Privacy policy
How we handle your personal information when you use Planning Guard.
Last updated: 1 July 2026
1. Who we are
The website and service branded Planning Guard (the “Service”) is operated by Stephane Patteux (“we”, “us”, “our”).
Contact: contact@planningguard.co.uk, Unit 165813, PO Box 7169, Poole, BH15 9EL
For data protection law, we are the controller of personal data described in this policy (unless we state otherwise).
2. Scope
This policy applies to personal data we process through the Service (website, accounts, scans, uploads, payments, and related emails). It does not cover third-party sites we link to (e.g. council planning portals).
3. Data we collect
3.1 Account & authentication
- Email address, password (stored as a secure hash), optional name.
- Session / security data via cookies or similar technologies (see our Cookie policy).
3.2 Case & scan content
- Information you enter about a planning case (e.g. references, concerns, titles) and documents you upload for scanning.
- Outputs from our tools (e.g. scan results, draft letters) derived from your inputs and our processing.
3.2a Guest (pre-account) scans
You can run a free scan without creating an account. When you do:
- Your case details (council, concerns, optional planning reference) and any uploaded document text are sent to our server and to our AI processing service to produce scan results. This content is not stored in our database — it is processed transiently and the result is returned to your browser only.
- Your scan result is temporarily cached in your browser's
localStorage(“pg_guest_scan”) so you can view it without an account. If you create an account, this data is transferred to your account and the local copy is deleted. If you do not create an account, the data remains on your device only and is never stored on our servers. - Any document you upload is processed in memory on our server to extract text; it is not written to disk or retained after the request completes.
3.2b A/B testing and first-party funnel analytics
We operate an internal A/B test to measure the effect of product changes on how users experience the scan. This involves:
- Anonymous identifier (“pg_anon_id”) — a randomly-generated UUID created in your browser and stored in
localStorage. It is not linked to your name, email, or IP address, and cannot on its own identify you. - Cohort assignment (“pg_ab_cohort”) — your randomly assigned test group (“control” or “variant”), stored in
localStorage. - Funnel events — if you have consented to analytics cookies, we record anonymous events (e.g. page viewed, scan started, scan completed) linked to your anonymous identifier and cohort. These are stored in our own database (not a third-party analytics service) and are used solely to measure product improvement. We do not record your IP address in these event records.
Lawful basis: Legitimate interests — measuring service effectiveness using pseudonymous data proportionate to our operational needs and not overriding your rights. Analytics event tracking additionally requires your consent via the cookie banner.
3.3 Payments
- If you pay, our payment provider (e.g. Stripe) processes card and billing data. We receive limited transactional metadata needed to fulfil your order (we do not store full card numbers on our servers).
3.4 Technical & usage
- IP address, browser type, timestamps, and similar logs for security and reliability.
- If you opt in to analytics or marketing cookies, aggregated usage or campaign data as described in our Cookie policy.
3.5 Communications
- Emails you send us and messages related to support, password reset, or service notices.
- If you sign up for our optional newsletter, we store your email address to send occasional updates (for example new blog posts). You can unsubscribe at any time using the link in those emails.
- If you use the contact form, we process your name, email, and message to respond to your enquiry (legitimate interests). If you opt in, we may also add your email to the newsletter list under consent — see section 4.
4. Purposes and lawful bases (UK GDPR)
We process personal data on these bases:
- Contract — providing the Service you request (account, scans, paid deliverables).
- Legitimate interests — securing the Service, debugging, fraud prevention, improving the product, and (where permitted) analytics that do not override your rights.
- Legal obligation — compliance with law, tax, or regulatory requests.
- Consent — where required (e.g. non-essential cookies, certain marketing). You may withdraw consent at any time via Cookie settings or by contacting us.
5. Sharing and processors
We may share data with:
- Infrastructure & email providers (hosting, transactional email).
- Payment processors (e.g. Stripe) under their terms and privacy notices.
- AI / document processing services you trigger by using features that send content for analysis or generation — only what is needed to perform that function.
- Professional advisers or authorities where required by law.
Where required by UK GDPR, we enter into appropriate data processing agreements with processors, requiring them to protect personal data and process it only on our instructions. Major processors such as Stripe and OpenAI operate under their own UK GDPR-compliant data processing terms, which you can review on their respective websites.
6. International transfers
If any processor stores or processes data outside the UK/EEA, we will ensure appropriate safeguards (e.g. UK IDTA / Addendum, EU SCCs, or adequacy regulations) unless a limited exception applies.
7. Retention
- Account data — held while your account is active. If you delete your account, we delete your personal data within 30 days, except where we are required to retain it longer (e.g. transaction records for HMRC purposes — typically 6 years).
- Uploaded documents — automatically deleted within 24 hours of upload as disclosed in the Service. Scan results derived from your documents may be retained with your account data for the duration of your account.
- Payment records — retained for 6 years from the transaction date in accordance with UK tax law.
- Server logs — typically retained for up to 90 days for security and debugging purposes, then deleted or anonymised.
- A/B test analytics events — retained for up to 180 days from creation, then automatically purged. Anonymous identifiers (“pg_anon_id”) in
localStoragepersist until you clear your browser data; we have no mechanism to remove them remotely. - Guest scan data — processed transiently on our server (not stored). Any copy in your browser's
localStorageis under your control and is deleted automatically when you claim your scan by creating an account.
8. Security
We use technical and organisational measures appropriate to the risk (e.g. access controls, encryption in transit, hashed passwords). No method of transmission or storage is 100% secure.
9. Your rights (UK)
Subject to exemptions, you may have the right to:
- Access, rectify, or erase your personal data.
- Restrict or object to certain processing.
- Data portability where applicable.
- Withdraw consent where processing is consent-based.
- Lodge a complaint with the ICO (www.ico.org.uk).
To exercise rights, contact us at contact@planningguard.co.uk. We may need to verify your identity.
10. Children
The Service is not directed at children under 13 (or higher age if required locally). Do not register if you are under that age.
11. Automated decision-making
The Service may use automated tools to analyse text you provide and produce suggestions. This is assistive software, not a solely automated decision with legal or similarly significant effects under UK GDPR Article 22; you remain responsible for reviewing outputs before use.
12. Changes
We may update this policy. We will post the new version here and adjust the “Last updated” date. Material changes may be communicated by email or an on-site notice where appropriate.
