Posted: December 11, 2017 (v1.0)
Planto (hereby also referred to as ‘we’ and ‘us’) is a software as a service (SaaS) platform that
offers account aggregation, automated budget data aggregation and portfolio visualization via a
mobile application. Security and safety of our clients’ data and information is top priority. We
explain here how we handle and protect your information. This was also constructed in accordance to
the Laws of Hong Kong and the Personal Data (Privacy) Ordinance ("The Ordinance"). This Privacy
Policy explains why and the way we will collect and use your data and the measures being, and to be,
taken to ensure that your data stays secure and confidential.
2. Our Privacy Principles
Planto builds its business on trust between our customers and us. To preserve the confidentiality of
all personal data you provide to us, we maintain the following privacy principles:
- We do not collect any personal data that links any data on the Planto mobile interface to
your personal identity
- We maintain strict security systems designed to prevent unauthorised access to your personal
data by anyone, including our staff
- All members of the Planto team who are permitted access to any data are specifically required to
observe our confidentiality obligations
- We will not disclose your personal data to any external organisation unless we (i) have your
consent or (ii) are required by law or (iii) have previously informed you
By maintaining our commitment to these principles, we at Planto will ensure that we respect the
inherent trust that you place in us.
3. Data we collect
We want to be clear about what information we collect and how we use it to deliver our Services to
you, improve your financial life, operate our business, and help make our Services useful, more
intelligent, and work better for you. We do not sell or share your Personal Information with third
parties for their own commercial uses without your consent.
3a. Types of Information We Collect:
- Information you provide us: In connection with accessing our Services, we do not collect
information from you which can be used to identify you ("Personal Information"), such as your
email address, HKID or Passport number. We leverage iOS’s and Android’s built in biometric
authentication tools to provide end users added security to ensure no authorized access to
Planto application can be made. The user is provided an option to store their banking
credentials on their device encrypted with a security key stored in Planto’s server. This
encrypted key is used to unlock your banking credentials when user logs in Planto’s mobile area
to refresh user’s financial data. Planto reserves no rights whatsoever to store or collect your
banking credentials in our server or store any information then what is stated within this
- Information we get from your use of the Services: Planto may record certain non-personal
information such as application usage and browsing activity, application activity (such as UI
elements). Along with cookies, Planto may also use third-party tracking technologies, such as
Mixpanel and Google Analytics, to record similar information regarding you and your activity on
the Planto application. We may grant access to your data and information to certain trusted
third party services providers that we work with, but only to perform the service on our behalf
with restricted access to customer data and information on a need-to-know basis only, and in
compliance with this Privacy Statement.
- Information that we collect from Financial Institutions: Where you use the Services to access
your financial account(s) with Financial Institution(s), we will retrieve and collect the
following information about your financial account ("Financial Account Data") with that
Financial Institution for the purpose of providing the Services to you:
- financial account details
- Account Description like "HKD Savings"
- Currency for the account
- Balance for general accounts & Total Portfolio balance for Investment and MPF accounts
- Payment due date for Credit Card accounts
- Credit Limit for Credit Card accounts
- transactions details per account from (a)
- Transaction amount
Any changes to the collection of financial information from the institutions will be
communicated to the user by way of notification through the application and changes to this privacy
4. Use of your data and information
4a. Our Data Principles
We use the Financial Account Data & Personal Information in order to deliver the
Planto service you have subscribed to. We will maintain such data as strictly confidential and will not
sell, lease or distribute the same to any third party (other than certain trusted third party service
providers involved in the operations of our business and performing services on our behalf, with
restricted access to customer data and information, on a need-to-know basis only, and in compliance with
this Privacy Statement) without your documented approval, unless we are required or requested to do so
by law or any regulatory authority for the jurisdiction that we operate in. For the avoidance of doubt,
Financial Account Data & Personal Information for this purpose does not include information that is
aggregated with similar data from other users to produce Metadata as described below, or is otherwise no
longer identifiable to any specific Planto user.
For the purpose of producing statistical collective data amongst Planto users
(“Metadata”), we may aggregate your Personal Financial Data together with similar data from other Planto
users. Metadata will be produced in such a manner that the underlying data will be no longer
identifiable to any specific user. We may share Metadata amongst Planto users as part of the service
provided, and also with our business partners and other third parties to help us make improvements
and/or enhancements to our products and services and for marketing, research and academic purposes.
Metadata cannot be linked to an individual in any way.
