My Planium

Privacy Policy

×

A plain-language record of what Planium collects, why it is used, where it goes, and how it is deleted.

Updated July 15, 2026

1. Scope and operator

This Privacy Policy describes how My Planium handles information in the Planium website, web application, and iOS application, including the service available at myplanium.com.

Questions and privacy requests can be sent to privacy@myplanium.com.

2. Information Planium collects

  • Account and authentication data: display name, user name, email address, password hash, account dates, and, if you use Sign in with Apple, the Apple account identifier, Apple-provided name or email, and whether Apple reports a private relay address.
  • Workspace data: vision boards, cards, goals, projects, roadmaps, checklists, checklist items, notes, descriptions, quotes, progress, activity, app settings, and AI-generated results you keep in the workspace.
  • Files and images: images you upload or generate, together with file type, size, ownership, integrity hash, and creation or update dates.
  • Collaboration and safety data: friends, requests, invitations, people with whom an item is shared, collaborator roles, shared cards and projects, direct messages, blocked-account relationships, message moderation results, and reports you submit about accounts or messages.
  • Device and notification data: push token, notification permission, locale, app version and build, runtime, device registration state, and recent activity or delivery timestamps.
  • AI request data: the prompt or voice transcript you submit, the card, project, checklist, roadmap, or workspace context needed to answer it, the generated response, and limited usage records such as feature, model, month, and card identifier.
  • Security data: short-lived verification and password reset records, request time and route, and hashed IP or account identifiers used for rate limiting and abuse prevention.
  • Operational data: account and subscription state, feature names, paywall and notification interactions, app version, request identifiers, response status, latency, token totals, estimated AI cost, storage totals, and administrative support actions. Operational events do not include the text of your private projects, cards, checklists, or messages.
  • On-device data: the web app and iOS app keep a local workspace cache, theme and sync preferences, limited signed-in user details, and, on iPhone, voice-command transcripts waiting to sync while offline.

3. Microphone and speech recognition

Planium asks for microphone and speech-recognition permission only when you use voice commands. The device or browser converts speech to text. Planium sends the resulting transcript, not a stored audio recording, to its server so Zenith can propose project and checklist changes.

On Apple devices, speech recognition may be processed by Apple under Apple’s terms and device settings. An offline transcript remains on that iPhone until it is processed or discarded.

4. How Planium uses information

  • Create and secure accounts, maintain sessions, verify email addresses, and recover account access.
  • Store, sync, display, search, and back up the workspace and files you choose to keep.
  • Operate friends, sharing, collaboration, messages, and notifications.
  • Generate the AI result you request, enforce feature limits, and prevent repeated or abusive use.
  • Filter clearly prohibited message content, enforce blocks, investigate reports, protect users, and respond to safety concerns.
  • Diagnose failures, measure app performance, protect Planium and its users, and comply with legal obligations.
  • Respond to support, privacy, security, and legal requests.
  • Operate Murmillo, Planium’s restricted internal control console, to diagnose account problems, reconcile access, monitor service health and costs, send notifications, and keep an audit history of support actions.

5. Who receives information

Planium does not sell personal information, serve behaviorally targeted ads, or use your workspace for cross-app tracking. Information is disclosed only as described below.

  • MongoDB stores account records, workspace content, image ownership and integrity metadata, collaboration records, messages, notification registrations, and usage records for Planium.
  • Cloudflare R2 stores the binary files for images you upload or generate. The bucket is private. Planium does not expose R2 credentials or public object URLs; a signed-in request must pass Planium’s ownership or collaboration authorization before the server reads and returns an image.
  • Vercel hosts the website and server functions. Its infrastructure may process network and request data. Vercel Speed Insights receives page route, browser, device type, operating system, country, network speed, Web Vitals, SDK version, event time, and performance attribution. Planium does not configure Speed Insights to associate this data with a named user or IP address.
  • Murmillo is Planium’s restricted internal operations service. It receives a stable Planium account identifier, subscription state, feature and paywall events, notification interactions, request status, latency, model and token totals, estimated AI cost, and support audit information. Murmillo uses scoped access to Planium’s MongoDB records for support and operational reporting. Private workspace or message text is not copied into product analytics events.
  • OpenAI receives a prompt and the relevant Planium context only after you give explicit permission and invoke an AI feature such as Zenith analysis, project or roadmap generation, voice-command interpretation, motivation, or image generation. You can withdraw this permission in Settings. OpenAI states that API data is not used to train its models by default; its standard abuse-monitoring logs may be retained for up to 30 days unless different controls apply.
  • Resend receives the destination email address and the verification, password-reset, or other transactional email content required to deliver that message.
  • Apple receives Sign in with Apple requests, push tokens and notification payloads sent through Apple Push Notification service, device speech-recognition requests, and information your Apple device supplies to those services.
  • Other Planium users receive the profile details, shared content, collaborator information, invitations, and messages you intentionally make available to them.
  • Authorities, advisers, or transaction parties may receive limited information when required by law, needed to protect rights and safety, or necessary for a legitimate business transfer subject to appropriate safeguards.

