Privacy Policy

Definitions

For purposes of this Privacy Policy, the following terms have the meanings below:

• PlanniX: a SaaS platform for professionals and businesses to manage social media accounts and related workflows (planning/scheduling, publishing, analytics, inbox management, reporting, SmartLinks), available via PlanniX’s website and any associated applications (if any).

• Company / Provider / “we”: the legal entity that owns and operates PlanniX.

• User / Administrator: a professional or company using PlanniX to manage their own social accounts and/or those of third parties (clients).

• Brand / Workspace: a logical container in PlanniX for connected accounts, content, assets, analytics data, settings, and team members.

• Third-Party Platforms: external services integrated with PlanniX via API (e.g., Meta/Facebook/Instagram/Threads, TikTok, YouTube, LinkedIn, X, Pinterest, Google, etc.).

• Personal Data: information that identifies or can reasonably identify an individual (depending on applicable law).

1. Data Controller

The data controller responsible for processing your Personal Data is:

Controller: PlanniX
Address: 151 Liberty st, Little Ferry, NJ
Support Email: SUPPORT@PLANNIX.ME
Privacy Contact: PRIVACY@PLANNIX.ME

If you are in a jurisdiction requiring a Data Protection Officer (DPO) or representative, include:
DPO/Representative: [NAME / EMAIL] (if applicable)

2. Personal Data We Collect

We collect Personal Data in the following contexts:

2.1 Account Registration & Login

• Name (optional or required depending on your signup flow)

• Email address

• Password (stored hashed/encrypted; we do not store plain passwords)

• Authentication logs (login timestamps, device/browser info, IP address)

If you use social login (optional feature), the social provider may share:

• Email address

• Name / profile image (if provided)

• Unique account identifier

2.2 Brand/Workspace & Team Management

• Brand/workspace name and configuration

• Team member emails, roles, permissions

• Invitations sent (invite email, date/time, status)

2.3 Connected Third-Party Social Accounts (OAuth)

When you connect a Third-Party Platform:

• Account identifiers (e.g., page ID, account ID)

• Display name/username

• Granted permissions/scopes

• Access tokens/refresh tokens (stored encrypted where applicable)

• Token expiry and connection status

2.4 Content, Scheduling, and Publishing

• Posts you create (text, media references, links, metadata)

• Scheduled times, target platforms, publishing results

• Publishing logs and error messages (e.g., API response codes)

2.5 Analytics & Insights

Depending on the platform and permissions granted, we may collect/store:

• Engagement metrics (views, likes, comments, shares, followers)

• Performance time series and aggregated analytics

• Post-level stats if supported by the Third-Party Platform

2.6 Inbox / Messages / Comments (If Enabled)

If your Plan and platform permissions allow inbox functionality:

• Message/comment content and metadata (sender name/username, timestamps)

• Thread states (read/unread/resolved)

• Moderation actions (hide/delete/reply), where supported

Note: availability depends on Third-Party API capabilities.

2.7 Billing & Payments (Stripe)

• Billing details (name/company, billing address, tax info if applicable)

• Subscription status, invoices/receipts

• Payment method tokens handled by Stripe (we do not store full card numbers)

2.8 Support & Contact Requests

• Name, email

• Message content and attachments (if any)

• Support interaction metadata

2.9 Marketing (Optional)

• Email engagement (opens/clicks) if you subscribe to updates

• Preference settings (opt-in/opt-out)

3. Purposes and Legal Bases (Where Required)

We process Personal Data for the following purposes:

3.1 Provide and Operate the Service

• Create and manage accounts

• Authenticate users and secure access

• Provide features per Plan (scheduler, analytics, inbox, reporting, SmartLinks)
  Legal basis: performance of a contract (or legitimate interests where applicable)

3.2 Connect and Maintain Third-Party Integrations

• Enable OAuth connection

• Refresh tokens, maintain connection status

• Execute publishing, analytics retrieval, inbox management through APIs
  Legal basis: performance of a contract; your instructions/consent via connection flow

3.3 Billing, Payments, and Account Administration

• Process subscriptions via Stripe

• Send invoices/receipts and payment-related notifications
  Legal basis: contract; legal obligation (accounting/tax)

3.4 Customer Support and Communications

• Respond to requests and troubleshoot issues
  Legal basis: legitimate interests; contract

3.5 Security, Fraud Prevention, and Abuse Monitoring

• Prevent unauthorized access

• Detect suspicious behavior, spam, API abuse

• Maintain audit logs
  Legal basis: legitimate interests; legal obligation (where applicable)

3.6 Product Improvement and Analytics

• Understand feature usage to improve PlanniX (aggregate/anonymous where possible)
  Legal basis: legitimate interests

3.7 Marketing Communications (Optional)

• Send product updates, tips, offers
  Legal basis: consent where required; legitimate interest for existing customers where allowed
  You can opt out at any time via unsubscribe link or account settings.

