Planto's Privacy Policy

  1. Introduction
    1. Planto Limited (hereby also referred to as “Planto”, “we” or “us”) is a software as a service platform that offers goal setting, account aggregation and automated expense tracking via our mobile application (“Planto App” or the “App”). This Privacy Policy governs the manner in which Planto Limited collects, uses, maintains and discloses personal data collected from you as the users (hereby also referred to as “users”, “you” or “your”) of our App. We will also explain the measures being, and to be, taken to ensure that your personal data stays secure and confidential in compliance with the data protection laws of Hong Kong Special Administrative Region (“Hong Kong”). This Privacy Policy applies to the App and services offered by Planto.
  2. Our Privacy Principles
    1. Planto builds its business on trust between our users and us. Therefore, security and safety of our users’ personal data is our top priority. To preserve the confidentiality of all personal data you provide to us, we maintain the following privacy principles:
      • We will only collect personal data that we have identified in this Privacy Policy which we will use to deliver our services to you, facilitate 3rd party services at your consent, operate our business, and help make our Planto App useful, more intelligent, and work better for you.
      • We maintain strict security systems designed to prevent unauthorised access to your personal data by anyone, including our employees, agents and contractors.
      • Any members of the Planto team, including our employees, agents and contractors, who are permitted access to any personal data may only do so for a specific and limited purpose and limited time and during such access, are specifically required to strictly observe our confidentiality obligations.
      • We will not disclose, sell, trade or rent your personal data to any third parties, unless we:
        • have your consent, or
        • are required by law, enforcement or regulatory agency
    2. By maintaining our commitment to these principles, we will ensure that we respect the inherent trust that you have placed in us.
  3. The data we collect
    1. Personal Data is defined in the Personal Data (Privacy) Ordinance (“PDPO”)(Cap 486)
    2. We may collect and process personal data from users in variety of ways, including but not limited to, when you register for, install, download, access or use the Planto App, or contact us in relation to the Planto App. However, we will only use your personal data as set out below and always in accordance with the PDPO.
    3. When you register for and use the Planto App, we collect your email address and device ID which we use to:
      • provide you with our services via the Planto App;
      • identify you and the accounts you have registered with us;
      • communicate with you;
      • customise the Planto App based on your preference;
      • notify you of any changes to the Planto App or to our services that may affect you.
    4. We leverage your mobile device’s built in biometric authentication tools to provide you with added security to ensure there will be no unauthorized access to the Planto App:
      • When you use the Planto App to access or connect to your online accounts (including but not limited to, online banking accounts, insurance accounts, electronic payment accounts, third party mobile and online payment accounts), we may collect and process details such as account name (but not the number), currency of the account, outstanding balance, credit limit, your transaction details and history, payment dates and names and addresses of goods and services providers that appear in your account (collectively, “Personal Financial Data”), for the purposes of displaying the account information and transaction feed to you and providing you with services on the Planto App.
      • When you use the Planto App to apply for 3rd party financial services, we may request and store your identification data such as mobile number, HKID and date of birth (collectively, “Personal Financial Data”) solely for the purpose of making the application process convenient for you. Your Personal Financial Data will only be used at your request or consent.
      We do not collect or store any usernames, passwords, other authentication details, bank account numbers or credit card numbers for your online accounts. Online log-in credentials always remain encrypted on your device and is never stored on our server. For the avoidance of doubt, Personal Financial Data for this purpose does not include information that is aggregated with similar data from other users to produce Aggregated Data as described below, or is otherwise no longer identifiable to any specific Planto App user.
    5. We may record certain non-personal information, such as application usage, in-app browsing activity, and application activity including user interface elements. Along with cookies, we may also use third-party tracking technologies, such as Mixpanel, OneSignal and Google Analytics, to record similar information regarding you and your activity on the Planto App. We may grant access to such non-personal information and tracking activity to certain trusted third party services providers that we work with, but only to perform services on our behalf with restricted access to personal information on a need-to-know basis only, and always in compliance with this Privacy Policy.
