Privacy Policy

Last updated: April 2026

At PlanovAI, we take privacy seriously and aim to process only the data necessary to operate the service. This policy explains how we collect, use, store, share, and delete data, including how we handle authorization data when you connect external sources such as Google Search Console and GitHub.

1. Data We Collect

We may collect the following categories of data:

  • account information you provide, such as email address, name, or profile image;
  • project materials, chats, tasks, outputs, deliverables, and project memories you create inside the product;
  • external source metadata that you choose to connect, such as GitHub repository identifiers, Google Search Console property identifiers, sync timestamps, summaries, and signal events;
  • authorization data required to maintain external connections, such as access tokens, refresh tokens, granted scopes, and expiration timestamps;
  • basic operational and security logs, such as error logs, access times, and browser or device metadata, for troubleshooting, auditing, and abuse prevention.

2. How We Use Data

We use this data only to:

  • provide PlanovAI's project management, collaboration, memory, judgment, and notification features;
  • access authorized external source data after you explicitly initiate a connection, and use that data as part of project context for summaries, risk signals, stage judgments, and management conclusions;
  • maintain sessions, protect account security, investigate failures, prevent abuse, and improve service reliability.

3. Google User Data and External Source Data

When you connect Google Search Console, we may access Google user data within the scope you authorize, including:

  • your Google account basic identity information, such as email address and public profile data;
  • the list of Search Console properties you can access and their permission level;
  • search performance data for the property you choose to bind to a project, including queries, pages, clicks, impressions, CTR, average position, and related trends.

When you connect GitHub, we may access account and repository data within the scope you authorize, such as account identifiers, accessible repositories, commits, pull requests, workflow status, and synchronization events.

We use this external data only for the user-facing functionality you explicitly trigger, including project input ingestion, ongoing sync, notifications, short-term summaries, long-term memory consolidation, and project judgments. We do not sell Google user data or other external-source data to third parties, and we do not use your private data to train generalized AI models without your explicit consent.

4. Storage and Security

We use reasonable technical and organizational measures to protect data, including:

  • encryption in transit;
  • encrypted storage for project-level external source credentials;
  • minimal retention of sync results, summaries, and status metadata necessary to operate the service;
  • access controls over logs and operational data used for security and troubleshooting.

No method of internet transmission or electronic storage is completely secure, but we work to reduce risk and limit access.

5. Third Parties and Data Sharing

We do not sell your personal data. We share only the minimum necessary data with service providers when needed to operate the service, including:

  • Google, to perform OAuth authorization and access Search Console data after you grant consent;
  • GitHub, to perform OAuth authorization and access repository-related data after you grant consent;
  • model, storage, logging, monitoring, and infrastructure providers to the extent necessary to deliver PlanovAI's functionality.

These providers may process data only to the extent needed to provide their services.

6. Retention, Disconnection, and Deletion

We retain data only as long as reasonably necessary for the purposes described in this policy, including:

  • account and project data while your account remains active;
  • external connection data while a connection remains active and is needed for future synchronization or state recovery;
  • historical summaries, notifications, and memory records for a reasonable period after disconnection if needed to preserve project continuity.

If you delete a project, remove inputs, disconnect an external source, or request deletion, we will delete or anonymize applicable data within a reasonable period unless retention is required for legal obligations, security review, or dispute handling.

7. Your Controls

You may manage the following through the product or by contacting us:

  • connect or disconnect external sources;
  • delete projects, inputs, outputs, and some historical records;
  • request deletion of account-related data or external connection information.

If you want to revoke Google or GitHub access, you can also do so directly from the relevant platform's account security settings.

8. Contact

If you have questions about this Privacy Policy, our data handling practices, or a deletion request, please contact [email protected].

PlanovAI Privacy Policy