6. Trials and payments

A new Planium account receives 14 days of full AI access. After that account-level trial ends, paid access is required for AI features; the non-AI workspace remains available as described in the app.

Apple processes subscription purchases made in the iOS app through in-app purchase. Stripe processes subscription checkout on the web. These providers receive the purchase, payment method, billing, tax, storefront, transaction, and subscription information required to process and manage the payment under their own privacy terms. Planium receives identifiers and status information such as customer, product, transaction, subscription, renewal, cancellation, currency, price, and period dates. Planium does not receive or store a complete payment-card number.

7. Retention

  • Account, workspace, file metadata, privately stored Cloudflare R2 image objects, sharing, friendship, message, device, and AI-usage records are kept while the account exists or as needed to provide the feature.
  • Email verification, password-reset, profile-verification, and rate-limit records are short-lived and are designed to expire or become unusable automatically.
  • An offline voice transcript stays on that iPhone until it is processed, discarded, or the local app data is cleared.
  • When Planium sends data to a provider, that provider applies its own service settings and retention rules. For example, OpenAI states that standard API abuse-monitoring logs may be kept for up to 30 days.
  • Open safety reports and a limited snapshot of a reported message may be retained while Planium investigates abuse and for a reasonable period needed to prevent repeat abuse, resolve disputes, or meet legal obligations. Access is restricted to safety and enforcement purposes.
  • Planium may retain a narrowly limited record when law, security, fraud prevention, dispute resolution, or enforcement requires it. Any retained record is restricted to that purpose and kept only as long as necessary.
  • Operational product events are normally retained for up to 180 days, API request logs for up to 30 days, service alerts for up to 90 days, notification delivery records for up to 180 days, and administrative support audit records for up to one year unless a longer period is needed for security, billing, dispute, or legal obligations.

8. Account deletion and privacy choices

A signed-in user can open Settings, choose Delete Account, review the deletion summary, and confirm permanent deletion inside Planium. The deletion removes the user record, workspace state, owned files, owned shared content, invitations, friend requests and links, messages, blocks created by that user, push registrations, AI image usage, motivation-claim history, and active verification or reset records. It also removes that user from content owned by collaborators and clears the local Planium cache on the device used for deletion.

A user can withdraw OpenAI processing permission in Settings without deleting the Planium account. New prompts and project context will not be sent to OpenAI after withdrawal unless permission is granted again.

When an Apple-linked user deletes from the iPhone app, Planium asks for Apple confirmation and requests revocation of the Sign in with Apple authorization before removing the Planium account.

Deleting a Planium account does not automatically erase content that another user independently copied outside Planium, records a processor must retain under its own legal obligations, or information already disclosed under a valid legal requirement.

The public Privacy Choices page explains access, correction, and deletion options without requiring a login.

9. International processing

The providers listed above may process data in countries other than the one where you live. Planium relies on the provider’s applicable contractual and legal transfer safeguards where required.

10. Security

Planium uses access controls, authenticated routes, password hashing, rate limits, a private Cloudflare R2 bucket, per-image ownership and collaboration checks, provider security controls, and transport encryption designed to protect information. No internet service can guarantee absolute security.

Murmillo support changes use a signed server-to-server connection rather than exposing database credentials to an administrator’s browser. Administrative changes require a reason and are recorded in an audit history.

11. Children

Planium is not directed to children under 13 and does not knowingly collect personal information from children under 13. Contact privacy@myplanium.com if you believe a child has submitted information improperly.

12. Changes and contact

Planium may update this policy as the service changes. Material updates will be posted at this URL with a revised date.

For access, correction, deletion, export, objection, restriction, or other privacy requests, contact privacy@myplanium.com. Legal questions may be sent to legal@myplanium.com. Safety reports and urgent abuse concerns may be sent to safety@myplanium.com.

© 2026 My Planium
Terms of UsePrivacy Choices