automatically

Automatic Data Collection: This includes your IP address, user settings, device identifiers (like MAC address and cookies), browser information, operating system, and location (general area based on IP). We also track what pages you visit, the links you click, and how you interact with the website (time spent, frequency).

Cookies and Other Tracking Technologies:

Plaan and our third-party partners, including advertising and analytics partners, utilize cookies and other tracking technologies (e.g., Facebook pixels, Google Analytics) to provide functionality and recognize you across different Services and devices. We and our partners may use cookies, pixel tags, local storage, and other technologies to automatically collect information and deliver content, advertising, or other features on the Services. Our use of these tracking technologies falls into the following categories:

• Strictly necessary: These cookies and technologies are essential to enable the Services to provide requested features, such as identifying regular site behavior and remembering your current login.
• Functionality: These cookies track and remember your choices to tailor your experience and make the Services more personalized.
• Performance and analytics: These cookies collect information on the performance of our Services to improve their quality and operation, such as navigation, user experience, and marketing campaigns. This includes statistics from Google Analytics to understand how long visitors stay on our homepage or how often they click on our Call-to-action button.
• Advertising or targeting-related: Our third-party partners may use cookies to collect information about your browsing habits or the sites you visit to deliver content, including ads relevant to your interests, on our Services or third-party sites.

Analytics: We use third-party services to analyze activity on our website and services. These services have their own privacy policies explaining how they use the information they collect. We don't control their practices.

C. Information from Other Sources

Third-party applications: If you access our Website or Services through platforms like social media or other login services, we may collect information you've made public through your privacy settings.

Data enrichment providers: For business users, we may obtain information from these providers to improve our marketing and sales efforts.

Google Contacts: If you choose to use this feature, we can view your contacts to suggest them when sending invitation emails. We won't use this information for any other purpose.

What do we use your data for 

We use the information we collect for multiple purposes, depending on what we gather from you. This information may be utilized to communicate with you, resolve issues, prevent fraud and abuse, enhance and update our services, analyze usage patterns, deliver personalized advertising, and comply with legal requirements or ensure safety and integrity.

For providing service and personalizing your experience

We utilize the data we gather to tailor and personalize the appropriate services for you, which includes processing your transactions, activating your account or projects, and supporting, operating, maintaining, and enhancing the Services. Additionally, we use your domain email to determine your affiliation with an organization or industry, allowing us to customize the content, experience, and offers you receive in emails. For example, we might send emails and suggest relevant project templates based on your industry background from your information profile, or we might offer you a special discount if your organization is part of our discount campaign. To opt-out of this personalization, please contact [Email].

For research and development

We gather website statistics and performance data (including user feedback) to diagnose, identify, and address improvements needed to keep Plaan current, intelligent, useful, and user-friendly. Additionally, we analyze performance data from Analytics to understand trends, activity patterns, usage, and integration areas, helping us gain market insights and focus on enhancing our services. We also select appropriate users based on the information provided and their usage of our services to test new features and evaluate their productivity before a full rollout.

For Communication

We use your contact information, which you provide when signing up or messaging us through the support channel, to communicate with you via email. This includes seeking feedback, announcing updates on products and services, informing you about new discounts, reminding you of upcoming events, confirming purchases, addressing your comments and queries, and offering general customer support.

Additionally, if you enable email notifications in Plaan, we may send you updates when interactions occur between you, your team, and the product or services. For example, you'll receive notifications when changes are made to a project you manage or are assigned to. We may also send promotional messages to assist you with using a specific service. Currently, you cannot opt out of these notifications, but we will notify you if a solution becomes available.

Marketing our product and services

We use your contact details to send you marketing and promotional communications. These may include updates about new features, surveys, newsletters, and events, and could be delivered via email or ads on other websites. We also reach out with information about new services, product offers, promotions, and contests in compliance with the law. If you wish to opt out of receiving marketing messages, you can either email us through Plaan or unsubscribe from our marketing emails.

Customer support

We use the information you provide to address bugs and technical issues, as well as to respond to and assist with your requests. If third-party support is required, we will share your information only with your permission, ensuring that your needs are met while maintaining the quality of our products and security.

