Planami — Terms of Service

Effective date: November 11, 2025

1. Introduction

Welcome to Planami ("Planami", "we", "our", "us"). These Terms of Service ("Terms") govern your access to and use of our website, applications, and services (collectively, the "Service"). By creating an account or using the Service, you agree to these Terms. If you do not agree, do not use the Service.

2. Who we are

Planami is developed and operated from the European Union. Our goal is to provide a private, secure, and customizable personal planning and journaling experience.

3. Eligibility

You must be at least 16 years old (or the age of digital consent in your country, if higher) to use the Service. By using the Service, you represent that you meet this requirement and that you can enter into a binding contract.

4. Your account

  • You must provide a valid email address to create an account. You may sign up using email/password or by choosing to sign in with Google (an optional authentication method).
  • You are responsible for maintaining the confidentiality of your login credentials and for all activity under your account.
  • If you choose Google Sign-In, you authorize Google to share your email address, name, and profile picture with us for authentication purposes only. This is optional; you can use email/password instead.
  • Notify us promptly of any suspected unauthorized use of your account.

5. Privacy and data protection

Our Privacy Policy explains how we handle your information and protect your privacy. It is incorporated by reference into these Terms. By using the Service, you also agree to our Privacy Policy.

6. Security and encryption

  • Client-side encryption: Your planner content is encrypted on your device before it is sent to our servers using an envelope-based encryption system. A Data Encryption Key (DEK) encrypts your content, and the DEK is wrapped (encrypted) using a Key Encryption Key (KEK) derived from your passphrase or recovery key. The encryption key never leaves your device in an unencrypted form. We store only encrypted data blobs and wrapped encryption keys (envelopes).
  • Encryption algorithms: We use the Web Crypto API with AES‑GCM (256-bit) for content encryption. KEKs are derived from your passphrase or recovery key using PBKDF2‑SHA‑256 with 100,000 iterations for key derivation.
  • Session persistence: For convenience during your browser session, the DEK may be temporarily stored in your browser's sessionStorage (cleared when you close the browser) to allow seamless access without re-entering your passphrase on page refreshes within the same session.
  • Recovery keys: You may create recovery keys as backups. Recovery keys are stored as encrypted envelopes in your account and can be used to unlock your data if you lose your passphrase. Recovery keys are shown once during creation; you must save them securely.
  • Limits: While we implement strong security, no method is 100% secure. You are responsible for choosing a strong passphrase (minimum 8 characters), keeping it safe, and securely storing any recovery keys you create. If you lose both your passphrase and all recovery keys, we cannot decrypt your data.

7. Content and acceptable use

  • Your Content: You retain all rights to your content. You grant us a limited, non-exclusive, revocable right to store encrypted versions of your content solely to provide the Service.
  • Prohibited uses: You agree not to use the Service to violate laws, infringe intellectual property, distribute malware, harass, or engage in activities that could harm the Service or other users.
  • Backups: We recommend keeping your own backups. While we employ reasonable safeguards, we do not guarantee against data loss.

8. Third-party services

  • Supabase: We use Supabase as our backend infrastructure and data host (EU region). Supabase acts as our data processor.
  • Payments (if applicable): For paid subscriptions, we use Stripe to process payments. Payment details are handled by Stripe; we do not store your full payment card details.
  • Google (authentication): If you choose to sign in with Google, Google provides authentication services. Google shares your email address, name, and profile picture with us for authentication purposes only. This is an optional authentication method; you can use email/password instead. Google's handling of your information is governed by Google's Privacy Policy and Terms of Service. You can revoke access at any time through your Google account settings.
  • Optional integrations: If you choose to enable integrations (e.g., Google Calendar sync), you authorize us to access that third-party service strictly to provide the chosen feature. You can revoke access at any time via the third party.

9. Subscriptions and billing (if applicable)

  • Plans: Some features may require a paid subscription. Plan details and pricing are shown at checkout.
  • Trials and cancellations: If a trial is offered, you may cancel before it ends to avoid charges. Subscriptions renew automatically until cancelled.
  • Refunds: Except where required by law, all fees are non-refundable once the billing period begins.

10. Intellectual property

The Service, including its software, design, and branding, is owned by us and protected by applicable intellectual property laws. You may not copy, modify, distribute, or create derivative works based on the Service except as expressly allowed by these Terms or applicable law.

11. Service availability and changes

We aim to provide a fast and reliable service, but uptime is not guaranteed. We may modify, suspend, or discontinue the Service (or any features) with reasonable notice where feasible.

12. Disclaimers

The Service is provided "as is" and "as available" without warranties of any kind, express or implied, including fitness for a particular purpose, non-infringement, and availability. We do not warrant that the Service will be error-free or uninterrupted.

13. Limitation of liability

To the maximum extent permitted by law, we will not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of data, profits, revenue, or business, arising from or related to your use of the Service. Our total liability for any claim shall not exceed the amounts you paid to us in the 12 months preceding the claim (or €0 if you used the free plan).

14. Indemnification

You agree to indemnify and hold us harmless from any claims, liabilities, damages, and expenses (including reasonable legal fees) arising from your misuse of the Service, your content, or your breach of these Terms.

15. Termination

You may stop using the Service at any time. We may suspend or terminate your access if you materially breach these Terms, create risk or legal exposure for us, or engage in prohibited conduct. Upon termination, your right to access the Service ceases. Subject to our data retention obligations and your requests, we will delete account data as described in the Privacy Policy.

You may delete your account and all associated data at any time by navigating to the Security tab in your Profile page. This will permanently remove your account, all planner entries, preferences, and other data from our servers. Any active subscriptions will be canceled immediately upon account deletion. This action cannot be undone.

16. Governing law and venue

If you are located in the EU/EEA, these Terms are governed by the laws of your EU member state of residence, and mandatory consumer protections apply. Otherwise, these Terms are governed by the laws of the European Union and applicable member state law, without regard to conflict of laws. Any disputes will be resolved in the competent courts of an EU member state, unless otherwise required by mandatory law.

17. Changes to these Terms

We may update these Terms from time to time. If changes are material, we will provide reasonable notice (e.g., via in-app notice or email). Continued use after the effective date constitutes acceptance of the updated Terms.

18. Contact

If you have questions about these Terms, please contact us via email: support@planami.app.