Welcome to Planifly!
Let us show you around our powerful planning tools. This quick tour will help you get the most out of our platform.
GDPR Compliance
We are committed to protecting your privacy and complying with the General Data Protection Regulation
Our Commitment to GDPR
Planning Permission AI is fully committed to complying with the General Data Protection Regulation (GDPR) and UK GDPR. We respect your privacy rights and have implemented comprehensive measures to ensure your personal data is processed lawfully, fairly, and transparently.
This page explains how we comply with GDPR principles and outlines your rights as a data subject under this regulation.
Data Controller Information
Company Name: Planning Permission AI Ltd
Registered Address: London, United Kingdom
Data Protection Officer: dpo@planifli.com
Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
Right to Access
You have the right to request a copy of all personal data we hold about you.
Right to Rectification
You can request that we correct any inaccurate or incomplete personal data.
Right to Erasure
You can request that we delete your personal data in certain circumstances.
Right to Restriction
You can request that we restrict the processing of your personal data.
Right to Data Portability
You can request a copy of your data in a structured, machine-readable format.
Right to Object
You can object to certain types of processing, including direct marketing.
How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us using one of the following methods:
- •Email: privacy@planifli.com
- •Account Settings: Manage your preferences directly in your account settings
- •Support Portal: Submit a request through our contact form
Response Time: We will respond to your request within 30 days. If your request is complex or we receive multiple requests, we may extend this period by a further 60 days, and we will inform you if this is the case.
Data Protection Principles
We adhere to all GDPR data protection principles:
Lawful Basis for Processing
We only process your personal data when we have a lawful basis to do so, such as your consent, contractual necessity, legal obligation, or legitimate interests.
Data Minimization
We only collect personal data that is necessary for the purposes we have told you about and limit the amount of information we collect.
Purpose Limitation
We only use your personal data for the purposes we collected it for, unless we reasonably consider that we need it for another reason that is compatible.
Storage Limitation
We only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including legal or reporting requirements.
Accuracy
We take reasonable steps to ensure that your personal data is accurate, complete, and up-to-date.
Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and accidental loss.
Data Processing Activities
We process personal data for the following purposes:
Service Provision
Lawful Basis: Contractual necessity
Processing your planning permission queries, storing your projects, and providing analysis tools.
Account Management
Lawful Basis: Contractual necessity
Managing your user account, authentication, and preferences.
Communications
Lawful Basis: Consent and legitimate interests
Sending service updates, newsletters, and marketing communications (where you have consented).
Analytics and Improvements
Lawful Basis: Legitimate interests
Analyzing usage patterns to improve our service and develop new features.
International Data Transfers
Your personal data is primarily stored and processed within the UK and European Economic Area (EEA). If we transfer data outside these regions, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions by the European Commission
- Privacy Shield certification (where applicable)
Data Breach Notification
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours
- Inform affected individuals without undue delay
- Provide clear information about the breach and steps being taken
- Recommend measures to mitigate potential harm
Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the relevant supervisory authority:
UK Supervisory Authority: Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113
We're Here to Help
If you have any questions about how we process your personal data or want to exercise any of your GDPR rights, please don't hesitate to contact us:
privacy@planifli.com →Last updated: October 2025