Privacy Policy

1. Introduction & who we are

PepperPlanner is a staffing-availability planning tool for agencies, consultancies, and delivery teams. It is operated by Peppernode OÜ, a private limited company registered in Estonia (the "company", "we", "us").

We are the data controller for the personal data described in this policy. If you have any questions about how we handle your data, you can reach us at support@pepperplanner.com.

This policy covers data we collect through both the marketing site at pepperplanner.com and the PepperPlanner application at app.pepperplanner.com.

2. What data we collect

We collect personal data in the following categories:

• Account information. When you sign up for PepperPlanner, we collect your name, email address, password (stored hashed, never in plain text), the name of your organisation, and your role within that organisation.
• Team roster and project data. Once you create an account, you and your colleagues can add team members (their names, roles, working hours, time-off, and cost / billable rates if you choose to record them), projects, clients, and the allocations that connect people to projects. This is the operational data the product exists to manage.
• Email correspondence. When you email us at support@pepperplanner.com (the address listed at /contact/), we receive your email address, any name attached to it, and the contents of your message. Emails are delivered to a team inbox and retained for as long as needed to resolve your request.
• Analytics. We use Google Analytics 4 on both the marketing site and the application. This records standard web-analytics events: page views, approximate location (country / city), device type, referrer, and aggregated session data. We do not link analytics data to individual account identifiers.
• Server logs. Our hosting and CDN provider records standard server logs (IP address, timestamp, request URL, user agent) for security, abuse-prevention, and reliability purposes. We do not actively use these logs for marketing.

We do not collect special-category data (race, religion, health, sexual orientation, political opinion), and PepperPlanner is not intended to be used to store such data about the people you manage. Do not enter that kind of information into the product.

3. Cookies and similar technologies

A cookie is a small text file stored on your device when you visit a website. We use cookies for two purposes: to make the site work, and — only with your consent — to measure how it is used. We do not use cookies for advertising, and we do not sell data collected through cookies.

The cookies we may set are:

• Consent cookie (strictly necessary). pp_cookie_consent stores your cookie choice (the value granted or denied) so we don't ask again on every page. It is set on the .pepperplanner.com domain so your choice is shared between this marketing site and the application at app.pepperplanner.com. It lasts up to 180 days. It does not require consent, because the site cannot remember your preference without it.
• Analytics cookies (optional, consent-based). If you accept, Google Analytics 4 sets cookies such as _ga and _ga_<id> to distinguish visitors and sessions and produce aggregated usage statistics. These last up to two years. They are only set after you click "Accept"; the analytics data itself is retained as described in how long we keep data.

We do not load any analytics cookies until you have given consent. If you decline, no analytics cookies are set. If you previously accepted and then change your mind, we disable analytics and remove the _ga* cookies.

Changing your choice. You can change or withdraw your consent at any time by selecting "Cookie preferences" in the footer of any page, which reopens the cookie banner. You can also block or delete cookies through your browser settings, or opt out of Google Analytics specifically using the Google Analytics opt-out add-on.

4. How we use your data

We use the data above for the following purposes:

• To provide the service. Account information, team roster, and project data are necessary to operate the planning, scheduling, and reporting features you sign up for.
• To respond to you. Contact-form submissions are used to reply to your question, bug report, or feedback. We may keep a record of the conversation in our team inbox for context on future questions.
• To keep the service safe and reliable. Server logs and account-activity data are used to detect abuse, prevent fraud, debug problems, and meet our security and operational obligations.
• To improve the product. Aggregated analytics help us understand which features are used, where users get stuck, and where to invest. We do not look at individual users' analytics to make product decisions; we look at trends.
• To send service communications. We may email you about important changes to the service (security incidents, material changes to this policy or our terms, breaking changes to the API). These are not marketing.
• To comply with the law. Where we have a legal obligation to retain or disclose data (tax, anti-fraud, lawful requests from authorities in our jurisdiction), we comply.

We do not sell your personal data, your team roster, or your project data to anyone. We do not use your data to train AI models.

