🧪 You’re using an early version of PlanningForge — things might break, but that’s part of the fun!

Privacy Policy

Last updated: October 23, 2025

1. Introduction

PlanningForge ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our agile planning and estimation platform.

2. Information We Collect

2.1 Personal Information

We collect information you provide directly to us, including:

  • Account Information: Name, email address, password, and profile information
  • Organization Data: Company name, role, and team affiliations
  • Planning Session Data: User stories, estimations, votes, and session participants
  • Communication Data: Messages, comments, and feedback within the platform

2.2 Automatically Collected Information

  • Usage Data: How you interact with our service, features used, and session duration
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Log Data: Server logs, error reports, and performance metrics
  • Cookies and Tracking: Session cookies, preferences, and analytics data

2.3 AI and Machine Learning Data

When AI features are enabled, we may collect and process:

  • Story content and descriptions for analysis and estimation suggestions
  • Session participation patterns and team dynamics data
  • Historical estimation accuracy and performance metrics
  • Anonymized and aggregated data for model training and improvement

3. How We Use Your Information

3.1 Service Provision

  • Provide, operate, and maintain our planning platform
  • Process transactions and manage subscriptions
  • Enable collaboration between team members
  • Facilitate planning sessions and story estimation

3.2 AI-Powered Features

  • Analyze user stories for complexity and risk assessment
  • Generate estimation suggestions based on historical data
  • Provide team performance insights and recommendations
  • Improve our AI models and algorithms (with anonymized data)

3.3 Communication and Support

  • Send service-related notifications and updates
  • Respond to customer support inquiries
  • Provide onboarding and training materials

3.4 Analytics and Improvement

  • Monitor and analyze usage patterns and trends
  • Improve our service functionality and user experience
  • Develop new features and capabilities
  • Ensure security and prevent fraud

4. Information Sharing and Disclosure

4.1 Within Your Organization

Information is shared with other members of your organization as necessary for collaboration, including team members, administrators, and other authorized users.

4.2 Service Providers

We may share information with third-party service providers who assist us in:

  • Cloud hosting and infrastructure (AWS, Google Cloud, etc.)
  • AI and machine learning services (OpenAI, Anthropic, etc.)
  • Analytics and monitoring tools
  • Customer support and communication platforms
  • Payment processing and billing services

4.3 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal process or government requests
  • Protect our rights, property, or safety
  • Investigate potential violations of our terms
  • Prevent fraud or security threats

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. AI and Third-Party Processing

5.1 AI Provider Integration

When you enable AI features, certain data may be processed by external AI providers:

  • OpenAI: Story content for analysis and estimation suggestions
  • Anthropic: Team performance data for insights generation
  • Local Processing: Some analysis may be performed on our own infrastructure

5.2 Privacy Controls

You can control AI data sharing through privacy mode settings:

  • Standard: Standard privacy protection with external AI processing
  • Enhanced: Minimal data sharing with anonymization
  • Strict: No data shared with external AI providers

6. Data Security

6.1 Technical Safeguards

  • Encryption in transit and at rest using industry-standard protocols
  • Secure authentication and access controls
  • Regular security audits and vulnerability assessments
  • Network security and intrusion detection systems

6.2 Access Controls

  • Role-based access permissions within organizations
  • Multi-factor authentication support
  • Session management and timeout controls
  • Audit logging of data access and modifications

7. Data Retention

7.1 Retention Periods

  • Account Data: Retained while your account is active
  • Planning Session Data: Retained according to your organization's settings (30 days to 1 year)
  • AI Training Data: Anonymized data may be retained longer for model improvement
  • Log Data: Typically retained for 90 days for security and debugging

7.2 Data Deletion

You can request deletion of your data at any time. Upon account closure, personal data is deleted within 30 days, except where retention is required by law.

8. Your Rights and Choices

8.1 Access and Portability

  • View and download your personal information
  • Export your planning session data
  • Request copies of information we hold about you

8.2 Correction and Deletion

  • Update your account information and preferences
  • Request correction of inaccurate data
  • Delete your account and associated data

8.3 Privacy Controls

  • Configure AI privacy mode settings
  • Control data sharing within your organization
  • Manage communication preferences
  • Opt out of non-essential data processing

9. International Data Transfers

Your information may be processed and stored in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard contractual clauses approved by relevant authorities
  • Privacy framework certifications (EU-US Privacy Framework, etc.)
  • Adequacy decisions by data protection authorities

10. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us immediately.

11. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected and how it's used
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights

12. GDPR Compliance

For users in the European Union, we comply with the General Data Protection Regulation (GDPR):

  • Lawful basis for processing (consent, contract performance, legitimate interests)
  • Data subject rights (access, rectification, erasure, portability, objection)
  • Data protection by design and by default
  • Prompt breach notification procedures

13. Cookies and Tracking Technologies

13.1 Types of Cookies

  • Essential Cookies: Required for basic functionality and security
  • Performance Cookies: Help us understand how you use our service
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Provide insights into usage patterns

13.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our service.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Providing in-app notifications

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@planningforge.com

Data Protection Officer: dpo@planningforge.com

Address: [Your Company Address]

16. Effective Date

This Privacy Policy is effective as of October 23, 2025 and applies to all information collected by PlanningForge.