  4. Aggregated Data
    1. For the purpose of producing research and statistical collective data amongst Planto App users and provide you with services on our Planto App, we may aggregate your Personal Financial Data together with similar data from other Planto App users. Aggregated Data will be produced in such a manner that the underlying data will no longer be identifiable to any specific user. We may share Aggregate Data amongst Planto App users as part of the services provided, and also with our business partners and/or other third parties to help us make improvements and/or enhancements to our services and for marketing, research and academic purposes. Rest assured that Aggregate Data cannot be linked to an individual or user in any way.
    2. Whilst we take all reasonable steps to anonymise the Aggregate Data, please be informed that these measures are provided on a best-effort basis. In the event that you believe that any of your personal data is or has been inadvertently captured in the Planto App or in any report generated or services provided by us, whether within or outside the Planto App, it is your responsibility to immediately notify us at so that we are able to promptly rectify the situation.
  5. Data Deletion & Data Retention
    1. You have the right to request that your Planto App account or any of your personal data within the Planto App be deleted from our servers at any time. You can make this request to us by contacting us at Please note that once your account is deleted, any data linked to the Planto App shall be excised permanently from our servers and further access to your account will be impossible.
    2. Nevertheless, Aggregate Data will continue to be stored and retained on our servers indefinitely. We reserve the right to retain and use Aggregate Data derived from the use of the Planto App.
  6. Data Security
    1. Your responsibility:
      1. The Planto App requires a user ID and password and/or biometric verification to log in. You should safeguard your user ID and password and keep them secret and confidential. We will never ask you for your password given that you should be the only person who knows it. We strongly recommend that you use strong passwords between 6-16 characters long that are difficult for others to guess. We also recommend that you change your password periodically. In public areas, you should exercise caution and not leave your mobile device unattended or susceptible to theft whilst logged into your account.
      2. If you suspect that your credentials have been stolen or been made known to others, it is your responsibility to change your password immediately and contact us promptly at We are not responsible for any loss or damage resulting from any unauthorised access to your account due to any failure to comply with these precautions or through any violation of this Privacy Policy or the Terms of Use.
      3. You should only download this App and its updates from official Play Store and App Store and not from any unofficial sources.
    2. Our commitment to safeguarding your personal information
      1. To maintain the safety and security of your personal data, and to protect Planto App accounts and systems from unauthorized access, we use a combination of firewall barriers, encryption techniques and authentication procedures, among others. Our system will always prompt you to enter your credentials or biometric authentication for your privacy and security. The personal data that is collected from you in accordance with this Privacy Policy is transmitted securely to our servers. Access to our systems requires multiple levels of authentication. Our databases are protected from general employee access.
      2. However, the aforementioned security efforts do not preclude us from the possibility of fraud, cyber-attacks, such as hacking, spyware and viruses, and we do not warrant that our servers or network will be immune from such attacks. We are not liable for any loss or damage arising from such risks.
  7. Free to use
    1. The Planto App is currently free to download and free to use. We allow you to simply be on our platform at no charge. If there are any changes, we will notify you ahead of time.
  8. Changes
    1. Your use of the Planto App is subject to the Terms of Use. By using the Planto App, you are deemed to have accepted and agreed to be bound by the Terms of Use. We reserve the right to make changes to the Terms of Use from time to time. We shall notify you of such changes by any reasonable means, including posting the revised version of the Terms of Use on the Planto App or Planto website. It is your responsibility to frequently check on the changes, your continued use of the Planto App following the changes to the Terms of Use will constitute your acceptance of those changes.
  9. Governing Law
    1. This Privacy Policy will be governed by and construed in accordance with the laws of Hong Kong.
  10. Your Acceptance of these terms
    1. By using this App, you signify your acceptance of this Privacy Policy.
  11. Contact
    1. If you have questions or concerns about this Privacy Policy or about our use or retention of your Personal Identification Information or Personal Financial Data, please contact us via email at
1801-03, 18/F, East Town Building, 41 Lockhart Road, Wan Chai, Hong Kong
Planto Limited © 2019