4c. Use of Personal Information
At Planto, our number one focus is customer trust. The security of all information is
important to us. We understand the need for our customers’ data to be completely secure and private, and
we have designed and deployed (as a part of the Planto Services) a state-of-the-art system to ensure we
do not collect any of your personal information.
Whilst we take all reasonable steps to implement and comply with all measures, please
be informed that these measures are provided on a best-effort basis. In the event any such Personal
Identification Information is inadvertently captured either in your Planto user area or in any report
generated by Planto, please immediately notify us so that we may promptly rectify the situation.
5. Data Deletion Policy & Data Retention
You have the right to request that your Planto account or any data within your Planto
account be deleted from our primary production servers. You own your data. Anytime you want your data
removed from our systems, you can request us to delete your account from our production servers by
contacting us at email@example.com or by simply selecting the account and deleting it on your planto app
user area. As a result, data linked to your Planto registeration ID be excised permanently from our
production servers and further access to your account will be impossible. Your anonymous aggregate data
may be stored on these servers indefinitely. We reserve the right to use any anonymous aggregate data
derived from use of service provided by Planto.
6. Data Security
6a. Online Confidentiality
Planto (the mobile application) requires a username (anonymized) and a password
and/or biometric verification to log in. You must keep your credentials secure and never disclose them
to any third party. You are responsible for maintaining the confidentiality of your credentials. We
require you to use strong passwords between 6-16 characters long that are difficult for others to guess.
We recommend that you change your password periodically. Your online security is also your
responsibility; you must secure your credentials, including your password, against unauthorized access
and use. When you suspect that your credentials have been stolen or been made known to others, you must
change them immediately and contact us promptly at firstname.lastname@example.org. Planto is not responsible for any
loss or damage resulting from access to your account by anyone through your credentials obtained from
email@example.com if you have a security related concern and we will work closely with you to ensure a
rapid and personal response to your concerns.
6b. Notice of Security Breach
If a security breach causes an unauthorized intrusion into our systems that
materially affects users then Planto will notify you of the security breach without undue delay and,
where feasible, not later than seventy-two (72) hours after having become aware of it, by describing the
nature of the security breach, the data that has been, or Planto reasonably believes to have been,
compromised and the immediate actions taken by Planto with respect thereto. Planto will later report the
measures we’ve taken to mitigate potential adverse effects and prevent continuing or similar security
breaches in the future.
6c. Safeguarding your Information
Our Services ensure secure communications with encryption. From the time you submit
your credentials, these communications between your computer and our Services are encrypted. This
enables client and server applications to communicate in a way that is designed to prevent
eavesdropping, tampering and message forgery. To maintain your security of online sessions, and to
protect Planto accounts and systems from unauthorized access, Planto uses a combination of firewall
barriers, encryption techniques and authentication procedures, among others. Our system will always
prompt you to enter your credentials for your privacy and security. The information that is collected,
for example your Registration Information, is transmitted securely to our servers. Access to our systems
requires multiple levels of authentication. Planto databases are protected from general employee access.
We make sure that your Banking credentials and Planto credentials are encrypted such that they can never
be recovered even by us. Planto tests its systems, the Website and Services infrastructure for any
failure points that might allow hacking. However, it is important to understand that these precautions
apply only to our Website, systems and Services.
7. Communicating with us
We offer two specific communication methods that are designed to maintain your anonymity in the
course of your interaction with us.
The first communication method is to utilise the customer service messaging box found in the Planto
user area on the mobile application as a “Chat” icon.
The second communication method is via anonymous email. Upon opening your account, we will ask you to
register an email address that will be linked to your Planto account. We encourage you to set up an
email address which contains no information from which your personal identity may be inferred, for
the sole use of Planto. If required, we can guide you on the setup of such an email address.
Aside from the above, you may still communicate with us via telephone, third party internet voice and
chat providers, social media communication channels or via any email address that you regularly use.
In such cases, we may receive information that discloses or could be used to establish your
identity. We will, however, respect the confidentiality of such information (as with any other
information that we receive from you) and will only use and/or retain the information strictly in
accordance with our usage policy (see Use of Your Data and Information below).
Planto is free to download and free to use. We allow users to simply be on the platform at no
charge. If there are any changes to this, we will notify our users way ahead of time. We respect the
confidentiality of any such information and will only use and/or retain the information strictly in
accordance with our usage policy (see Use of Your Data and Information below).
of Hong Kong.
If you have questions or concerns about this Privacy Statement or about our use or retention of your
Personal Identification Information or Personal Financial Data, please contact us via email at
firstname.lastname@example.org, or via or contact us between