Privacy Policy

Last updated: 2 December 2025

1. Overview

These Privacy Policy terms describe how BO Gastro Services s.r.o., Kaprova 42/14, 110 00 Praha 1, IČO: 24165590 (“we”, “us”) processes personal data of users of Planelo – including the website planelo.app, mobile and desktop apps, and related APIs.

By using Planelo, you agree to the processing of your data in accordance with this Privacy Policy.

2. Data We Collect

2.1 Account Data

When you create an account, we may collect:

  • Email address
  • Name or nickname (if provided)
  • Password (stored only as a secure hash)
  • Basic preferences and settings

2.2 Subscription & Payment Data

If you purchase a paid plan (e.g. Planelo Pro), we may process:

  • Type and status of your subscription
  • Technical transaction identifiers from payment providers (e.g. Apple)

We do not store your full payment card details. Payments are processed by third-party providers (e.g. Apple App Store, Stripe) under their own terms.

2.3 Content in Planelo (Projects & Ideas)

Within Planelo you can store project names, descriptions, ideas, notes, tags, priorities, statuses and other content you voluntarily enter.

This content is stored in an encrypted form (typically using AES-256). We access it only to operate and secure the service (e.g. sync between devices, backups) – never for advertising or selling to third parties.

2.4 API Keys & Integrations

Planelo allows you to generate API keys to connect third-party tools and AI agents. For this we store:

  • Generated API keys (secured, not stored in plain text)
  • Key name and optional description
  • Metadata such as creation date and last usage

API keys provide access to your data. Keep them private and revoke them immediately if you suspect misuse.

2.5 Technical & Diagnostic Data

We may automatically collect technical data such as:

  • IP address, device type, OS version, browser type
  • Timestamps of requests and error logs
  • Aggregated usage statistics (where possible in anonymized form)

This helps us keep Planelo secure, fix bugs and improve performance.

2.6 Cookies

On planelo.app we may use cookies or similar technologies for:

  • Basic website functionality
  • Anonymous analytics and performance

You can control cookies in your browser settings. Where required, we will show a cookie banner with more details.

3. Why We Process Your Data

We process personal data for the following purposes:

  • To create and manage your Planelo account
  • To provide and improve the Planelo service
  • To sync your content between devices
  • To manage subscriptions and billing
  • To protect the service from abuse and security threats
  • To comply with legal and accounting obligations
  • To communicate about important changes or service updates

4. Legal Bases (GDPR)

Under the GDPR, we rely on the following legal bases:

  • Performance of a contract – operating your account, providing Planelo and paid plans.
  • Legitimate interest – improving the service, security, preventing misuse, basic analytics.
  • Legal obligation – accounting and tax duties, storing invoices.
  • Consent – optional newsletters or certain cookies (where required).

5. Data Retention

We store personal data only for as long as necessary for the purposes described above:

  • Account data – for the lifetime of your account and for a reasonable period after deletion, unless law requires longer retention.
  • Content in Planelo – as long as your account is active; it is removed after account deletion (with a short technical delay in backups).
  • Subscription and billing data – for the period required by law (typically up to 10 years for accounting records).
  • Technical logs – usually for weeks to months, unless longer storage is needed for security reasons.

6. Sharing Your Data

We do not sell your personal data. We may share it only with:

  • Hosting and infrastructure providers (servers, databases, backups)
  • Analytics and diagnostic service providers
  • Payment service providers (e.g. Apple, Stripe)
  • Accountants, tax advisors and legal representatives
  • Public authorities where required by law

All processors are bound by confidentiality and data protection obligations.

7. Transfers Outside the EU/EEA

Some service providers may be located outside the EU/EEA. In such cases we ensure an adequate level of protection, for example through adequacy decisions by the European Commission or Standard Contractual Clauses (SCCs).

8. Security

We take technical and organisational measures to protect your data, including:

  • Encryption of stored content (AES-256 or similar)
  • Encrypted transport (HTTPS/TLS)
  • Restricted access to servers and databases
  • Secure password hashing
  • Monitoring for suspicious activity

No system can be 100% secure. Please keep your password and API keys private and use strong, unique credentials.

9. Your Rights

Under applicable data protection laws (including GDPR), you have rights such as:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interest
  • Right to withdraw consent (where processing is based on consent)

You can exercise these rights by contacting us at support@planelo.app.

You also have the right to lodge a complaint with a supervisory authority. In the Czech Republic this is the Office for Personal Data Protection (www.uoou.cz).

10. Controller Contact Details

Data controller:

BO Gastro Services s.r.o.
Kaprova 42/14
110 00 Praha 1
IČO: 24165590
Email: support@planelo.app

11. Changes to This Policy

We may update this Privacy Policy from time to time. The current version is always available at planelo.app/privacy. If we make significant changes, we may notify you by email or in the app.