General Security

We use the information you provide to verify accounts, track activities, and prevent potential or actual security incidents. Additionally, we use this information to monitor and respond to protect against deceptive, sensitive, fraudulent, or illegal activities that breach the [Plaan Terms of Service] and legal requirements.

Protect our business legislation of interests and rights

We utilize the information you provide to assess and address legal claims, ensure compliance, and uphold our legal rights.

Your consent

We may use your information for additional purposes (not mentioned above) with your consent. For instance, we might seek your approval to share testimonials about your experiences or special cases for marketing or instructional purposes.

Legal bases for processing (for EEA users)

We also offer services in accordance with applicable EU laws for individuals in the European Economic Area (EEA). We collect your information when necessary to deliver our services and products, including issue detection, personal feature provision, customer support, and service security. The data we collect aligns with business regulations and respects your data protection rights. For example, we gather feedback to improve and update our services and products, or for marketing purposes. We may also collect information for specific reasons if you consent. We process data to meet legal requirements as well.

You have the right to withdraw your consent or limit our use of your information for specific purposes in the future, although this will not affect any processing that has already occurred. You can also refuse to allow us or third parties to use your information for certain services. However, declining to permit the use of your information where we or third parties have a legitimate interest may result in you no longer being able to use some services.

How we share your data

We will only disclose your information when you consent for a specific purpose or request us to do so. For example, you might agree to share your project template with the public after converting your real data into sample data.

• We provide vendors with details related to services like hosting, data storage, and payment processing.
• You may request to connect your account with third-party service providers to enable specific features or functionalities of the services.
• We may need third-party support for organizing marketing efforts such as advertising, email marketing, market research, and analytics. For instance, your email address might be added to email marketing lists to send out promotions, gather feedback, or update you on new features.
• We may need to share information to comply with legal requirements, such as responding to government or law enforcement requests, or to protect the rights, interests, privacy, and security of all parties involved.
• In cases of reorganization, mergers, joint ventures, transfers, assignments, or other changes involving Plaan, we may share your data as necessary.
• We may also share information for business purposes as required by law, provided it aligns with our Privacy Policy.

For collaboration: You have the ability to create content that may include personal information and allow others to view, share, edit, copy, and download it based on the settings you or your administrator choose. Some collaboration features of the Services may show your profile information to other users when you share or interact with specific content. For instance, when you comment on a Plaan project, your profile picture and name will be visible next to your comment so that others can see who made it. Likewise, if you're assigned a task in a Plaan project, your name and avatar will be visible to the entire team working on the project. All your activities within the project will be recorded in the project’s history.

Managed accounts and administrators: If you sign up for or use the Services with an email address from your employer or organization, or link that email to your current account, your organization may be able to view certain details about you, such as your name, profile picture, contact information, content, and account activity. This information could be accessible to the organization's administrator and other users sharing the same domain. If you are an administrator for a specific site or user group within the Services, we may share your contact details with both current and former Service users to assist with Service-related requests.

How to store your information

Information storage and security

We use standard technical measures to protect the information we store, ensuring it is secure and used only for the purposes outlined, in compliance with applicable laws.

How long we keep informatio

The duration for which we retain your information depends on its type, as explained in more detail below. After this period, we will either delete or anonymize your information. If deletion is not feasible (for instance, if it is stored in backup archives), we will securely store and isolate it from further use until it can be deleted.

Account information

We keep your information while your account is active, or if it becomes inactive for a reasonable time, and if you request reactivation. If you choose to completely delete your account and all related information, we will permanently remove it. However, we will retain some information for necessary and legal reasons, such as enforcing agreements, resolving disputes, improving services, and meeting legal obligations. The retained information will not include details that directly identify or characterize you but will be used to analyze performance and understand service usage.

Information you share on the Services

Additionally, some of the information and content you provide will be retained to assist your team with projects you were involved in or managed if your account is disabled or deleted. For example, your messages and comments on items or images uploaded to the projects will be kept to help your team monitor work progress, but any personal information used to identify you will be removed.

Managed accounts

If an organization (such as your admins or employer) provides you with access to the Services, we will keep your information for as long as necessary according to your account administrator's requirements. For additional details, please refer to "Managed accounts and administrators" above.

