Privacy Policy

Who we are

This website is operated by:

Planet Group International
[Registered company name, if different]
[Registered office address]
Website: https://www.planetgroupint.com
Email: [privacy@planetgroupint.com]
Phone: [ ]

For the purposes of applicable data protection laws (including the General Data Protection Regulation – GDPR, where applicable), Planet Group International is the data controller of the personal data processed via this website.

If you have any questions about this Privacy Policy or how we process your personal data, you can contact us using the details above.

What personal data we collect and why we collect it

We collect personal data about you when you visit our website, interact with our content, or contact us. We only collect data that is necessary for specified purposes and we process it on a lawful basis under applicable data protection law.

1. Data you provide to us directly

Contact forms / demo requests / download forms

When you fill in a form on our website (for example “Contact us”, “Request a demo”, “Ask for a proposal” or download forms), we may collect:

  • First and last name
  • Job title and company name
  • Business email address
  • Business phone number
  • Country / region
  • Your message or enquiry
  • Any other information you voluntarily provide in free-text fields

Why we collect it (legal bases):

  • To respond to your enquiry or request (performance of a contract or steps prior to entering a contract – Art. 6(1)(b) GDPR)
  • To manage and grow our business relationship with you or your organization (legitimate interest – Art. 6(1)(f) GDPR)
  • Where required for sending certain marketing communications, we rely on your consent (Art. 6(1)(a) GDPR) or applicable local e-privacy rules.

We do not intentionally collect sensitive personal data through the website (e.g. health data, political opinions). Please do not include such information in contact forms.

2. Data collected automatically (technical and usage data)

When you visit our website, certain technical data is automatically collected by our servers and/or cookies and similar technologies. This may include:

  • IP address
  • Date and time of access
  • URLs accessed and referring URL
  • Browser type and version
  • Operating system and device information
  • Basic interaction data (pages viewed, time spent on pages, clicks)

Why we collect it (legal bases):

  • To operate, secure, and improve the website (legitimate interest – Art. 6(1)(f) GDPR)
  • To monitor performance, detect errors, and prevent abuse or attacks (legitimate interest – Art. 6(1)(f) GDPR)
  • For analytical and statistical purposes, where cookies/trackers are used based on your consent where required (Art. 6(1)(a) GDPR).

We aim to minimise the use of third-party trackers and to use privacy-respecting analytics solutions where possible.

3. Cookies

We use cookies and similar technologies to:

  • Make the website function correctly (strictly necessary cookies)
  • Remember your preferences (e.g. language)
  • Analyse website traffic and usage (analytics cookies, if enabled)
  • [Optionally] Improve our marketing and measure campaign performance (marketing cookies, if used)

A detailed description of the cookies we use and their lifetimes is provided in our Cookie Policy and/or cookie banner. You can manage your cookie preferences at any time via the cookie settings tool (where implemented) or through your browser settings.

Comments

At the moment, we do not allow public commenting on our website. If this changes, this section will be updated to describe what data is collected through comments (such as name, email address, IP address and browser user agent for spam detection).

Media

We do not normally allow public user uploads of media files to this website. If you send us files through a contact form or by email (for example, a CV or a document), you should avoid including embedded location data (EXIF GPS) or other sensitive information unless strictly necessary.

Contact forms

As described above, when you submit a contact form we collect the information you provide:

  • For the purpose of responding to your request and following up on your enquiry or potential project;
  • For customer service, presales and account management activities; and
  • For maintaining an internal record of our interactions with you and your organization.

We do not sell or rent contact form data to third parties. We may add your business contact details to our CRM system if there is a legitimate business relationship or you have requested to be contacted.

Analytics

We may use analytics tools to understand how our website is used, improve content, and measure performance. Examples include:

  • Server-side, anonymised analytics provided by our hosting environment; and/or
  • A third-party analytics service such as [Google Analytics / Matomo / other – specify here].

These tools may collect:

  • IP address (which may be anonymised or truncated),
  • Approximate location data (country/region),
  • Device and browser information,
  • Page views, navigation paths and on-site actions.

Where required under GDPR/ePrivacy (for example, for Google Analytics with non-essential cookies), we will only enable analytics after you consent via the cookie banner. You can withdraw your consent at any time through the cookie settings.

Please refer to your chosen analytics provider’s privacy policy for further details (e.g. for Google Analytics, Google’s Privacy Policy).

Who we share your data with

We do not sell your personal data. We share it only with trusted third parties where necessary for operating our business and this website.

