Founder pricing ends July 1 — lock in $49/mo forever →
Legal

Privacy Policy

Effective Date: April 22, 2026  ·  Operated by Mood Photo & Video

On this page
  1. Overview
  2. Information we collect
  3. Google API data & Limited Use
  4. How we use your information
  5. Third-party services
  6. Data sharing
  7. Retention & deletion
  8. Security
  9. Your rights
  10. Children's privacy
  11. Changes to this policy
  12. Contact us

1. Overview

PlanOS ("we," "our," or "us") is operated by Mood Photo & Video. This Privacy Policy describes how we collect, use, store, and protect information when you use the PlanOS platform at getplanos.com and app.getplanos.com (collectively, the "Service").

By creating an account or using the Service, you agree to the practices described here. If you do not agree, please do not use PlanOS.

We are committed to protecting your privacy and to complying with applicable data protection laws, including the California Consumer Privacy Act (CCPA) and, where applicable, the General Data Protection Regulation (GDPR).

2. Information we collect

Account information

When you register for PlanOS, we collect:

  • Full name and email address
  • Business name and contact information
  • Password (stored as a hashed, salted value — never in plain text)
  • Profile and billing information

Client & event data

As part of using PlanOS to manage your business, you may upload or create:

  • Client names, contact details, and personal information (e.g., event date, venue, guest count)
  • Event timelines, vendor contacts, and coordination notes
  • Documents, templates, and exported files you generate within the platform

This data belongs to you. We act as a data processor on your behalf and process it only to provide the Service.

Google OAuth tokens

If you choose to connect your Google account to PlanOS, we collect and securely store OAuth access and refresh tokens for the following Google API scopes:

  • Google Calendar (calendar.events) — to create Google Meet links on your primary calendar when you click "Add Google Meet" on a PlanOS event, and to display your Google Calendar events in a month-view widget on your PlanOS dashboard so you can see your personal events alongside your scheduled PlanOS events.
  • Google Account email (userinfo.email) — to display which Google account is linked on your PlanOS Settings page.

Connecting your Google account is optional. You may revoke access at any time from your Google Account security settings at myaccount.google.com/permissions.

Usage data

We automatically collect certain technical information when you use the Service, including:

  • IP address, browser type, and operating system
  • Pages visited, features used, and time spent in the app
  • Device type and referring URLs
  • Error logs and performance data

This data is used to improve the Service and diagnose technical issues.

Payment information

PlanOS uses Stripe to process payments. We do not store your full credit card number on our servers. Stripe collects and processes all payment information in accordance with PCI-DSS standards. We receive only a payment token and basic billing details (e.g., last four digits, expiration date) for record-keeping.

3. Google API data & User Data Policy

PlanOS's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We access Google user data only when you explicitly authorize us to do so through Google's OAuth consent flow. Our use of Google user data is governed by the following commitments:

Google Calendar

  • We use the calendar.events scope to create events with attached Google Meet conference links when you explicitly trigger the action within PlanOS (e.g., clicking "Add Google Meet" on a consultation or event).
  • We display your Google Calendar events in a month-view widget on your PlanOS dashboard so you can see your personal events alongside your scheduled PlanOS events. Calendar event data is rendered in your browser and is not persisted in our database — it is discarded when you navigate away.
  • We do not modify or delete calendar events that PlanOS did not create.
  • We do not access Gmail, Drive, Contacts, or any other Google service.
  • Calendar data is not shared with any third party, used for advertising, or combined with data from other services for profiling purposes.

Limited Use disclosure

PlanOS's use of data obtained through Google APIs is limited as follows:

  • We use Google user data only to provide the Calendar and Meet features described above.
  • We do not transfer Google user data to third parties except as needed to provide or improve those features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to you.
  • We do not use Google user data to serve advertisements.
  • We do not use Google user data to develop, improve, or train generalized AI or machine learning models.
  • We do not allow humans to read Google user data except with your explicit consent, for security purposes, to comply with applicable law, or when the data has been aggregated and anonymized.
  • We do not sell or rent Google user data to any party.

Token storage & security

Google OAuth tokens are encrypted at rest using AES-256 encryption and stored securely in our database (hosted on Supabase). Tokens are transmitted over HTTPS only and are never logged or exposed in application logs. Tokens are immediately deleted when you disconnect your Google account or delete your PlanOS account.

