1.Scope
This Privacy Policy describes how PlanCheckNow, Inc. ("PlanCheckNow, " "we," "us") collects, uses, and shares personal information when you use planchecknow.com and the PlanCheckNow application (collectively, the "Service"). It applies to information collected from individuals interacting with the Service in a personal capacity and to information about individual users of business customer accounts.
2.Information We Collect
Account & identity data
When you create an account, we collect your name, email address, password (hashed), workspace name, and role within a workspace. If you sign in via Google, we receive the basic profile fields you authorize.
Billing data
When you subscribe, our payment processor Stripe collects your payment-card details directly; we receive a tokenized representation and metadata such as the last four digits, brand, billing email, and country. We never see or store your full card number, CVV, or PIN.
Project & drawing data
When you upload architectural or structural drawings, surveys, specifications, and related documents, we store those files in encrypted object storage to run the plan-review engine. These files may contain project addresses, owner names, designer names, and other identifying information embedded in the drawings.
Usage & technical data
We collect log data necessary to operate the Service, including IP address, browser type, device identifiers, pages visited, feature interactions, error reports, and performance metrics.
Communications data
If you contact support, we keep the contents of your message and any attachments long enough to respond and to improve our documentation.
3.How We Use Information
We use personal information to:
- provide, maintain, and improve the Service;
- run the plan-review engine on the drawings you submit and deliver corrections back to you;
- authenticate you and protect your account;
- process payments and manage subscriptions through Stripe;
- send transactional emails (review complete, submittal ready, billing receipts) and, only if you opt in, product announcements;
- detect and prevent fraud, abuse, and unauthorized access;
- comply with legal obligations and respond to lawful requests from authorities.
We do not sell personal information, and we do not use your drawings or project data to train any foundation model or AI system that is offered to other customers.
4.Sub-Processors
We share information with the following sub-processors, each under contractual data-protection terms appropriate to their role:
| Sub-Processor | Purpose | Location |
|---|---|---|
| Anthropic, PBC | AI inference for plan-review engine (Claude API) | United States |
| Supabase, Inc. | Database, authentication, and file storage | United States |
| Vercel Inc. | Application hosting and content delivery | United States |
| Stripe, Inc. | Subscription billing and payment processing | United States |
| Functional Software, Inc. (Sentry) | Application error and performance monitoring | United States |
| Resend, Inc. | Transactional email delivery | United States |
| Upstash, Inc. | Rate-limiting and abuse prevention | United States |
5.Cookies and Similar Technologies
We use a small number of strictly necessary cookies to keep you signed in and to maintain your session. We do not use advertising cookies, cross-site tracking, or third-party analytics that profile users. Where we use product analytics, we use privacy-friendly, cookieless solutions.
6.Data Retention
We retain personal information for as long as your account is active. When you delete your account, we delete or anonymize your personal data within thirty (30) days, except where we must retain it to comply with law, resolve disputes, or enforce our agreements. Encrypted backups containing your data are rotated and purged within ninety (90) days of account deletion.
7.Security
We use industry-standard technical and organizational measures to protect personal data, including encryption in transit (TLS 1.2+) and at rest, role-scoped database access policies, hardware-backed credential storage, rate limiting, web application firewall, and continuous error monitoring. No system is perfectly secure; if you discover a vulnerability, please email security@planchecknow.com.
8.Your Rights
Depending on where you live, you may have the following rights:
- Access — request a copy of the personal data we hold about you;
- Correction — ask us to fix inaccurate or incomplete data;
- Deletion — ask us to delete your personal data (subject to legal retention requirements);
- Portability — receive your data in a machine-readable format;
- Objection / restriction — object to certain processing or ask us to restrict it;
- Withdraw consent — where processing is based on consent, withdraw it at any time.
California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what we collect, the right to delete, and the right not to be discriminated against for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising, so the right to opt-out of sale/sharing under CCPA does not generally apply, but you may still submit a request to confirm. To exercise any right, email privacy@planchecknow.com.
9.International Data Transfers
Our sub-processors are primarily located in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States. Where required by law, we rely on appropriate transfer mechanisms such as Standard Contractual Clauses.
10.Children
The Service is not directed to children under sixteen (16) and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.
11.Changes
We may update this Policy from time to time. If we make a material change, we will notify you by email or via in-product notice. The "Last updated" date at the top reflects the most recent revision.
12.Contact Us
For privacy questions or to exercise your rights: privacy@planchecknow.com. For security disclosures: security@planchecknow.com.
Note: This Privacy Policy template covers common US/EU privacy obligations for a small SaaS. It is not legal advice. Before launching in regulated jurisdictions or selling into enterprise customers, have an attorney review and adapt this to your specific data flows.