5. Legal basis for processing (GDPR)

If you are in the European Economic Area, the UK, or Switzerland, our legal basis for processing your personal data under the GDPR is one of the following, depending on the purpose:

• Performance of a contract — to deliver the PepperPlanner service you signed up for (account information, roster, projects, allocations).
• Legitimate interests — to keep the service secure and reliable, prevent abuse, and improve the product based on aggregated usage. We have weighed these interests against your rights and freedoms and consider them proportionate.
• Consent — for any optional analytics cookies or marketing emails you opt into. You can withdraw consent at any time.
• Legal obligation — to comply with tax, accounting, anti-fraud, or other laws that apply to us.

6. Who we share data with

We share data only with the third-party processors we need to operate the service, and only the minimum data each needs. Our current sub-processors are:

• Google Analytics — receives anonymised page-view and session events. We use the standard GA4 integration; we do not pass personally identifying account fields. See Google's privacy policy at policies.google.com/privacy; you can opt out via the Google Analytics opt-out add-on or by blocking analytics scripts in your browser.
• Our hosting and CDN provider — hosts the website and application and serves traffic. They receive standard server logs (IP, timestamp, URL, user agent) for the purpose of serving requests and protecting against abuse.
• Our email provider — sends transactional emails (account verification, password resets, service notifications) on our behalf. They receive the recipient address and message contents necessary to deliver each email.

We may also disclose data when we are legally required to do so (for example, in response to a valid subpoena or court order in our jurisdiction), or in the event of a corporate transaction (merger, acquisition, asset sale) where the acquirer agrees to honour this policy.

7. International data transfers

Some of our sub-processors are located outside the European Economic Area, principally in the United States. Where we transfer personal data of EEA / UK / Swiss residents to a country that has not been deemed adequate by the relevant authority, we rely on the European Commission's Standard Contractual Clauses (or the UK / Swiss equivalent) as the safeguard for that transfer. Copies are available on request.

8. How long we keep data

We keep personal data only as long as we need it for the purpose we collected it for:

• Account information, roster, and project data — for the lifetime of your account, plus 90 days after account closure, so that you can recover the account if you change your mind. After 90 days, account data is permanently deleted (excluding records we are legally required to keep, such as billing records, which we retain per local accounting rules — typically 7 years).
• Contact-form submissions — retained in our team inbox per its default retention policy (typically a few years). If you want a specific message deleted, ask — see your rights.
• Analytics — the default Google Analytics 4 retention is 14 months for event-level data. Aggregated reports are retained longer.
• Server logs — retained by our hosting provider for the minimum period needed for security and operational purposes (typically 30–90 days).

9. Your rights

If you are in the EEA, UK, Switzerland, California, or another jurisdiction with comparable rights, you have the right to:

• Access the personal data we hold about you, and receive a copy of it.
• Rectify data that is inaccurate or incomplete.
• Erase data (the "right to be forgotten") in the circumstances allowed by law.
• Restrict our processing of your data while a question is investigated.
• Portability — receive your data in a structured, commonly used format and have it transmitted to another controller.
• Object to processing based on our legitimate interests.
• Withdraw consent at any time, where the processing is based on consent.
• Complain to your local supervisory authority (in the EEA / UK, your national Data Protection Authority).

To exercise any of these rights, email support@pepperplanner.com (with the subject [Privacy] Data rights request if you can). We will respond within 30 days, or sooner where the law requires.

10. Security

We protect your data with technical and organisational measures appropriate to the risk:

• Encryption in transit. All connections to PepperPlanner use TLS 1.2 or higher.
• Encryption at rest. Account databases and backups are encrypted at rest using industry-standard algorithms.
• Access control. Internal access to production systems is restricted to staff who need it for their job, with role-based permissions, individual accounts, and audit logging.
• Regular audits. We review our security posture on a recurring basis, including penetration testing where appropriate.

Despite these measures, no system is 100% secure. If we become aware of a security incident that affects your personal data, we will notify you and the relevant authorities as required by law, without undue delay.

11. Children

PepperPlanner is a tool for professional teams and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact support@pepperplanner.com and we will delete it.

12. Changes to this policy

We may update this policy from time to time. If we make a material change, we will notify account holders by email at least 30 days before the change takes effect, and we will update the "Last updated" date at the top of this page. Continued use of the service after the effective date constitutes acceptance of the updated policy.

Minor changes (typos, clarifications that don't change meaning) are made without separate notice, but always reflected in the "Last updated" date.

13. Contact us

If you have any questions about this policy or how we handle your data, please contact us at:

• Email: support@pepperplanner.com