4. Data Retention

We keep Personal Data only as long as needed for the purposes described above, including:

• Account data: for as long as your account is active; after deletion we delete/anonymize unless retention is required.

• Billing records: retained as required by accounting/tax laws.

• Security logs: retained for a limited period to protect the service.

• Social analytics: retained according to your Plan limits and retention settings.

• Connected tokens: retained only while integration is active; removed upon disconnection where possible.

When data is no longer needed, we delete, anonymize, or securely destroy it.

5. Sharing and Disclosure of Personal Data

We do not sell your Personal Data.

We may share data with:

5.1 Service Providers (Processors)

We use third-party vendors to operate PlanniX, such as:

• Stripe (payments and subscriptions)

• Brevo (transactional emails, notifications)

• Hosting/infrastructure providers (e.g., cloud hosting, storage)

• Monitoring/logging tools (for reliability and security)

These providers process data under contractual obligations and only as needed to provide their services.

5.2 Third-Party Platforms You Connect

When you connect a social platform, PlanniX exchanges data with that platform to perform requested actions (publishing, retrieving insights, inbox management) as permitted by your granted permissions.

5.3 Legal and Safety

We may disclose information if required by law, court order, or to protect rights, safety, and security (fraud prevention, abuse, enforcement of Terms).

6. International Data Transfers

PlanniX may process and store data in countries other than where you live, depending on our providers and hosting.

Where required by law (e.g., GDPR), we use appropriate safeguards for international transfers (such as Standard Contractual Clauses) and take steps to ensure an adequate level of protection.

7. Your Rights

Depending on your location, you may have rights such as:

• Access your Personal Data

• Correct inaccurate data

• Delete your data

• Restrict or object to processing

• Data portability

• Withdraw consent (where processing is based on consent)

You can exercise your rights by contacting: PRIVACY@PLANNIX.ME
We may request verification before responding.

If you are in the EEA/UK, you may have the right to lodge a complaint with your supervisory authority.

8. Security

We implement reasonable technical and organizational measures to protect Personal Data, which may include:

• Encryption of sensitive credentials/tokens

• Access controls and role-based permissions

• Audit logs

• Secure password hashing

• Rate-limiting and abuse controls

No method of transmission or storage is 100% secure, but we work to protect your information.

9. Accuracy and Updates

You can update certain account details in your profile settings. If you need help, contact support.

10. Confidentiality

PlanniX personnel and contractors with access to Personal Data are bound by confidentiality obligations and access is limited to what is necessary.

11. Cookies and Tracking Technologies

PlanniX may use cookies and similar technologies to:

• Keep you signed in

• Remember preferences

• Analyze usage and improve performance

• Prevent fraud

For details, see our Cookie Policy:
Where required, we obtain consent before using non-essential cookies.

12. Data Processing Roles (Controller vs. Processor)

This section matters a lot for a platform like PlanniX:

12.1 When We Act as a Controller

For your Administrator account data (your email, login, billing, and platform usage), PlanniX acts as a Data Controller (we decide purposes and means).

12.2 When We Act as a Processor

When you use PlanniX to manage a client’s social presence, you may access and process third-party data (e.g., messages/comments, usernames, analytics). In those cases:

• You (Administrator) may be the Controller of that client/audience data, because you decide why/how it is processed.

• PlanniX acts as a Processor, processing that data on your behalf to provide the service.

If needed, PlanniX can provide a Data Processing Addendum (DPA) upon request: LEGAL@PLANNIX.ME.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify you via the platform or email. Continued use after the effective date means you accept the updated policy.

14. Contact

Privacy inquiries: PRIVACY@PLANNIX.ME
Support: SUPPORT@PLANNIX.ME
Legal: LEGAL@PLANNIX.ME

15. Effective Date

Last Updated: [DATE]