Marketing information

If you've chosen to receive marketing emails from us, we keep records of your preferences for a reasonable time after your last interaction with our services, like opening an email or stopping the use of your Plaan account. Similarly, we retain data from cookies and other tracking technologies for a reasonable period following its creation.

How to secure your information

We apply standard technical and organizational measures to safeguard the information we collect. However, due to the inherent risks of the Internet, no system can be completely impenetrable. This means it's not possible to guarantee 100% protection against data loss, disclosure, or unauthorized access. If you have concerns about the security of your information or suspect it may be at risk, please reach out to us at [Email].

For users of our server or data center services, you are responsible for securing the storage and access to the information you store in these services, not Plaan. We strongly advise configuring SSL to protect information transmitted over networks and to restrict access to databases and other storage areas.

How to access and manage your information

When you choose to use Plaan and provide your information, you also have the right to manage that information.

You can request to:

• Obtain a copy of your information or access it
• Confirm the accuracy of your information
• Receive an electronic copy of the personal information you’ve provided
• Transfer your information to another company
• Correct any inaccuracies, incompleteness, or improper processing of your personal information
• Withdraw consent for Plaan to use your data, including for marketing purposes, or refuse further use
• Request to disable, restrict, or permanently delete your information
• Make other requests that comply with applicable laws and do not infringe on our rights and interests.

There are limitations to your requests. For example, you cannot ask us to disclose personal information about others, including team members or employees. We also cannot delete information that we are legally required or have legitimate interests to retain. If you want to have your information removed from third-party services, such as apps, you must contact those providers directly. For unresolved issues, you may seek assistance from a data protection authority in your country.

Updating your information: You can view and modify your personal details through your General Information Profile settings. If there are updates you can’t make directly in your account, please reach out to us for assistance via [Email]. For example, if you registered with plaan123@example.com but need to change it to plaan456@example.com, we can help with that request and update your email accordingly.

Deactivating or deleting your account: If you wish to stop using our Service temporarily or permanently, you can ask us to deactivate or delete your account. To do so, please reach out to us at [Email] for assistance. However, please note that information that we are legally required to keep and any content you upload to your project will not be deleted.

Cleaning your information: You can also request the deletion of your personal information. For example, if you've uploaded your Drive account details in the privacy comment to facilitate easier access while using our Services, we can remove that information. However, certain data like images and documents controlled by your organization will not be deleted due to your project's administrator agreement. This information might be kept for record-keeping, tracking team progress, completing transactions, or meeting legal requirements.

Stopping using your information: If you believe we should no longer use your information or if you wish to withdraw your consent, you can request this via [Email]. For example, you can ask us to permanently delete your account and personal details if you no longer need our Services. Please note that we can only delete information used to identify or characterize you and that any processing completed before the deletion will remain unaffected (as detailed in the Legal bases for processing for EEA users section). You can also request that we stop using your information for marketing purposes. Keep in mind that processing your request may take some time. If there's a delay or dispute about our right to continue using your information, we will suspend further use until your request is resolved.

“Do Not Track” (DNT): DNT is a feature present in some browsers that signals websites not to track your information. Currently, our services do not respond to DNT signals. We will provide an update and notify all users once this information changes.

Opt out of communications: You can choose to stop receiving promotional emails by clicking the unsubscribe link in any email, adjusting your email preferences in your Service account settings, or contacting us at [Email] to remove your details from our promotional list or database. Even if you opt out of promotional emails, you will still receive transactional messages about our Services. You can manage some notifications in your account settings. Please be aware that you will still receive general advertisements.

Data portability: Data portability refers to the capability of receiving your information in a transferable format, allowing you to move it from one service provider to another (similar to transferring your mobile phone number between carriers). This generally applies to specific pieces of information rather than all your data. If you request it, we will provide you with an electronic file containing your basic account details and any information you've generated in areas under your exclusive control.

Turn off Cookie Controls: For more information, see "Cookies and Other Tracking Technologies" above.

International Transfers

We gather information from around the world and may transfer, process, and store your data outside your country of residence, to locations where we or our third-party service providers operate to deliver our Services. We take measures to protect your information during these transfers.

