Privacy Policy

Last updated: April 2026

ContentPlan ("we," "us," or "our") operates the ContentPlan platform, a web-based content management and collection tool designed for digital agencies and their clients. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website and services.

By accessing or using ContentPlan, you agree to the practices described in this policy. If you do not agree with this policy, please do not use our services.

Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third-party sources.

Information you provide:

  • Account information — your name, email address, and password when you create an account or are invited to join an organization.
  • Organization data — organization name, team member details, and role assignments configured by agency administrators.
  • Project content — page content, files, images, comments, and any other materials you or your clients upload or create within the platform.
  • Communications — messages you send to us via email or through our support channels.
  • Billing information — payment details processed through our third-party payment provider (we do not store full credit card numbers).

Information collected automatically:

  • Usage data — pages visited, features used, timestamps, and interaction patterns within the application.
  • Device information — browser type, operating system, screen resolution, and device identifiers.
  • Log data — IP addresses, access times, referring URLs, and server logs generated during your use of the platform.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the ContentPlan platform and its features.
  • Process account registration, authentication, and authorization across organizations and projects.
  • Send transactional emails including invitations, due date reminders, content notifications, and status updates.
  • Process payments and manage subscriptions through our billing infrastructure.
  • Respond to your support requests, questions, and feedback.
  • Monitor and analyze usage trends to improve user experience and platform reliability.
  • Detect, prevent, and address security incidents, fraud, or technical issues.
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information to third parties. We do not use your project content to train machine learning models or for purposes unrelated to providing our services to you.

Data Storage & Security

Your data is stored on infrastructure provided by Supabase, which hosts our PostgreSQL database and file storage. Supabase infrastructure is hosted on Amazon Web Services (AWS) in the US-East-1 region. All data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256 encryption.

We implement row-level security (RLS) policies at the database level to ensure that users can only access data belonging to their organizations and projects. Authentication tokens are validated on every API request, and all file storage uses scoped access controls.

While we take reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly notifying affected users in the event of a data breach in accordance with applicable laws.

Third-Party Services

We rely on trusted third-party services to operate the ContentPlan platform. These providers have access to your information only to perform services on our behalf and are obligated not to disclose or use it for other purposes.

  • Supabase — database hosting, user authentication, and file storage. Supabase processes and stores your account data, project content, and uploaded files.
  • Stripe— payment processing. Stripe handles all payment card data and billing transactions. We do not store your full payment card information on our servers. Stripe's privacy policy governs how they handle your payment data.
  • Resend — transactional email delivery. Resend processes recipient email addresses and email content for sending invitations, due date reminders, and notification emails on our behalf.
  • Vercel — application hosting and content delivery for our web frontend.

We may also use analytics services to help us understand platform usage. Any such services process data in accordance with their own privacy policies.

Cookies

ContentPlan uses cookies and similar technologies for the following purposes:

  • Authentication cookies — to keep you signed in and maintain your session across page loads. These are essential for the platform to function.
  • Preference cookies — to remember your settings, such as sidebar state or view preferences.
  • Analytics cookies — to understand how visitors interact with our marketing site and platform. These help us improve our services.

You can control cookie preferences through your browser settings. Disabling essential cookies may prevent you from using certain features of the platform, including authentication.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that we correct inaccurate or incomplete personal data.
  • Deletion — request that we delete your personal data, subject to certain legal exceptions.
  • Portability — request a machine-readable copy of your data for transfer to another service.
  • Objection — object to our processing of your personal data in certain circumstances.
  • Restriction — request that we restrict the processing of your personal data while we address your concerns.

To exercise any of these rights, please contact us at privacy@contentplan.io. We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

If you are a client who was invited to ContentPlan by an agency, some of your data is managed by that agency's organization. You may need to contact the agency directly for certain data requests related to project content they administer.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specifically:

  • Account data — retained until you or your organization administrator deletes the account.
  • Project content and files— retained for the duration of the organization's subscription. When an organization is deleted, all associated projects, pages, files, and comments are permanently removed within 30 days.
  • Log and usage data — retained for up to 12 months for security and analytics purposes, then automatically purged.
  • Billing records — retained as required by applicable tax and accounting regulations, typically for 7 years.

After account deletion, we may retain certain information in anonymized or aggregated form for analytical purposes, where such data cannot be used to identify you.

Children's Privacy

ContentPlan is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe that a child under 16 has provided us with personal information, please contact us at privacy@contentplan.io.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on this page and updating the "Last updated" date at the top.

For significant changes that affect how we process your personal data, we will also provide notice through the platform (such as an in-app notification) or via email. We encourage you to review this policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@contentplan.io

We will make every effort to resolve your inquiry promptly and transparently.