Legal

Privacy

Last updated: 22 May 2026

1. About this policy

This policy describes how PlanHouse handles personal information. It covers our marketing website at planhouse.ai, the PlanHouse application at app.planhouse.ai, and any communications between you and us in relation to either.

PlanHouse is based in Australia and provides the service to financial advice firms in Australia and New Zealand. It is in private beta — we will update this policy as the service matures and will notify active firms of material changes.

2. Two roles: about you, and about your clients

PlanHouse processes two distinct kinds of personal information, and we play different roles for each. Understanding this split is the most important thing in this policy.

  • Information about you, the adviser or firm using PlanHouse. We are the controller of this information. We decide what we collect about advisers and firms, why we collect it, and how long we keep it. This policy applies in full.
  • Information about your clients that you record in PlanHouse. Your firm is the controller of that information. We process it on your firm's behalf, under your firm's instructions, to deliver the service. Our handling of client information is governed by the agreement between PlanHouse and your firm and by this policy where it sets standards for how we handle personal information generally.

3. What we collect

From visitors to planhouse.ai: your IP address, user agent, the pages you request, and any information you submit through contact or waitlist forms. The marketing site does not set tracking cookies and does not use a third-party analytics provider.

From firms and users of the application: the account details you provide (your name, work email, role, firm name, jurisdiction); information needed to operate the service (sign-in events, session data, audit events, support conversations); and any content you choose to enter about your firm and your clients (client records, fact-finds, file notes, portfolio data, generated advice documents, files you upload).

We do not knowingly collect information from anyone under 16. PlanHouse is a tool for licensed financial advisers and is not directed to children.

4. How we use it

We use this information to provide, secure and improve the service; to communicate with you about your account and material changes to the platform; to investigate suspected abuse, incidents or breaches; and to comply with legal obligations. We do not sell personal information and we do not share it with advertisers.

We may produce aggregated, de-identified usage statistics (for example, "the average firm has X clients") for product and business purposes. Aggregated data is not personal information.

5. AI processing

PlanHouse uses Anthropic's Claude API to power AI features — drafting advice document sections, summarising meeting notes, surfacing review prep, suggesting strategies. Anthropic processes our requests in the United States.

We access Anthropic's API under their commercial terms. Under those terms, Anthropic does not use API inputs or outputs to train or improve their models. Anthropic may retain request and response data for a short period for safety and abuse monitoring as described in their API terms. AI requests are scoped to a single client record — we do not blend client contexts across clients or across firms — and every AI output arrives as a draft for adviser review rather than as advice to a consumer.

For more detail on how AI fits into our processing chain, see our sub-processors page.

6. Where your data is stored

The PlanHouse application, its database and its file storage are located in Australia (Vultr Sydney) and Cloudflare R2's Oceania jurisdiction. Encrypted backups are stored in the same Oceania jurisdiction in a separate bucket. In normal operation your firm's data does not leave Australia or New Zealand, with the two exceptions noted below.

AI requests are processed by Anthropic in the United States as described in section 5. Transactional email — invitations, password resets and similar service emails — is sent through MailerSend; the email content (and the metadata required to deliver it) transits MailerSend's international infrastructure.

Both flows are covered by our agreements with those providers and listed on the sub-processors page.

7. Sharing and sub-processors

We use a short list of trusted infrastructure vendors to operate PlanHouse — hosting, file storage, email delivery, AI inference, DNS. They process information on our behalf, only to the extent needed to provide the service, and under contracts that require appropriate security and confidentiality. The full list, with purpose and region, is published at planhouse.ai/subprocessors.

Before we add or change a sub-processor that processes firm or client personal information, we will notify active firms by email with reasonable notice (we aim for at least 30 days). If your firm reasonably objects on data-protection grounds, we will work with you to find an alternative or, if no alternative is workable, you may terminate the affected service without penalty.

We may also disclose information where we are required to by law, a court order or a lawful authority. We will not volunteer firm or client information beyond what the law requires, and where we are permitted to do so we will tell the affected firm.

8. How long we keep information

We keep account information for as long as your firm uses PlanHouse, and for a limited period afterwards to deal with questions, disputes and our own legal obligations. Once a firm closes its account and any wind-down window has passed, the firm's content is removed from production systems. Residual copies in backups expire on the backup retention cycle (currently 30 days) and are then overwritten.

Audit logs may be kept for longer than the underlying records they describe — they are how we (and you) prove what happened, and Australian privacy and financial-services regulators may require their retention.

9. Your rights

Under the Australian Privacy Act 1988 and the Australian Privacy Principles, and under the New Zealand Privacy Act 2020, you have the right to ask us to:

  • access the personal information we hold about you;
  • correct anything that is wrong or out of date;
  • delete information, subject to our legal obligations to retain certain records;
  • tell you who we've shared it with; and
  • lodge a complaint with us if you think we have not handled your information appropriately.

If your request is about client information held by a firm using PlanHouse, please contact that firm — they are the controller of that information. We will assist the firm with technical aspects of access, correction or deletion where that is the right path.

To make a request, email [email protected]. We aim to respond within 30 days. We do not charge for reasonable requests.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) in Australia or the Office of the Privacy Commissioner (OPC) in New Zealand.

10. Cookies and tracking

The marketing site does not set tracking cookies and does not use a third-party analytics provider. The application uses a small number of strictly necessary cookies for sign-in sessions and security (CSRF protection, session continuity). If we introduce any analytics — first or third party — we will update this notice and surface a clear choice before any tracking starts.

11. Security

We describe our security posture in detail on our security page. In summary: data is encrypted in transit; the database and file storage are encrypted at rest; high-sensitivity fields are additionally encrypted at the application layer; backups are encrypted at the application layer with a separately-held key before they leave the server; two-factor authentication is available and can be enforced firm-wide; access to production systems is restricted, logged and reviewed; and we follow least-privilege principles for both staff and software.

No service can promise perfect security. We do commit to keeping our controls current, to taking reports seriously, and to telling you promptly if something goes wrong (see next section).

12. Data breach notification

If we become aware of a data breach that is likely to result in serious harm to any affected individual, we will notify the affected firm without undue delay — and in any event in time for the firm to comply with its own obligations under the Notifiable Data Breaches scheme (Australian Privacy Act) or the equivalent New Zealand regime. We will also notify the OAIC, the OPC or other authority as required.

Where the breach affects personal information for which we are the controller (information about your firm and its users), we will notify affected individuals directly where required to do so.

13. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top reflects the current version. Material changes to how we collect, use or share personal information will be notified to active firms by email; minor clarifications may be made without notice.

14. Contact

Questions, requests or complaints about this policy can be sent to [email protected].