PRIVACY POLICY

1. INTRODUCTION

Proper Planning ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered business plan generation service (the "Service").

We understand the importance of your personal information and are committed to processing it responsibly and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

2. INFORMATION WE COLLECT

We collect several types of information from and about users of our Service:

2.1 Personal Information

• Account Information: When you create an account, we collect your email address, name, and password.
• Payment Information: When you purchase credits, we collect payment information, including credit card details, billing address, and transaction history. Note that actual payment processing is handled by our third-party payment processor, Stripe.
• Business Plan Content: We collect the information you provide to generate your business plans, which may include business details, financial projections, market analysis, and other related information.
• Communications: If you contact us directly, we may collect additional information you provide in your communications.

2.2 Usage Information

• Log Data: We automatically collect information that your browser sends whenever you visit our Service, including your IP address, browser type, browser version, pages visited, time and date of your visit, time spent on those pages, and other statistics.
• Device Information: We collect information about the device you use to access our Service, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
• Usage Analytics: We collect information about how you interact with our Service, including the features you use, the actions you take, and the time, frequency, and duration of your activities.

2.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier. For more details, please see our Cookie Policy section below.

3. HOW WE USE YOUR INFORMATION

We use the information we collect for various purposes, including to:

• Provide, maintain, and improve our Service
• Process transactions and manage your account
• Generate business plans based on your inputs
• Send you technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and requests
• Monitor usage patterns and analyze trends to enhance user experience
• Detect, prevent, and address technical issues
• Comply with legal obligations
• Protect the rights, property, or safety of Proper Planning, our users, or the public

4. DATA STORAGE AND SECURITY

4.1 Data Storage

We store your information on secure servers and in secure cloud storage solutions. We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

4.2 Data Security

We implement appropriate technical and organizational measures to protect the security, confidentiality, and integrity of your personal information. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

4.3 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and the relevant authorities as required by applicable law.

5. THIRD-PARTY PROVIDERS

We work with various third-party service providers to facilitate our Service. These providers have access to your information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.

5.1 Our Key Third-Party Providers

• Supabase: Used for authentication and database services. Supabase Privacy Policy
• OpenAI: Provides the AI technology used to generate business plan content. OpenAI Privacy Policy
• Stripe: Processes payments and manages billing information. Stripe Privacy Policy
• Vercel: Hosts our website and application. Vercel Privacy Policy
• Google Analytics: Helps us analyze how users use our Service. Google Privacy Policy
• Hotjar: Provides analytics to understand user behavior on our website. Hotjar Privacy Policy

5.2 Data Sharing Limitations

We do not sell your personal information to third parties. We may share your information with third parties only in the following circumstances:

• With your consent
• To comply with legal obligations
• To protect and defend our rights and property
• To prevent or investigate possible wrongdoing in connection with the Service
• With service providers who assist us in operating our Service
• In connection with a merger, sale of company assets, financing, or acquisition

6. COOKIE POLICY

6.1 Types of Cookies We Use

• Essential Cookies: Necessary for the operation of our Service, such as cookies that enable you to log into secure areas.
• Analytical/Performance Cookies: Allow us to recognize and count the number of visitors and see how visitors move around our Service. These help us improve how our Service works.
• Functionality Cookies: Used to recognize you when you return to our Service, enabling us to personalize our content and remember your preferences.
• Targeting Cookies: Record your visit to our Service, the pages you have visited, and the links you have followed. We use this information to make our Service more relevant to your interests.

6.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse all or some cookies, or to alert you when websites set or access cookies. However, if you disable or refuse cookies, please note that some parts of our Service may become inaccessible or not function properly.

6.3 Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages. These third parties may use cookies, web beacons, and similar technologies to collect information about your use of our Service. This information may be used by these third parties to analyze and track data, determine the popularity of certain content, and better understand your online activity.

7. USER RIGHTS

Depending on your location, you may have certain rights regarding your personal information. These may include:

7.1 Access and Information

You have the right to request information about the personal data we hold about you and to access a copy of your personal data.

7.2 Correction

You have the right to request that we correct inaccurate or incomplete personal information about you.

7.3 Deletion

You have the right to request that we delete certain personal information we hold about you.

7.4 Restriction of Processing

You have the right to request that we restrict the processing of your personal information under certain circumstances.

7.5 Data Portability

You have the right to receive a copy of your personal information in a structured, commonly used, and machine-readable format.

7.6 Objection

You have the right to object to our processing of your personal information under certain circumstances.

7.7 Withdrawal of Consent

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time.

7.8 How to Exercise Your Rights

To exercise any of these rights, please contact us using the contact information provided at the end of this Privacy Policy. We will respond to your request within the timeframe required by applicable law.

8. CHILDREN'S PRIVACY

Our Service is not intended for individuals under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we take steps to remove that information from our servers.

9. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it there.

9.1 EU-US Data Transfers

For users in the European Economic Area (EEA), we ensure that your personal data is protected when transferred outside the EEA. We rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission for data transfers to third countries.

10. GDPR COMPLIANCE

For users in the European Economic Area (EEA), we process your personal information in compliance with the GDPR:

10.1 Legal Basis for Processing

We process your personal information based on one of the following legal grounds:

• Consent: You have given us consent to process your personal information for specific purposes.
• Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: Processing is necessary for the purposes of our legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms.

10.2 Data Protection Rights

In addition to the rights outlined in the User Rights section, EEA users have the right to lodge a complaint with a supervisory authority.

11. CCPA COMPLIANCE

For California residents, we comply with the California Consumer Privacy Act (CCPA):

11.1 Categories of Personal Information Collected

In the past 12 months, we have collected the categories of personal information described in Section 2 of this Privacy Policy.

11.2 Categories of Sources

We collect personal information directly from you, automatically through your use of our Service, and from third-party service providers.

11.3 Business or Commercial Purpose

We collect personal information for the business purposes described in Section 3 of this Privacy Policy.

11.4 Categories of Third Parties

We share personal information with the categories of third parties described in Section 5 of this Privacy Policy.

11.5 Sale of Personal Information

We do not sell personal information as defined by the CCPA.

11.6 California Consumer Rights

California residents have the right to:

• Request information about the personal information we collect about you and how we use and disclose it
• Request deletion of your personal information
• Opt-out of the sale of your personal information
• Not be discriminated against for exercising your rights under the CCPA

12. POLICY UPDATES

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. If we make material changes to this Privacy Policy, we will notify you either through the email address you have provided us or by placing a prominent notice on our website.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. CONTACT INFORMATION

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Proper Planning
Email: plannetbusiness@gmail.com
Address: 124-128 City Road, London, EC1V 2NX, United Kingdom
Attention: Privacy Officer

14. ADDITIONAL INFORMATION

14.1 Do Not Track Signals

Some browsers have a "Do Not Track" feature that lets you tell websites that you do not want to have your online activities tracked. We currently do not respond to "Do Not Track" signals.

14.2 Links to Other Websites

Our Service may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.