Planto’s Privacy Statement

Keeping you and your data safe and secure

Posted: December 11, 2017 (v1.0)

1. Introduction

Planto (hereby also referred to as ‘we’ and ‘us’) is a software as a service (SaaS) platform that offers account aggregation, automated budget data aggregation and portfolio visualization via a mobile application. Security and safety of our clients’ data and information is top priority. We explain here how we handle and protect your information. This was also constructed in accordance to the Laws of Hong Kong and the Personal Data (Privacy) Ordinance ("The Ordinance"). This Privacy Policy explains why and the way we will collect and use your data and the measures being, and to be, taken to ensure that your data stays secure and confidential.

2. Our Privacy Principles

Planto builds its business on trust between our customers and us. To preserve the confidentiality of all personal data you provide to us, we maintain the following privacy principles:

  1. We do not collect any personal data that links any data on the Planto mobile interface to your personal identity
  2. We maintain strict security systems designed to prevent unauthorised access to your personal data by anyone, including our staff
  3. All members of the Planto team who are permitted access to any data are specifically required to observe our confidentiality obligations
  4. We will not disclose your personal data to any external organisation unless we (i) have your consent or (ii) are required by law or (iii) have previously informed you

By maintaining our commitment to these principles, we at Planto will ensure that we respect the inherent trust that you place in us.

3. Data we collect

We want to be clear about what information we collect and how we use it to deliver our Services to you, improve your financial life, operate our business, and help make our Services useful, more intelligent, and work better for you. We do not sell or share your Personal Information with third parties for their own commercial uses without your consent.

3a. Types of Information We Collect:

  1. Information you provide us: In connection with accessing our Services, we do not collect information from you which can be used to identify you ("Personal Information"), such as your email address, HKID or Passport number. We leverage iOS’s and Android’s built in biometric authentication tools to provide end users added security to ensure no authorized access to Planto application can be made. The user is provided an option to store their banking credentials on their device encrypted with a security key stored in Planto’s server. This encrypted key is used to unlock your banking credentials when user logs in Planto’s mobile area to refresh user’s financial data. Planto reserves no rights whatsoever to store or collect your banking credentials in our server or store any information then what is stated within this Privacy Policy.

  2. Information we get from your use of the Services: Planto may record certain non-personal information such as application usage and browsing activity, application activity (such as UI elements). Along with cookies, Planto may also use third-party tracking technologies, such as Mixpanel and Google Analytics, to record similar information regarding you and your activity on the Planto application. We may grant access to your data and information to certain trusted third party services providers that we work with, but only to perform the service on our behalf with restricted access to customer data and information on a need-to-know basis only, and in compliance with this Privacy Statement.

  3. Information that we collect from Financial Institutions: Where you use the Services to access your financial account(s) with Financial Institution(s), we will retrieve and collect the following information about your financial account ("Financial Account Data") with that Financial Institution for the purpose of providing the Services to you:

    1. financial account details
      1. Account Description like "HKD Savings"
      2. Currency for the account
      3. Balance for general accounts & Total Portfolio balance for Investment and MPF accounts
      4. Payment due date for Credit Card accounts
      5. Credit Limit for Credit Card accounts

    2. transactions details per account from (a)
      1. Transaction amount
      2. Date
      3. Description
      4. Currency
Any changes to the collection of financial information from the institutions will be communicated to the user by way of notification through the application and changes to this privacy policy.

4. Use of your data and information

4a. Our Data Principles
We use the Financial Account Data & Personal Information in order to deliver the Planto service you have subscribed to. We will maintain such data as strictly confidential and will not sell, lease or distribute the same to any third party (other than certain trusted third party service providers involved in the operations of our business and performing services on our behalf, with restricted access to customer data and information, on a need-to-know basis only, and in compliance with this Privacy Statement) without your documented approval, unless we are required or requested to do so by law or any regulatory authority for the jurisdiction that we operate in. For the avoidance of doubt, Financial Account Data & Personal Information for this purpose does not include information that is aggregated with similar data from other users to produce Metadata as described below, or is otherwise no longer identifiable to any specific Planto user.

4b. Metadata
For the purpose of producing statistical collective data amongst Planto users (“Metadata”), we may aggregate your Personal Financial Data together with similar data from other Planto users. Metadata will be produced in such a manner that the underlying data will be no longer identifiable to any specific user. We may share Metadata amongst Planto users as part of the service provided, and also with our business partners and other third parties to help us make improvements and/or enhancements to our products and services and for marketing, research and academic purposes. Metadata cannot be linked to an individual in any way.

