Planning Guard
HomeStart

Privacy policy

How we handle your personal information when you use Planning Guard.

Last updated: 8 April 2026

1. Who we are

The website and service branded Planning Guard (the “Service”) is operated by Stephane Patteux (“we”, “us”, “our”).

Contact: contact@planningguard.co.uk, Unit 165813, PO Box 7169, Poole, BH15 9EL

For data protection law, we are the controller of personal data described in this policy (unless we state otherwise).

2. Scope

This policy applies to personal data we process through the Service (website, accounts, scans, uploads, payments, and related emails). It does not cover third-party sites we link to (e.g. council planning portals).

3. Data we collect

3.1 Account & authentication

  • Email address, password (stored as a secure hash), optional name.
  • Session / security data via cookies or similar technologies (see our Cookie policy).

3.2 Case & scan content

  • Information you enter about a planning case (e.g. references, concerns, titles) and documents you upload for scanning.
  • Outputs from our tools (e.g. scan results, draft letters) derived from your inputs and our processing.

3.3 Payments

  • If you pay, our payment provider (e.g. Stripe) processes card and billing data. We receive limited transactional metadata needed to fulfil your order (we do not store full card numbers on our servers).

3.4 Technical & usage

  • IP address, browser type, timestamps, and similar logs for security and reliability.
  • If you opt in to analytics or marketing cookies, aggregated usage or campaign data as described in our Cookie policy.

3.5 Communications

  • Emails you send us and messages related to support, password reset, or service notices.
  • If you sign up for our optional newsletter, we store your email address to send occasional updates (for example new blog posts). You can unsubscribe at any time using the link in those emails.
  • If you use the contact form, we process your name, email, and message to respond to your enquiry (legitimate interests). If you opt in, we may also add your email to the newsletter list under consent — see section 4.

4. Purposes and lawful bases (UK GDPR)

We process personal data on these bases:

  • Contract — providing the Service you request (account, scans, paid deliverables).
  • Legitimate interests — securing the Service, debugging, fraud prevention, improving the product, and (where permitted) analytics that do not override your rights.
  • Legal obligation — compliance with law, tax, or regulatory requests.
  • Consent — where required (e.g. non-essential cookies, certain marketing). You may withdraw consent at any time via Cookie settings or by contacting us.

5. Sharing and processors

We may share data with:

  • Infrastructure & email providers (hosting, transactional email).
  • Payment processors (e.g. Stripe) under their terms and privacy notices.
  • AI / document processing services you trigger by using features that send content for analysis or generation — only what is needed to perform that function.
  • Professional advisers or authorities where required by law.

Where required by UK GDPR, we enter into appropriate data processing agreements with processors, requiring them to protect personal data and process it only on our instructions. Major processors such as Stripe and OpenAI operate under their own UK GDPR-compliant data processing terms, which you can review on their respective websites.

6. International transfers

If any processor stores or processes data outside the UK/EEA, we will ensure appropriate safeguards (e.g. UK IDTA / Addendum, EU SCCs, or adequacy regulations) unless a limited exception applies.

7. Retention

  • Account data — held while your account is active. If you delete your account, we delete your personal data within 30 days, except where we are required to retain it longer (e.g. transaction records for HMRC purposes — typically 6 years).
  • Uploaded documents — automatically deleted within 24 hours of upload as disclosed in the Service. Scan results derived from your documents may be retained with your account data for the duration of your account.
  • Payment records — retained for 6 years from the transaction date in accordance with UK tax law.
  • Server logs — typically retained for up to 90 days for security and debugging purposes, then deleted or anonymised.

8. Security

We use technical and organisational measures appropriate to the risk (e.g. access controls, encryption in transit, hashed passwords). No method of transmission or storage is 100% secure.

9. Your rights (UK)

Subject to exemptions, you may have the right to:

  • Access, rectify, or erase your personal data.
  • Restrict or object to certain processing.
  • Data portability where applicable.
  • Withdraw consent where processing is consent-based.
  • Lodge a complaint with the ICO (www.ico.org.uk).

To exercise rights, contact us at contact@planningguard.co.uk. We may need to verify your identity.

10. Children

The Service is not directed at children under 13 (or higher age if required locally). Do not register if you are under that age.

11. Automated decision-making

The Service may use automated tools to analyse text you provide and produce suggestions. This is assistive software, not a solely automated decision with legal or similarly significant effects under UK GDPR Article 22; you remain responsible for reviewing outputs before use.

12. Changes

We may update this policy. We will post the new version here and adjust the “Last updated” date. Material changes may be communicated by email or an on-site notice where appropriate.

13. Related documents