Privacy Notice (Beta)
Last updated: 7 July 2025
This notice explains how Actuaplan (“we”, “us”) handles your personal data when you visit actuaplan.com or use our services. We are the data controller under European data‑protection law (GDPR, Art. 4(7)) and can be reached at privacy@actuaplan.com.
We keep this short and easy-to-read so you can quickly understand what happens to your data.
1. Data we collect & why
| Data category | Typical contents | Purpose | Legal basis (GDPR) |
|---|---|---|---|
| Account data | Google Account ID, email, display name (optional) | Manage your account; keep you signed in | Art. 6(1)(b) Contract |
| Scenario data (not stored) | Inputs you enter; processed temporarily in memory only | Provide real-time calculations | Art. 6(1)(b) Contract |
| Payment data | Stripe customer ID, plan, invoices, card’s last 4 digits | Process payments and meet legal obligations | Art. 6(1)(b) Contract; Art. 6(1)(c) Legal obligation |
| Usage & log data | IP address, browser info, timestamps, error traces | Operate and secure Actuaplan | Art. 6(1)(f) Legitimate interest |
We never sell your personal data. We do not use data for targeted advertising or run analytics or tracking cookies.
2. Sharing & third-party processors
We share data only with trusted providers who help deliver Actuaplan:
| Provider | Role | Data protection safeguards |
|---|---|---|
| Google Cloud Platform | Hosting (EU) & compute | Data Processing Addendum + Standard Contractual Clauses (SCCs) |
| Stripe, Inc. | Payments processing | Stripe DPA + SCCs |
3. International transfers
Some providers are based outside the European Economic Area (e.g., the U.S.). Personal data transfers use the European Commission’s Standard Contractual Clauses (GDPR Art. 46(2)(c)) and TLS encryption. Core account data are always stored within the EU.
4. Data retention periods
- Scenario data: Not stored — discarded immediately after each calculation.
- Account & billing records: 10 years (legal requirement).
- Server logs: 30 days, then anonymized or deleted.
You can delete your account anytime via Settings → Delete account. All data linked to your account is removed within 30 days, except legally required billing records.
5. Your rights (GDPR)
You have the right to:
- Access your personal data (Art. 15).
- Correct inaccurate or incomplete data (Art. 16).
- Delete your data (“right to be forgotten”, Art. 17).
- Restrict or object to processing (Art. 18, Art. 21).
- Export your data in a portable format (Art. 20).
To exercise these rights, contact privacy@actuaplan.com. We respond within one month.
6. Changes to this notice
We may update this Privacy Notice occasionally. Significant changes will be communicated to registered users at least 30 days in advance and updated on actuaplan.com/privacy.
7. Contact us
Questions or feedback about privacy? Email privacy@actuaplan.com.
Privacy by design
At most Actuaplan tiers (Core & Enhanced), data stays exclusively in your browser—no personal data leaves your device. For Pro and higher tiers, we use end-to-end encryption to protect your data.