4c. Use of Personal Information
At Planto, our number one focus is customer trust. The security of all information is important to us. We understand the need for our customers’ data to be completely secure and private, and we have designed and deployed (as a part of the Planto Services) a state-of-the-art system to ensure we do not collect any of your personal information.
Whilst we take all reasonable steps to implement and comply with all measures, please be informed that these measures are provided on a best-effort basis. In the event any such Personal Identification Information is inadvertently captured either in your Planto user area or in any report generated by Planto, please immediately notify us so that we may promptly rectify the situation.

5. Data Deletion Policy & Data Retention

You have the right to request that your Planto account or any data within your Planto account be deleted from our primary production servers. You own your data. Anytime you want your data removed from our systems, you can request us to delete your account from our production servers by contacting us at or by simply selecting the account and deleting it on your planto app user area. As a result, data linked to your Planto registeration ID be excised permanently from our production servers and further access to your account will be impossible. Your anonymous aggregate data may be stored on these servers indefinitely. We reserve the right to use any anonymous aggregate data derived from use of service provided by Planto.

6. Data Security

6a. Online Confidentiality
Planto (the mobile application) requires a username (anonymized) and a password and/or biometric verification to log in. You must keep your credentials secure and never disclose them to any third party. You are responsible for maintaining the confidentiality of your credentials. We require you to use strong passwords between 6-16 characters long that are difficult for others to guess. We recommend that you change your password periodically. Your online security is also your responsibility; you must secure your credentials, including your password, against unauthorized access and use. When you suspect that your credentials have been stolen or been made known to others, you must change them immediately and contact us promptly at Planto is not responsible for any loss or damage resulting from access to your account by anyone through your credentials obtained from you or through violation of this Privacy Policy or Planto’s Terms of Service. Contact us at if you have a security related concern and we will work closely with you to ensure a rapid and personal response to your concerns.

6b. Notice of Security Breach
If a security breach causes an unauthorized intrusion into our systems that materially affects users then Planto will notify you of the security breach without undue delay and, where feasible, not later than seventy-two (72) hours after having become aware of it, by describing the nature of the security breach, the data that has been, or Planto reasonably believes to have been, compromised and the immediate actions taken by Planto with respect thereto. Planto will later report the measures we’ve taken to mitigate potential adverse effects and prevent continuing or similar security breaches in the future.

6c. Safeguarding your Information
Our Services ensure secure communications with encryption. From the time you submit your credentials, these communications between your computer and our Services are encrypted. This enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering and message forgery. To maintain your security of online sessions, and to protect Planto accounts and systems from unauthorized access, Planto uses a combination of firewall barriers, encryption techniques and authentication procedures, among others. Our system will always prompt you to enter your credentials for your privacy and security. The information that is collected, for example your Registration Information, is transmitted securely to our servers. Access to our systems requires multiple levels of authentication. Planto databases are protected from general employee access. We make sure that your Banking credentials and Planto credentials are encrypted such that they can never be recovered even by us. Planto tests its systems, the Website and Services infrastructure for any failure points that might allow hacking. However, it is important to understand that these precautions apply only to our Website, systems and Services.

7. Communicating with us

We offer two specific communication methods that are designed to maintain your anonymity in the course of your interaction with us.

The first communication method is to utilise the customer service messaging box found in the Planto user area on the mobile application as a “Chat” icon.

The second communication method is via anonymous email. Upon opening your account, we will ask you to register an email address that will be linked to your Planto account. We encourage you to set up an email address which contains no information from which your personal identity may be inferred, for the sole use of Planto. If required, we can guide you on the setup of such an email address.

Aside from the above, you may still communicate with us via telephone, third party internet voice and chat providers, social media communication channels or via any email address that you regularly use. In such cases, we may receive information that discloses or could be used to establish your identity. We will, however, respect the confidentiality of such information (as with any other information that we receive from you) and will only use and/or retain the information strictly in accordance with our usage policy (see Use of Your Data and Information below).

8. Pricing

Planto is free to download and free to use. We allow users to simply be on the platform at no charge. If there are any changes to this, we will notify our users way ahead of time. We respect the confidentiality of any such information and will only use and/or retain the information strictly in accordance with our usage policy (see Use of Your Data and Information below).

9. Changes

Your use of this mobile application is subject to these Terms of Use. By using the mobile application, you are deemed to have accepted and agree to be bound by these Terms of Use. We may make changes to these Terms of Use from time to time. We may notify you of such changes by any reasonable means, including by posting the revised version of these Terms of Use on the Site. Your use of the the application following changes to these Terms of Use will constitute your acceptance of those changes. These Terms of Use will be governed by and construed in accordance with the laws of Hong Kong.

10. Contact

If you have questions or concerns about this Privacy Statement or about our use or retention of your Personal Identification Information or Personal Financial Data, please contact us via email at, or via or contact us between