Categories of recipients may include:

  • Website hosting and infrastructure providers
    We host this website with [Hosting provider name], which processes log and connection data to deliver and secure the website.
  • IT service providers and consultants
    Third parties providing maintenance, security, backup, and development services for our website and IT systems.
  • Email and communication service providers
    For sending transactional emails and communications related to your enquiries.
  • Analytics and performance providers (if used)
    For example [Google Analytics / Matomo / other], used to understand and improve website usage.
  • Professional advisers
    Such as legal, financial or security consultants, where necessary to protect our legitimate interests.
  • Public authorities or regulators
    When we are legally required to do so, or where it is necessary to protect our rights or the rights of others.

All such providers are bound by contractual obligations and/or legal obligations to protect your data and process it only on our instructions, where they act as processors.

How long we retain your data

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by law.

In particular:

  • Contact form and enquiry data:
    Typically kept for up to [12–24 months] after the last interaction related to your request, or longer if it leads to a contract or ongoing business relationship.
  • Business correspondence and client records:
    Retained for the duration of the contract and for the applicable statutory limitation periods (e.g. [5–10 years]) for legal, audit and compliance reasons.
  • Technical logs and security logs:
    Retained for [3–24 months], depending on the purpose (e.g. security incident investigation, performance monitoring).
  • Analytics data:
    Retention periods defined in the analytics tool settings (for example, [14 months] or less for Google Analytics, if used).

Once the relevant retention period expires, we will delete or anonymise your personal data, unless we are legally obliged to keep it longer.

What rights you have over your data

Subject to applicable law (e.g. GDPR), you may have the following rights regarding your personal data:

  • Right of access – to obtain confirmation whether we process your data and access to that data.
  • Right to rectification – to request correction of inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances (“right to be forgotten”).
  • Right to restriction of processing – to request that we limit how we process your data in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used and machine-readable format and to transmit it to another controller.
  • Right to object – to object to processing based on our legitimate interests, including profiling, in which case we will stop processing unless we have compelling legitimate grounds.
  • Right to withdraw consent – where our processing is based on your consent, you can withdraw it at any time (this will not affect the lawfulness of processing before withdrawal).

You can exercise these rights by contacting us at:
[privacy@planetgroupint.com] (or other dedicated address).

You also have the right to lodge a complaint with your local data protection authority if you believe that the processing of your personal data infringes applicable law.

Where your data is sent

Our website is primarily hosted in [Country / EU location]. However, some of our service providers may store or process data in other countries, including outside the European Union (EU) / European Economic Area (EEA).

Where personal data is transferred outside the EU/EEA and no adequacy decision applies, we ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission; or
  • Other appropriate safeguards as permitted by applicable law.

You can contact us for more information about the specific safeguards we use for international data transfers.

Contact information

For any privacy-specific questions, requests, or concerns, you can contact:

Privacy Contact / Data Protection Contact
Planet Group International
Email: [privacy@planetgroupint.com]
Address: [●]

If we are required to appoint a Data Protection Officer (DPO) under applicable law, the DPO’s contact details will be published here.

Additional information

How we protect your data

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Secure hosting and regular systems updates;
  • Access controls and role-based access to systems;
  • Encryption of data in transit (HTTPS) and, where appropriate, at rest;
  • Regular security monitoring and logging;
  • Confidentiality obligations for staff and contractors;
  • Staff awareness and training regarding information security and data protection.

While we strive to protect your data, no system is completely secure. You share information with us at your own risk.

What data breach procedures we have in place

We maintain internal procedures for identifying, assessing and responding to potential or actual data breaches, including:

  • Logging and monitoring for suspicious activity;
  • Internal incident escalation and investigation processes;
  • Assessment of impact and risk to individuals;
  • Notification to supervisory authorities and affected individuals where required by law.

What third parties we receive data from

In the normal operation of this website, we typically receive personal data directly from you. In some B2B contexts, we may receive business contact details from:

  • Our partners or resellers;
  • Public business directories;
  • Professional networking platforms (e.g. LinkedIn) in accordance with their terms and applicable law.

Where this happens, we process such data for legitimate business purposes and respect your rights to object or opt out of marketing communications.

What automated decision making and/or profiling we do with user data

We do not perform automated decision-making in the sense of decisions producing legal effects concerning you or similarly significantly affecting you based solely on automated processing.

We may use limited profiling in a B2B context for:

  • Segmenting contacts by industry, region or role;
  • Prioritising follow-up with prospective clients.

This profiling is low-risk, can be challenged or opted out of at any time, and does not produce legal or similarly significant effects for individuals.

Industry regulatory disclosure requirements

Planet Group International provides B2B IT, ECM, BPM and AI consulting services. If additional industry-specific regulations apply to particular services or projects (for example in financial services, healthcare or public sector), those will be addressed in the relevant client contracts and project documentation rather than on this website.