🛡️ Security & Compliance

Compliance & Security

We take data protection and regulatory compliance seriously. Learn about our security measures, certifications, and commitment to keeping your data safe.

Back to Home

Security Overview

Your data security is our top priority. We implement industry-standard security measures to protect your information and ensure compliance with relevant regulations.

🔒

Data Encryption

All data is encrypted in transit and at rest using AES-256 encryption standards.

🛡️

Access Controls

Multi-factor authentication and role-based access controls protect your account.

Regulatory Compliance

We maintain compliance with key data protection and privacy regulations to ensure your rights are protected and your data is handled responsibly.

GDPR

General Data Protection Regulation

We comply with GDPR requirements for EU users, including data subject rights, lawful processing, and cross-border data transfers.

  • • Right to access, rectification, and erasure
  • • Data portability and processing restrictions
  • • Transparent data processing practices
  • • Appropriate technical and organizational measures
CCPA

California Consumer Privacy Act

California residents have specific rights regarding their personal information under the CCPA and CPRA.

  • • Right to know what personal information is collected
  • • Right to delete personal information
  • • Right to opt-out of data sales
  • • Right to non-discrimination for exercising rights
FERPA

Family Educational Rights and Privacy Act

We support educational institutions in maintaining FERPA compliance for student educational records.

  • • Educational record protection
  • • Parent and student rights
  • • Directory information controls
  • • Institutional compliance support

Data Processing & Storage

Data Processing

  • AI-powered schedule optimization and recommendations
  • Personalized productivity insights and analytics
  • Cross-platform synchronization and backup
  • Service improvement and feature development

Data Storage

  • Secure cloud infrastructure with AWS
  • Geographic data residency options
  • Regular automated backups and disaster recovery
  • Data retention policies and automated deletion

Third-Party Services

We use carefully selected third-party services to enhance our platform. All vendors are vetted for security and compliance standards.

AI & Machine Learning

  • • OpenAI (GPT models for recommendations)
  • • Anthropic (Claude for productivity insights)
  • • Custom AI models for scheduling optimization

Infrastructure & Security

  • • AWS (Cloud hosting and storage)
  • • Vercel (Frontend deployment)
  • • Auth0/Clerk (Authentication services)

Analytics & Monitoring

  • • Google Analytics (Usage analytics)
  • • Sentry (Error monitoring)
  • • LogRocket (User experience monitoring)

Communication

  • • SendGrid (Email notifications)
  • • Twilio (SMS alerts)
  • • Intercom (Customer support)

Data Processing Agreements: All third-party vendors have signed appropriate data processing agreements and maintain compliance with relevant regulations.

Security Measures

Technical Security

  • • End-to-end encryption (AES-256)
  • • TLS 1.3 for data in transit
  • • Regular security audits and penetration testing
  • • Automated vulnerability scanning
  • • Secure code review processes
  • • Container security and image scanning

Operational Security

  • • 24/7 security monitoring
  • • Incident response procedures
  • • Employee security training
  • • Access logging and monitoring
  • • Regular security assessments
  • • Business continuity planning

Your Rights

You have specific rights regarding your personal data. We make it easy to exercise these rights.

Access & Control

  • • View and download your data
  • • Update or correct information
  • • Delete your account and data
  • • Export data in machine-readable format

Processing Control

  • • Opt-out of marketing communications
  • • Control AI processing preferences
  • • Restrict data processing
  • • Object to certain processing activities

Exercise Your Rights: Contact us at contact@planit.sh or use the privacy controls in your account settings.

Incident Response

We have established procedures for responding to security incidents and data breaches.

Detection: Automated monitoring and alerting systems
Assessment: Rapid evaluation of incident scope and impact
Containment: Immediate steps to prevent further damage
Notification: Timely communication to affected users and authorities
Recovery: Restoration of services and prevention of future incidents

Report Security Issues: If you discover a security vulnerability, please report it through our Bug Bounty Program or contact us at contact@planit.sh

Contact Us

Have questions about our compliance practices or security measures? We're here to help.

contact@planit.sh