4. How we use your information

We use the information we collect to:

  • Provide the Service — create and manage your account, process your events and timelines, and deliver core features.
  • Display calendar events — show Google Calendar events in the month-view widget on your PlanOS dashboard when you authorize this integration.
  • Send emails on your behalf — transmit vendor coordination emails, timeline exports, and client communications that you initiate within PlanOS.
  • Process payments — manage subscriptions and billing via Stripe.
  • Improve the Service — analyze usage patterns to fix bugs, improve performance, and develop new features.
  • Communicate with you — send account notifications, product updates, and support responses. You may opt out of marketing emails at any time.
  • Comply with legal obligations — respond to lawful requests from government authorities where required.

We do not sell your personal data to third parties.

5. Third-party services

We work with trusted third-party service providers to operate PlanOS. These providers have access to your data only to the extent necessary to perform their services and are contractually obligated to protect it.

Supabase

We use Supabase for database hosting and storage. Your account data, event data, and encrypted Google OAuth tokens are stored on Supabase infrastructure. Supabase operates on AWS and complies with SOC 2 Type II and ISO 27001 standards.

Netlify

Our marketing website is hosted on Netlify. Netlify may log visitor IP addresses and browser information as part of its standard web hosting operations.

Stripe

Payment processing is handled by Stripe, Inc. Stripe collects and processes payment card data under PCI-DSS compliance. You can review Stripe's privacy practices at stripe.com/privacy.

Google LLC

When you connect your Google account, you are subject to Google's Privacy Policy in addition to ours. PlanOS's use of Google API data is subject to the Google API Services User Data Policy as stated in Section 3 above.

6. Data sharing

We do not sell your personal information. We do not share your data with third parties for advertising purposes.

We may share your information in the following limited circumstances:

  • Service providers — as described in Section 5, to the extent necessary to operate the Service.
  • Legal compliance — if required by law, court order, or a valid governmental request.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, where user data may be transferred as part of the transaction. We will notify you before your data is subject to a materially different privacy policy.
  • With your consent — in any other circumstances, only with your explicit consent.

We do not share Google user data with third parties except as required to provide the PlanOS Service (i.e., to Supabase for encrypted-token storage). We never share Google user data for advertising or marketing purposes.

7. Data retention & deletion

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data — retained for the lifetime of your account plus 90 days after cancellation to allow for recovery.
  • Event and client data — retained while your account is active; deleted upon account deletion.
  • Google OAuth tokens — deleted from our systems immediately upon disconnecting your Google account or deleting your PlanOS account.
  • Payment records — retained for 7 years to comply with tax and accounting regulations.
  • Usage logs — retained for up to 12 months for security and performance analysis.

Account deletion

You may delete your account at any time by emailing support@getplanos.com or through the account settings in the app. Upon deletion, all your personal data, event data, client data, and Google tokens will be permanently removed from our active systems within 30 days. Anonymized or aggregated data that does not identify you may be retained for analytics purposes.

8. Security

We implement industry-standard security measures to protect your data, including:

  • HTTPS encryption for all data in transit (TLS 1.2+)
  • AES-256 encryption at rest for sensitive data, including OAuth tokens
  • Role-based access controls limiting which team members can access user data
  • Regular security reviews and vulnerability assessments
  • Secure password hashing using bcrypt

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at support@getplanos.com.

9. Your rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your personal data (subject to legal retention requirements).
  • Portability — request a machine-readable export of your data.
  • Restriction — request that we limit how we use your data.
  • Objection — object to certain processing of your data, including direct marketing.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time (including revoking Google OAuth access).

California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising these rights.

To exercise any of these rights, contact us at support@getplanos.com. We will respond within 30 days.

10. Children's privacy

PlanOS is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information immediately. If you believe we have collected information from a child under 13, please contact us at support@getplanos.com.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:

  • Update the "Effective Date" at the top of this page.
  • Send an email notification to registered users.
  • Display a prominent notice within the PlanOS app.

Your continued use of PlanOS after changes become effective constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically.

12. Contact us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have a concern about how we handle your data, please contact us:

PlanOS (operated by Mood Photo & Video)
Email: support@getplanos.com
Website: getplanos.com

We take privacy concerns seriously and will respond to all inquiries within 30 days.