We do not use cookies to modify prices or services specifically for individual users.
Our website is powered by WordPress. As part of its core functionality, WordPress may set cookies related to login sessions, comments, and content protection (e.g., anti-spam). These are considered strictly necessary. Additional cookies may be placed by plugins or embedded content which are disclosed in our cookie banner.
Under UK law (PECR and UK GDPR), non-essential cookies—including those used for analytics—require your consent before being placed on your device. When you first visit our website, you will be asked to accept or reject these cookies via a cookie consent banner. You can change or withdraw your consent at any time by adjusting your preferences in the banner or clearing cookies from your browser.
If you prefer to control cookies manually, you can update your browser settings. Most browsers allow you to block or delete cookies through the “Help” section. You can also find detailed guidance for major browsers here:
To learn more about cookies and how to manage or delete them, visit: www.allaboutcookies.org
WHERE WE STORE YOUR PERSONAL DATA
Almost all data we store about you is held securely within the UK. However, we work with a number of trusted third-party providers, some of which are based outside the UK or European Economic Area (EEA), to support the delivery of our services, client communication, payment processing, and data storage. In all cases, we take appropriate steps to ensure your data is processed in accordance with applicable data protection legislation, including the UK GDPR and Data Protection Act 2018.
Depending on the services you use, your data may be stored and processed through the following platforms:
GoHighLevel (GHL)
We use GoHighLevel, a secure customer relationship management (CRM) platform, to store client contact data and manage communications such as service updates and email marketing. Data is processed using Amazon Web Services (AWS) and Google Cloud Platform (GCP) infrastructure. All data is encrypted in transit (TLS v1.2+) and at rest (AES256), with regular backups and multiregion redundancy. GHL is GDPR-compliant and participates in the EUUS Data Privacy Framework. You can find more information here:
Microsoft OneDrive
We use Microsoft OneDrive to securely store supplementary client files and documents. OneDrive provides robust privacy, encryption, and compliance controls, including AES256 encryption for data at rest and TLS for data in transit. It supports GDPR response features such as Data Subject Requests, DPIAs, and data residency configurations within Microsoft 365. For more details:
Dropbox
Where applicable, data may be stored via Dropbox. Dropbox encrypts files using AES-256 at rest and uses SSL/TLS encryption (128-bit or higher) during transfer. Dropbox complies with GDPR and offers enterprise-grade access controls.
Google Forms
When collecting data via Google Forms, submissions are protected under Google’s comprehensive privacy framework. Data submitted is stored in our secured Google Workspace environment, protected by end-to-end encryption. Google maintains compliance with GDPR, and their product policies outline content handling, review procedures, and user data rights.
WordPress (Website Platform)
Our website is built using WordPress, which supports data protection compliance by enabling Privacy Policy publishing, cookie consent banners, and user data access features. WordPress also provides integration with GDPR-compliant plugins and tools.
Gravity Forms (Data Collection Plugin)
We use Gravity Forms on our WordPress website to collect user-submitted data (e.g., registrations, surveys). Gravity Forms does not sell or misuse data. It includes built-in GDPR tools such as:
• Consent fields
• Personal data controls (e.g., IP logging settings)
• Compatibility with WordPress data erasure/export tools
We also use a GDPR add-on and limit data retention by auto-deleting form entries after a short period.
• Gravity Forms Privacy Policy
• GDPR Compliance Documentation
Stripe Payments Europe Ltd.
We use Stripe to process payments. While Stripe is based in the EU, data may be transferred to its U.S. parent company. Stripe complies with GDPR and uses Standard Contractual Clauses (SCCs) to ensure lawful data transfers outside the UK and EEA.
Mighty Networks
Our online community is hosted on Mighty Networks, a US-based platform. Use of this platform is optional, and users contract directly with Mighty Networks by accepting their terms. They use SCCs and comply with GDPR where applicable.
• Mighty Networks Privacy Statement
Security of Data Transmission
Please note that while we follow strict security protocols, the transmission of information via the internet is never completely secure. Any data you transmit to us is done at your own risk. Once received, we apply robust security controls to prevent unauthorised access or misuse. Our staff may access personal data securely when working abroad, but data remains stored within the UK/EU.
Your Responsibility
You are responsible for keeping any account passwords or access credentials secure. If you believe your account has been compromised, please notify us immediately.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
• To ensure that content from our site is presented in the most effective manner for you and for your computer.
• Where you have consented to be contacted for such purposes, to provide you with information or services that you request from us or which we feel may interest you.
• To carry out our obligations arising from any contracts entered into between you and us.
• To promote and allow you to participate in any events or features which may offer on our site from time to time, when you choose to do so.
• To notify you about changes to our service.
We do not disclose information about identifiable individuals to advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in L1). We may make use of the personal data we have collected from you to enable us to comply with our advertisers‘ wishes by displaying their advertisement to that target audience.
If we advertise details of job opportunities with our members on our website and you apply for one of the positions, we may ask you to provide further information about yourself so that we, and/or the relevant member, can contact you. These details together with any details you provide in a CV or application form will be treated as confidential and we will not allow employers to see any of your details without your prior consent.
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to third parties:
• If you have given your consent for us to do so for marketing or other specified purposes.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect our rights or property and the safety of our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
MARKETING AND YOUR RIGHTS
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by refusing your consent at the time of collection or at any other time by contacting us at contact@plannex.co.uk.
Our site may, from time to time, contain links to and from the websites of our members, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
ACCESS TO, RETENTION AND DELETION OF INFORMATION
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act and we have 30 days to respond. You also have the right to ask us to erase, amend or limit the use of the data we hold about you. If there is a legitimate and permissible reason why we cannot do this we will explain why.
We have a retention policy which means we do not keep information we hold about you for longer than necessary unless we there is a legal obligation to do so.
More information about your rights can be found Here.
MAKING A COMPLAINT
If for any reason you are not satisfied with our response, you can complain to the supervisory authority
for data protection. In the UK this is:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
0303 123 1113
CHANGES TO OUR PRIVACY POLICY
Any changes we may make to our privacy policy in the future will be updated on this page and, where appropriate, notified to you by email.
TERMS OF USE
For our Terms Of Use please click here.
CONTACT
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to contact@plannex.co.uk
