Microsoft Project Online retires September 30, 2026 — migrate to a modern platform before it's too late.Start migration

Legal

Privacy Policy

Last updated: April 13, 2026

This Privacy Policy describes how Devsoft Solutions ("we," "us," or "our"), the company behind Onplana, collects, uses, discloses, and protects your personal information when you use the Onplana platform, website (onplana.com), and related services (collectively, the "Service").

1. Information We Collect

1.1 Information You Provide

  • Account information: Name, email address, and password when you create an account.
  • Organization data: Organization name, team members, and billing information.
  • Project data: Projects, tasks, comments, documents, and other content you create within the Service.
  • Payment information: Credit card and billing details processed securely by our payment processor (Stripe). We do not store full card numbers on our servers.
  • Communications: Information you provide when contacting support, submitting feedback, or responding to surveys.

1.2 Information Collected Automatically

  • Usage data: Pages visited, features used, and actions taken within the Service.
  • Device information: Browser type, operating system, device type, and screen resolution.
  • Log data: IP address, access times, referring URLs, and error logs.
  • Cookies and similar technologies: See our Cookie Policy for details.

1.3 Information from Third Parties

  • SSO providers: If you sign in via SAML or OIDC (e.g., Azure AD, Okta), we receive your name, email, and identity provider metadata.
  • Imported data: When you import .mpp files or connect to Microsoft Project Online via OData, we process the project data you choose to import.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and send billing-related communications
  • Send product updates, security alerts, and support messages
  • Respond to your requests and provide customer support
  • Analyze usage patterns to improve features and user experience
  • Detect, prevent, and address security incidents and fraud
  • Comply with legal obligations

3. AI Data Processing

Onplana's AI features (powered by Anthropic's Claude) process your project data to provide risk detection, plan generation, and other AI-powered recommendations. Important details:

  • Your data is not used to train AI models. Project data sent to AI providers is used solely to generate responses for your specific request.
  • AI processing occurs in real-time and data is not retained by AI providers beyond the duration of the request.
  • You can disable AI features at any time without affecting core platform functionality.
  • Enterprise plans offer data residency controls for AI processing.

4. How We Share Your Information

We do not sell your personal information. We share information only in these circumstances:

  • Service providers: We use third-party services for payment processing (Stripe), email delivery, hosting (AWS/Azure/GCP), and analytics. These providers are contractually bound to protect your data.
  • Within your organization: Other members of your Onplana organization can see project data, team information, and activity within the organization scope.
  • Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
  • With your consent: We may share information with third parties when you explicitly authorize it (e.g., enabling integrations).

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. When you delete your account or organization:

  • Project data is moved to soft-delete (Recycle Bin) for 30 days, then permanently deleted.
  • Account information is deleted within 90 days of account closure.
  • Backup copies are purged within 180 days.
  • Anonymized, aggregated usage statistics may be retained indefinitely.

6. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Regular security assessments and penetration testing
  • Access controls with role-based permissions and audit logging
  • Infrastructure hosted on SOC 2 compliant cloud providers
  • Two-factor authentication (TOTP) available for all accounts
  • IP allowlisting and session management for Enterprise plans

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete information
  • Delete your personal data (right to erasure)
  • Export your data in a portable format
  • Object to or restrict certain processing activities
  • Withdraw consent where processing is based on consent

To exercise these rights, email privacy@onplana.com. We will respond within 30 days.

8. International Data Transfers

Your data may be processed in countries outside your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for transfers outside the European Economic Area. Enterprise plans offer data residency controls to restrict data processing to specific regions.

9. Children's Privacy

The Service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us at privacy@onplana.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, for significant changes, by sending an email to the address associated with your account.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: