1. Introduction
This Privacy Policy describes how Planora (“we”, “us”, or “our”) collects, uses, and protects information about you when you use Planora (the “Service”). By using Planora, you agree to the collection and use of information in accordance with this policy.
If you have questions, contact us at [email protected].
2. Information We Collect
We collect information you provide directly or that is generated by your use of the Service.
Account Information
Planora uses Google OAuth as its sole authentication method. When you sign in, Google shares your name, email address, and profile picture with us. We do not store your Google password.
Workspace Data
When you plan your team in Planora, we store the data you enter:
- Project names, clients, statuses, and date ranges
- Team member names, roles, and monthly capacity settings
- Assignment data: who is allocated to which project, hours, and months
- Scenario and variant configurations you create
- Workspace settings and preferences
Technical and Usage Data
We automatically collect certain technical information including your IP address, browser type, operating system, and pages visited. This is used solely to operate and improve the Service.
Communications
When workspace invitations are sent, we temporarily process the recipient email address to deliver the invitation. If you contact us for support, we retain that correspondence.
3. How We Use Your Information
We use the information we collect exclusively to operate and improve Planora:
- Authenticate your identity and maintain your session using JWT-based tokens
- Store and serve your workspace data so you can plan and forecast your team
- Deliver workspace invitation emails when you invite colleagues
- Respond to your support requests and enquiries
- Monitor service health and prevent abuse
- Comply with applicable legal obligations
We do not use your data for advertising or to train machine learning models.
5. Data Retention
We retain your personal data for as long as your account is active. If you close your account or request deletion:
- Your account and all workspace data will be deleted within 30 days of the request
- Encrypted backup copies may persist for up to 90 days before permanent deletion
- We may retain minimal records longer where required by law
To request deletion, email [email protected].
6. Your Rights
Depending on your location, you may have the following rights over your personal data:
- Access: Request a copy of all personal data we hold about you
- Rectification: Request correction of inaccurate or incomplete data
- Erasure: Request deletion of your personal data
- Portability: Request a CSV export of your workspace data
- Restriction: Request that we limit processing of your data
- Objection: Object to processing where we rely on legitimate interests
To exercise any right, email [email protected]. We will respond within 30 days. EU/UK users may also lodge a complaint with their local data protection authority.
8. Security
We implement industry-standard security measures:
- All data is transmitted over HTTPS using TLS encryption
- Sessions are managed with signed JWTs with short expiry and rotation
- Authentication is handled by Google OAuth; we never store your Google password
- Access to production systems is restricted to authorised personnel
If you discover a security issue, please report it to [email protected].
9. Children
Planora is not intended for anyone under 16. We do not knowingly collect data from children. If you believe a child has provided us personal data, contact [email protected] and we will delete it promptly.
10. Policy Updates
We may update this policy from time to time. We will notify you of material changes by email at least 14 days before they take effect. The “Last updated” date at the top of this page indicates when the policy was last revised.
Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Contact Us
Questions about this Privacy Policy?