Privacy Policy
Last updated: 18 March 2026
Data Controller
PlanPacer is the data controller for the personal data described in this policy. For any privacy-related queries, contact us at security@planpacer.com.
What data we collect
Merchant data
- Email address, name, and business name
- Billing address and VAT number
- Authentication data (session tokens, 2FA secrets)
Customer data
- Email address and name (provided by the merchant when creating a plan)
- Payment method details (handled entirely by Stripe and never stored by PlanPacer)
Automatically collected data
- IP addresses (for security and audit logging)
- Usage analytics via Google Analytics
Why we collect it (legal basis)
- Contract performance — processing payments, managing instalment plans, and delivering the service you signed up for.
- Legitimate interest — security monitoring, fraud prevention, and service improvement.
- Consent — analytics cookies, which you can accept or decline.
Third parties and sub-processors
| Provider | Purpose |
|---|---|
| Stripe | Payment processing |
| Resend | Transactional email delivery |
| Cloudflare | Hosting and infrastructure |
| Google Analytics | Usage analytics |
Data retention
- Active account data — retained while your account is active.
- Session tokens — 7 days. Magic links expire after 10 minutes.
- Audit logs — retained for 12 months.
- Payment records — retained for 7 years to meet legal and tax obligations.
Your rights (UK GDPR / EU GDPR)
You have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Request erasure of your data
- Data portability (receive your data in a structured format)
- Object to processing based on legitimate interest
- Withdraw consent at any time
To exercise any of these rights, email security@planpacer.com. We will respond within 30 days.
Cookies
| Cookie | Purpose | Duration |
|---|---|---|
| pp_session | Authentication (httpOnly, Secure) | 7 days |
| _ga / _ga_* | Google Analytics | Up to 2 years |
Google Analytics cookies can be declined via the cookie banner. The pp_session cookie is essential for authentication and cannot be disabled while logged in.
International transfers
Your data is processed on Cloudflare's global infrastructure. Stripe and Resend may process data in the United States under Standard Contractual Clauses (SCCs) to ensure adequate protection.
Security
- All data encrypted in transit via TLS
- Cloudflare D1 database encrypted at rest
- Session cookies marked httpOnly and Secure
- Two-factor authentication available for merchant accounts
- Rate limiting on authentication endpoints
- Audit logging for security-sensitive actions
Changes to this policy
We may update this privacy policy from time to time. When we make changes, we will notify merchants via email and update the "last updated" date at the top of this page.
Contact
If you have any questions about this privacy policy or how we handle your data, please contact us at security@planpacer.com.