Planning Guard
HomeStart

Privacy policy

How we handle your personal information when you use Planning Guard.

Last updated: 28 March 2026

Important: This document is a practical template for a UK-focused planning tool. It is not legal advice. You should have it reviewed by a solicitor or privacy specialist. You can fill many placeholders automatically by setting the NEXT_PUBLIC_* values documented in .env.example.

1. Who we are

The website and service branded Planning Guard (the “Service”) is operated by [INSERT: legal entity name — e.g. Your Company Ltd or your name as sole trader] (“we”, “us”, “our”).

Contact: contact@planningguard.co.uk

For data protection law, we are the controller of personal data described in this policy (unless we state otherwise).

2. Scope

This policy applies to personal data we process through the Service (website, accounts, scans, uploads, payments, and related emails). It does not cover third-party sites we link to (e.g. council planning portals).

3. Data we collect

3.1 Account & authentication

  • Email address, password (stored as a secure hash), optional name.
  • Session / security data via cookies or similar technologies (see our Cookie policy).

3.2 Case & scan content

  • Information you enter about a planning case (e.g. references, concerns, titles) and documents you upload for scanning.
  • Outputs from our tools (e.g. scan results, draft letters) derived from your inputs and our processing.

3.3 Payments

  • If you pay, our payment provider (e.g. Stripe) processes card and billing data. We receive limited transactional metadata needed to fulfil your order (we do not store full card numbers on our servers).

3.4 Technical & usage

  • IP address, browser type, timestamps, and similar logs for security and reliability.
  • If you opt in to analytics or marketing cookies, aggregated usage or campaign data as described in our Cookie policy.

3.5 Communications

  • Emails you send us and messages related to support, password reset, or service notices.
  • If you sign up for our optional newsletter, we store your email address to send occasional updates (for example new blog posts). You can unsubscribe at any time using the link in those emails.
  • If you use the contact form, we process your name, email, and message to respond to your enquiry (legitimate interests). If you opt in, we may also add your email to the newsletter list under consent — see section 4.

4. Purposes and lawful bases (UK GDPR)

We process personal data on these bases:

  • Contract — providing the Service you request (account, scans, paid deliverables).
  • Legitimate interests — securing the Service, debugging, fraud prevention, improving the product, and (where permitted) analytics that do not override your rights.
  • Legal obligation — compliance with law, tax, or regulatory requests.
  • Consent — where required (e.g. non-essential cookies, certain marketing). You may withdraw consent at any time via Cookie settings or by contacting us.

5. Sharing and processors

We may share data with:

  • Infrastructure & email providers (hosting, transactional email).
  • Payment processors (e.g. Stripe) under their terms and privacy notices.
  • AI / document processing services you trigger by using features that send content for analysis or generation — only what is needed to perform that function.
  • Professional advisers or authorities where required by law.

We use written agreements with processors (where applicable) requiring them to protect personal data and process it only on our instructions.

6. International transfers

If any processor stores or processes data outside the UK/EEA, we will ensure appropriate safeguards (e.g. UK IDTA / Addendum, EU SCCs, or adequacy regulations) unless a limited exception applies.

7. Retention

  • Account data — while your account is active and for a reasonable period afterwards unless law requires longer.
  • Uploads — according to the retention rules shown in the Service (e.g. automatic deletion after a defined period).
  • Logs & backups — rotated on a schedule appropriate for security and operations.

8. Security

We use technical and organisational measures appropriate to the risk (e.g. access controls, encryption in transit, hashed passwords). No method of transmission or storage is 100% secure.

9. Your rights (UK)

Subject to exemptions, you may have the right to:

  • Access, rectify, or erase your personal data.
  • Restrict or object to certain processing.
  • Data portability where applicable.
  • Withdraw consent where processing is consent-based.
  • Lodge a complaint with the ICO (www.ico.org.uk).

To exercise rights, contact us at contact@planningguard.co.uk. We may need to verify your identity.

10. Children

The Service is not directed at children under 13 (or higher age if required locally). Do not register if you are under that age.

11. Automated decision-making

The Service may use automated tools to analyse text you provide and produce suggestions. This is assistive software, not a solely automated decision with legal or similarly significant effects under UK GDPR Article 22; you remain responsible for reviewing outputs before use.

12. Changes

We may update this policy. We will post the new version here and adjust the “Last updated” date. Material changes may be communicated by email or an on-site notice where appropriate.

13. Related documents