PairPlan Privacy Policy
Effective date: March 26, 2026
PairPlan ("we", "us", "our") is a shared calendar and planning app designed for couples. This Privacy Policy describes what information we collect, how we use it, who we share it with, and how you can manage or delete it.
1. Information We Collect
Account information you provide:
- Name, email address, and password (when you register)
- Timezone preference (when you set it in Settings)
- Your partner's email address (if you choose to invite them by email during couple setup)
Content you create in the app:
- Calendar events (title, description, start/end times, location name, recurrence rules, visibility setting)
- To-do tasks (title, description, due date, assignment)
- Key dates (title, date, emoji, recurrence)
- Date plans (title, planned date, location name, notes)
Location data:
- When you search for a place while creating an event or date plan, we send your search query and, if you grant location permission, your approximate device coordinates to improve search relevance. We store the place name and latitude/longitude of locations you select.
- We do not track your location in the background or when the app is closed.
Device information:
- If you enable push notifications, we store your Expo Push Token (an opaque device identifier used solely to deliver notifications to your device). We do not collect device model, operating system version, or advertising identifiers.
Information we do NOT collect:
- We do not use analytics, crash reporting, or advertising SDKs
- We do not access your contacts, photos, camera, browsing history, or financial information
- We do not read or write to your device's native calendar app
2. How We Use Your Information
- Providing the service: To create and manage your account, display your calendar, tasks, key dates, and date plans, and share them with your linked partner
- Authentication & security: To verify your email address, authenticate your sessions, and process password resets
- Transactional emails: To send email verification codes, password reset links, and partner invitation emails
- Remote push notifications: To notify you when your partner creates or updates events, tasks, or date plans. These are sent from our server through the Expo Push Notification Service.
- Local reminders: To remind you about upcoming events (15 minutes before), date plans (24 hours before), and key dates (the morning before). These reminders are scheduled entirely on your device and are not sent through our servers.
- Location search: To help you find and attach places to events and date plans
We do not use your information for advertising, profiling, or automated decision-making.
3. How We Share Your Information
With your partner: When you link with a partner in PairPlan, they can see your shared calendar events, tasks, key dates, and date plans. Events you mark as "personal" visibility are not shown to your partner.
With service providers (data processors): We use the following third-party services strictly to operate PairPlan:
- Resend (resend.com) — delivers transactional emails (verification codes, password resets, partner invitations). Resend receives the recipient email address and message content. When you invite a partner by email, their email address is sent to Resend to deliver the invitation.
- Expo Push Notification Service (expo.dev) — delivers push notifications to your device. Expo receives your push token and notification content (title and message text).
- Google Places API (Google LLC) — powers location search when you create events or date plans. Google receives your search query and, if you grant permission, approximate device coordinates. See Google's Privacy Policy.
- OpenStreetMap Nominatim (nominatim.openstreetmap.org) — used as a supplementary location search provider. It receives search queries and approximate coordinates. See OSM's Privacy Policy.
We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.
We may disclose information if required by law, court order, or governmental regulation.
4. Data Storage & Security
- Your data is stored in a PostgreSQL database hosted on Replit's infrastructure
- Passwords are hashed using bcrypt and are never stored in plain text
- Authentication sessions use cryptographically generated tokens with expiration
- All communication between the app and our servers uses HTTPS/TLS encryption
- Temporary security codes (email verification, password reset) expire automatically
No system is 100% secure. While we implement reasonable safeguards, we cannot guarantee absolute security of your data.
5. Data Retention
- Account data: Retained as long as your account exists
- Content you created (events, tasks, key dates, date plans): Deleted when you delete your account. Items you created are removed regardless of whether your partner remains in the couple.
- Couple workspace: If your partner remains in the couple after you leave, their account and any items they created are preserved. If you are the last member, the entire couple workspace and all remaining shared data are deleted.
- Sessions: Expire after 30 days. Expired sessions are rejected on use but remain in the database until the account is deleted.
- Verification & reset codes: Expire within hours and are overwritten on each new request
- Push tokens: Removed when you delete your account or when a token is found to be invalid
6. Account Deletion
You can delete your account at any time:
- In the app: Go to Settings, scroll to "Danger Zone", and tap "Delete Account". You will be asked to re-enter your password to confirm.
- By email: Send a request to support@pairplan.net from the email associated with your account. We will process your request within 48 hours.
- Web form: Visit pairplan.net/api/delete-account for detailed instructions.
When your account is deleted, the following are permanently removed:
- Your account record (name, email, hashed password, timezone)
- All your active sessions
- Your push notification tokens
- All events, tasks, key dates, and date plans you created (identified by your creator ID)
- If you are the last member of your couple: all remaining shared data, invites, and the couple record itself
Your partner's account is never affected. Items your partner created remain available to them even after you leave.
7. Your Rights
- Access: You can view all your personal data within the app (profile, events, tasks, etc.)
- Correction: You can update your name and timezone in Settings at any time
- Deletion: You can delete your account and all associated data as described in Section 6
- Data portability: Contact us at support@pairplan.net to request a copy of your data
If you are located in the European Economic Area, United Kingdom, or California, you may have additional rights under GDPR, UK GDPR, or CCPA respectively. Contact us to exercise these rights.
8. Children's Privacy
PairPlan is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice in the app before the changes take effect. The "Effective date" at the top indicates when the policy was last revised.
10. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
support@pairplan.net