Privacy Policy

Effective date: February 13, 2026 · Last updated: February 13, 2026

Overall summary: We collect only what is needed to run your account and bookings. We do not sell your data. We do not show ads. You can delete everything at any time from your dashboard. We store data in the EU.

1. Who we are

Planned&Go is operated by Dean Wall, based in Ireland. We provide scheduling, day-planning, and client management tools for coaches and their clients.

For GDPR purposes, we are the data controller for coach account data, and a data processor on behalf of coaches for their clients' booking data.

Contact: privacy@plannedgo.com

2. What we collect

If you are a coach (account holder)

Data	Why	Basis
Name, email	Create and manage your account	Contract
Password (hashed)	Secure authentication	Contract
Schedule, tasks, preferences	Core product functionality	Contract
Module data (Task DNA, Momentum, Energy, etc.)	Sync your planning data across devices	Contract
Booking settings, services	Manage your booking page	Contract
IP address	Security, audit logging	Legitimate interest

If you are a client (booking a session)

Data	Why	Basis
Name, email	Confirm your booking, send reminders	Contract
Session notes (optional)	Shared with your coach to prepare	Consent
Mood/pulse responses (optional)	Track your wellbeing between sessions	Consent
Payment data	Processed by Stripe. We never see your card number.	Contract

3. How we use your data

We use your data to operate the product. Specifically:

Provide and maintain your account and features
Send transactional emails (booking confirmations, reminders, session briefs)
Sync your data across devices
Process payments through Stripe
Detect and prevent abuse or security issues

We do not use your data for advertising, profiling, or sale to third parties. We do not display ads in our product.

4. Who we share data with

Service	Purpose	Location
Supabase (PostgreSQL)	Database hosting	EU
Stripe	Payment processing	EU/US (PCI compliant)
Email provider (SMTP)	Transactional emails	Varies
Hosting provider	Server infrastructure	EU/US

We do not sell, rent, or trade personal data. We share data with these providers only as necessary to operate the service.

5. Where we store data

Our primary database is hosted by Supabase in the European Union. Some sub-processors (Stripe, hosting) may process data in the United States under Standard Contractual Clauses (SCCs) or equivalent safeguards.

6. How long we keep data

Data	Retention
Coach accounts	Until you delete your account
Booking records	Until the coach deletes their account
Module sync data	Until you delete your account
Audit logs	90 days, then automatically purged
Payment records	7 years (Irish tax law requirement)

7. Your rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

Access - request a copy of all data we hold about you
Rectification - correct inaccurate data
Erasure - delete your account and all associated data
Portability - receive your data in a structured, machine-readable format
Restriction - limit how we process your data
Objection - object to processing based on legitimate interest
Withdraw consent - for any processing based on consent

How to exercise these rights

Self-service: You can view and delete all your data from your Client Portal dashboard at any time. Account deletion is immediate and permanent.

By email: Contact privacy@plannedgo.com. We will respond within 30 days.

Complaint: You have the right to lodge a complaint with the Irish Data Protection Commission at dataprotection.ie.

8. Security

We protect your data with:

Passwords hashed with bcrypt (never stored in plain text)
HTTPS encryption on all connections
Row Level Security on database tables
Signed authentication tokens (JWT)
Rate limiting on all API endpoints
Audit logging of all data access and modifications

No system is 100% secure. If we discover a data breach affecting your personal data, we will notify you and the Irish Data Protection Commission within 72 hours as required by GDPR Article 33.

9. Cookies

We use only essential cookies, specifically localStorage tokens for keeping you logged in. We do not use tracking cookies, analytics cookies, or advertising cookies. No cookie consent banner is required because we only use strictly necessary storage.

10. Age Restriction

Planned&Go is not intended for use by anyone under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Changes to this policy

We may update this policy from time to time. We will notify you of significant changes by email or through the product. The last updated date at the top always reflects the current version.

12. Contact

For any privacy-related questions or requests:

Dean Wall
Planned&Go
Ireland
privacy@plannedgo.com