Plannor for ChatGPT

Privacy Policy

This Privacy Policy explains how Plannor ("we", "us", "our") collects, uses, discloses, and protects personal information when you use the Plannor platform and its ChatGPT / MCP connector. We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Last updated: April 2025

1. Who We Are

Plannor is a multi-tenant care-operations SaaS platform built for NDIS service providers operating in Australia. The platform operator is responsible for the personal information collected through the Plannor web application, mobile interface, and AI connectors including the ChatGPT / MCP integration.

Privacy enquiries: privacy@plannor.com.au
Postal: Plannor, Australia

2. Personal Information We Collect

We collect personal information that is reasonably necessary to operate the platform and its connectors. This includes:

  • Account and identity information — name, email address, role, and employment relationship within your organisation.
  • Tenant and organisational context — the registered NDIS provider organisation you are linked to.
  • Operational records — shift schedules, check-in and check-out data, progress notes, payroll and timesheet entries, incident reports, and expense claims that you create or access through the platform.
  • Participant-related information — first name, last name, NDIS plan details, support goals, and service agreement data to the extent necessary to operate the care workflow tools you use.
  • Authentication and session data — OAuth access tokens, refresh tokens, token metadata, IP addresses, and user-agent strings used to authenticate and audit connector sessions.
  • Audit and activity logs — records of tool calls, data accesses, and system events created when you interact with the platform or the ChatGPT connector.
  • Technical data — browser type, device identifiers, and connectivity metadata collected for security and performance purposes.

3. Sensitive Information

Some information we process is "sensitive information" under the Privacy Act 1988, including health information, disability information, and information about NDIS supports. We handle sensitive information with enhanced protections:

  • We collect sensitive information only when it is reasonably necessary for the direct purpose of operating your organisation's care services.
  • Access to sensitive information through the connector is restricted to users whose role and granted scopes permit it.
  • Sensitive information is never used for direct marketing, profiling, or any purpose outside the operational scope you have authorised.
  • Consent to process sensitive information is obtained as part of your organisation's service agreement with Plannor and the user's acceptance of these terms.

4. How We Use Personal Information

We use personal information for the following purposes:

  • Providing the platform — delivering the care coordination, rostering, billing, compliance, and reporting features your organisation has subscribed to.
  • Operating the AI connector — executing tool calls made through ChatGPT or other MCP-compatible AI platforms on behalf of the authenticated user, within their permitted role and scope.
  • Security and fraud prevention — verifying identity, detecting and preventing unauthorised access, abuse, or suspicious activity.
  • Audit and accountability — maintaining records of user actions for compliance, dispute resolution, and regulatory purposes.
  • Product improvement — analysing usage patterns in aggregate and de-identified form to improve platform reliability and features.
  • Legal obligations — complying with applicable laws, responding to regulatory enquiries, and enforcing our agreements.

5. Disclosure to Third Parties

We may disclose personal information to the following categories of recipients:

  • OpenAI (ChatGPT) — when you use the ChatGPT connector, tool inputs and tool results are exchanged with OpenAI's infrastructure. OpenAI's privacy policy governs their handling of that data.
  • Google (Gemini AI) — the built-in Plannor chatbot sends conversation messages to Google's Gemini API for text generation. Google's privacy policy governs their handling.
  • Cloud infrastructure providers — hosting, database, and storage services used to operate the platform (currently hosted in Australia or in regions with adequate privacy protections).
  • Payment processors — billing and subscription management services that may process limited account and payment information.
  • Regulatory bodies — government agencies or regulators (including the NDIS Quality and Safeguards Commission and the Office of the Australian Information Commissioner) when required by law.
  • We do not sell personal information to third parties.

6. Overseas Disclosure

By using the ChatGPT connector or the built-in AI chatbot, some personal information will be transferred to and processed by entities outside Australia (including OpenAI in the United States and Google in the United States). Before disclosing information overseas, we take reasonable steps to ensure the overseas recipient handles it in a manner consistent with the Australian Privacy Principles. You consent to this overseas disclosure when you activate and use these AI features.

7. Data Retention

We retain personal information only as long as necessary for the purposes it was collected or as required by law:

  • Active account data — retained for the duration of your organisation's subscription.
  • OAuth tokens and connector session data — access tokens expire within 1 hour; refresh tokens expire within 30 days of last use.
  • Audit and activity logs — retained for a minimum of 7 years to satisfy NDIS recordkeeping obligations.
  • Operational records (shifts, notes, incidents, payroll) — retained in accordance with your organisation's legal and NDIS obligations, typically 7 years.
  • After account closure — personal information is de-identified or deleted within 90 days, except where retention is required by law.

8. Security

We implement reasonable technical and organisational measures to protect personal information against misuse, loss, unauthorised access, modification, or disclosure. These include:

  • Encryption in transit (TLS/HTTPS) for all data exchanged with the platform and its connectors.
  • Server-side enforcement of tenant isolation — your organisation's data is never accessible to another tenant.
  • Role-based access control — each user can only access the tools and data their organisational role permits.
  • OAuth 2.1 with PKCE — the ChatGPT connector uses a secure authorisation flow that does not expose credentials.
  • Audit logging — all connector activity is logged and can be reviewed by your organisation's administrator.
  • No system is entirely secure. If you suspect a security incident, contact us immediately at privacy@plannor.com.au.

9. Your Rights — Access, Correction, and Complaints

Under the Australian Privacy Principles you have the right to:

  • Access the personal information we hold about you. Submit a request to privacy@plannor.com.au. We will respond within 30 days. We may ask you to verify your identity before providing access.
  • Correct inaccurate or out-of-date personal information. If you believe information we hold is incorrect, notify us and we will correct it or note your dispute.
  • Make a privacy complaint. If you believe we have handled your personal information in breach of the Privacy Act, you may lodge a complaint with us first. We will acknowledge your complaint within 5 business days and respond within 30 days.
  • Escalate to the OAIC. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or call 1300 363 992.

10. Data Breach Notification

In the event of an eligible data breach under the Notifiable Data Breaches scheme, we will:

  • Notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable.
  • Provide a statement that includes the nature of the breach, the kinds of information involved, and the steps we recommend individuals take.
  • Take immediate steps to contain the breach and prevent further unauthorised access or disclosure.
  • Maintain an internal breach register and review our security practices following any incident.

11. NDIS-Specific Obligations

Plannor is designed to support registered NDIS providers. When your organisation uses the platform to manage participant supports:

  • Your organisation (the NDIS provider) remains the data controller for participant information and is responsible for ensuring all use complies with the NDIS Act 2013, NDIS (Privacy and Confidentiality) information sheet, and NDIS Code of Conduct.
  • Participant information accessed through the connector must only be used for the purpose of delivering or coordinating supports.
  • Sharing participant information with AI platforms (ChatGPT, Gemini) via the connector should be limited to what is necessary for the specific operational task and should be reviewed by your organisation's privacy officer before broad deployment.
  • The platform supports NDIS Quality and Safeguards Commission incident reporting obligations by preserving incident records.

12. Cookies and Technical Tracking

The Plannor web application uses session cookies to maintain authenticated sessions. The legal pages and connector landing pages do not use advertising or analytics tracking cookies. If we add analytics in future, we will update this policy and obtain any required consent.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Material changes will be communicated by publishing the updated policy at this URL and, where appropriate, by notifying affected users by email. Continued use of the platform or connector after a policy update constitutes acceptance of the revised terms.

Terms of Service Privacy Policy AI Disclosure