Last Updated: April 30, 2026
ProcessPlan, LLC ("ProcessPlan," "we," "us," or "our") respects your privacy and is committed to protecting the personal data we process. This Privacy Policy explains how we collect, use, store, and share your information when you visit our website at processplan.com or use the ProcessPlan platform.
ProcessPlan is a business process management and automation platform. Our customers use ProcessPlan to manage and automate their business processes. The platform includes ProSeer, an AI-powered assistant that helps customers work with their data.
For the purposes of the EU General Data Protection Regulation (GDPR), ProcessPlan acts as a "Data Controller" for account and billing information, and as a "Data Processor" for data that customers store within the platform.
This Privacy Policy applies to:
If you are an individual whose personal data has been stored in ProcessPlan by one of our customers, that customer is the Data Controller of your data. Please contact them directly regarding their privacy practices.
Our customers may store any data they choose within the ProcessPlan platform, including personal data about their employees, clients, vendors, or other individuals. Customers may also upload files and documents. ProcessPlan processes this data solely on the customer's instructions and in accordance with the applicable Data Processing Agreement.
ProcessPlan does not intentionally collect sensitive personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, or data concerning a person's sex life or sexual orientation). Customers who choose to store sensitive personal data within the platform are solely responsible for obtaining any necessary consents from data subjects and for complying with applicable laws governing such data. Where ProcessPlan receives sensitive personal data in reliance on the Data Privacy Framework, we will obtain affirmative express consent (opt-in) before using it for a purpose other than that for which it was originally collected or subsequently authorized, or before disclosing it to a third party acting as a controller.
| Purpose | Data Used | Lawful Basis (GDPR) |
|---|---|---|
| Provide our service | Account info, customer-stored data | Contract performance (Art. 6(1)(b)) |
| Process payments | Billing address (card data via Stripe) | Contract performance (Art. 6(1)(b)) |
| Send service communications | Name, email | Contract performance (Art. 6(1)(b)) |
| Improve our platform | Usage data, analytics | Legitimate interest (Art. 6(1)(f)) |
| Ensure security | Technical data, access logs | Legitimate interest (Art. 6(1)(f)) |
| AI features (ProSeer) | Customer data included in prompts | Contract performance (Art. 6(1)(b)), at customer's discretion |
| Marketing site analytics | IP, browser data (via Google Analytics) | Legitimate interest (Art. 6(1)(f)) |
ProcessPlan limits the personal data we collect and process to what is relevant for the purposes described above. We take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current. We will not process personal data in a way that is incompatible with the purposes for which it was collected or subsequently authorized by the individual, and we will retain personal data in personally identifiable form only for as long as it serves a purpose of processing consistent with these Principles.
ProcessPlan integrates AI capabilities through our ProSeer feature, powered by Anthropic (primary provider), with optional integrations to OpenAI and Google Gemini. When customers use ProSeer:
We do not sell your personal data. We share personal data only with the following categories of service providers, and only to the extent necessary:
ProcessPlan does not disclose personal data to third parties acting as independent controllers, nor do we use personal data for purposes materially different from those for which it was originally collected or subsequently authorized by the individual. If this practice changes, we will provide affected individuals with a clear and conspicuous opportunity to opt out of such disclosures or uses before they occur.
We may also disclose personal data where required by law, regulation, legal process, or governmental request, including to meet national security, law enforcement, or other public interest requirements. Our adherence to the Data Privacy Framework Principles may be limited to the extent necessary to comply with such lawful requests.
ProcessPlan is based in the United States. If you are located in the European Economic Area (EEA), your personal data will be transferred to the United States for processing.
ProcessPlan complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. ProcessPlan has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles ("DPF Principles") with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. ProcessPlan's certification covers non-HR personal data received from the EU in any format, including electronic and paper records. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov.
ProcessPlan is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Onward Transfer Liability. ProcessPlan may transfer personal data received under the DPF to third-party service providers acting as our agents. ProcessPlan remains liable under the DPF Principles if our agents process personal data in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.
Dispute Resolution & Recourse. If you have a complaint about our handling of personal data received in reliance on the DPF, you may contact us first at [email protected]. We will respond within 45 days. In compliance with the EU-U.S. DPF, ProcessPlan commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF. If your DPF complaint cannot be resolved through the above channels, under certain conditions you may invoke binding arbitration before the DPF Panel. For additional information, see Annex I of the Data Privacy Framework.
We also protect transfers using Standard Contractual Clauses (SCCs) as approved by the European Commission. Customers who require EU-based data hosting may request this for an additional fee. Our sub-processors process data in the United States and are bound by equivalent contractual protections.
If you are located in the EEA, you have the following rights regarding your personal data:
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.
If your personal data has been stored in ProcessPlan by one of our customers, please direct your request to that customer, as they are the Data Controller for that data.
You also have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.
We retain personal data only as long as necessary for the purposes described in this policy:
We implement appropriate technical and organizational measures to protect your personal data, including:
No method of transmission or storage is 100% secure. If you become aware of a security vulnerability, please contact us immediately.
ProcessPlan uses essential cookies only within the platform (session management and authentication). Our marketing website uses Google Analytics, which sets cookies for traffic analysis and conversion tracking. We do not use non-essential tracking cookies within the application.
ProcessPlan is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.
If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:
ProcessPlan, LLC
Attn: Data Protection Officer
3698 Inner Perimeter Rd #4411
Valdosta, GA 31602
State of Georgia, USA
Email: [email protected]
Website: processplan.com