Privacy Policy

1. Who We Are

Planr is operated by Planr (“we”, “us”). Our contact email is hello@getplanr.co.uk. This policy explains how we collect, use and protect your personal data in accordance with the UK GDPR and the Data Protection Act 2018.

2. Data We Collect About You

When you create an account and use Planr we collect:

• Account data: email address, business name, trade, selected councils
• Profile data: phone number, website URL, business logo (if uploaded)
• Usage data: letters generated, leads viewed, leads marked as sent
• Website content: if you provide a website URL, we fetch and process content from it to generate a business description

3. Planning Application Data

We collect planning application data from publicly accessible council websites. This data includes applicant names, site addresses and proposal descriptions as submitted to local planning authorities. This data is in the public domain. We do not enrich or combine it with other personal data sources.

4. How We Use Your Data

• To provide and maintain the Planr service
• To generate personalised outreach letters using AI
• To personalise your lead feed based on your trade and council preferences
• To communicate with you about your account or the service
• To improve the service based on aggregated usage patterns

5. Legal Basis for Processing

We process your data on the basis of contract (to provide the service you signed up for) and legitimate interests (to improve the service and prevent misuse). Where you have provided optional data such as your website or logo, we process this on the basis of your consent.

6. Data Sharing

We do not sell your personal data. We share data only with:

• Anthropic: letter generation is powered by the Claude API. Text content from your profile and the planning application is sent to Anthropic for processing. See anthropic.com/privacy.
• Railway: our hosting provider stores your account data and the planning application database. See railway.app/legal/privacy.

7. Data Retention

We retain your account data for as long as your account is active. If you close your account, we will delete your personal data within 30 days, except where we are required to retain it by law. Planning application data is retained indefinitely as it is public domain information.

8. Your Rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Request deletion of your personal data
• Object to or restrict processing of your data
• Data portability

To exercise any of these rights, email hello@getplanr.co.uk. We will respond within 30 days.

9. Cookies

We use a single session cookie to keep you logged in. We do not use third-party tracking cookies or analytics cookies.

10. Security

Passwords are stored as SHA-256 hashes. All data is transmitted over HTTPS. Our database is hosted on Railway's infrastructure with access controls in place.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email. Continued use of the service after changes constitutes acceptance of the updated policy.