For European Union users, we handle some personal data according to data processing agreements that include EU Standard Contractual Clauses (SCC). For further details, please reach out to us at [Email].

Regarding international transfers to third parties: Some of the third parties mentioned in this privacy policy, which provide services to us under contract, are located in countries that may not have the same privacy and data protection laws as your home country. When sharing data of customers in the European Economic Area, the UK, or Switzerland, we use European Commission-approved standard contractual clauses, binding corporate rules for data processors, or other suitable legal measures to ensure the protection of the transferred data.

Users in California

California residents have specific rights under the California Consumer Privacy Act (CCPA). If you qualify as a California resident, you have the following rights:

• Right to Know: You can request details about the categories and specific types of personal information we have collected about you and obtain a copy of that information.
• Right to Correction: You can request that any inaccurate personal information we have about you be corrected.
• Right to Deletion: You can ask us to delete the personal information we have collected about you.
• Right to Non-Discrimination: Exercising any of these rights will not result in discrimination; you will be treated the same as other users.
• Right to Opt-Out: You can opt out of the sale of your personal information.

While CCPA defines "sale" specifically, and although we do not sell your personal information in the traditional sense, we do use cookies that may share non-personally identifiable information with select third parties. To opt out of such practices, please send your request via [Email].

As a resident of California, you have the right to request information regarding the personal data we share with third parties for their direct marketing purposes. To make such a request, please email [Email] with the subject line “Shining the light law on California” and include your mailing address, state of residence, and email address.

Currently, we do not acknowledge or respond to Do Not Track signals because there is no universal standard for these browser-initiated signals.

Users in Nevada

If you live in Nevada, please review the following privacy information specific to your state:

Under Chapter 603A of the Nevada Revised Statutes, Nevada residents have the right to opt out of future sales of certain personal information collected by a website operator. While we do not sell this information at present, you can contact us at [Email] to make such a request

Users in Australia

If you're an Australian resident and wish to file a complaint, you can reach out to the Office of the Australian Information Commissioner (OAIC). You can get in touch with them by visiting www.oaic.gov.au, sending an email to enquiries@oaic.gov.au, calling 1300 363 992, or mailing them at GPO Box 5218, Sydney NSW 2001. Alternatively, you can also contact our privacy team at [Email] to report a violation of the Australian Privacy Principles, and we will respond within 30 days.

Users in the European Economic Area (“EEA”) and United Kingdom (“UK”)

If you are in the EEA or UK, you have the right to access your data in a portable format and to request corrections, deletions, restrictions, or objections to the processing of your data. You can use the information in the "User Information" section to make these requests. Additionally, if you are in the EEA, UK, or Switzerland, you have the right to file a complaint with your local supervisory authority.

Plaan also processes personal data outside the UK, Switzerland, and the EEA, including handling transactions, payments, and support services as detailed in the "How We Share Your Data" section. We use Standard Contractual Clauses approved by the European Commission to manage data transfers from the EEA to other countries and have data processing agreements with Plaan to govern their handling of your data. By providing your data or using our Services, you consent to this transfer, storage, and processing by Plaan.

Data backup policy

Plaan performs daily incremental backups and full backups weekly. In the Data Center, backup data is kept in the same location as the original and is encrypted when not in use. Each week, Plaan also restores and verifies the backups. All backed-up data is retained for 3 months. If a customer requests data restoration, Plaan will retrieve the data from the backup and provide it to them.

Data retention policy

Upon reasonable request by the Customer, all Customer Data and Personal Data processed by Plaan, following the Customer's instructions and in connection with the Online Services, will be either returned or destroyed within 30 days of the request, unless legally prohibited. This applies to all locations where the data is stored, provided that the data is no longer needed for providing the Online Services or for the purposes authorized by the data subject. Plaan ensures that Customer Data or Personal Data is processed solely for the purposes outlined in the relevant Data Protection Requirements or other applicable laws, and only for the duration necessary as required by these laws. Additionally, Plaan guarantees that the data is processed exclusively for the specified purposes and remains protected following the applicable Data Protection Requirements or laws.