Always On · alwayson.plangrowdo.com · Version 1.2 · May 2026
This Privacy Policy explains how personal data is collected, stored and used within the Always On platform (alwayson.plangrowdo.com). It is intended for:
Always On is operated by Plan Grow Do, a trading name of Plan Grow Do Ltd ('PGD', 'we', 'us'). The platform is provided to business clients ('tenants') as a B2B sales management tool.
| Role | Party | Responsible for |
|---|---|---|
| Data Controller | The tenant (your employer / the business that subscribes to Always On) | All contact and prospect data entered into the platform; how that data is used for sales and qualification |
| Data Processor | Plan Grow Do | Operating the platform infrastructure; processing data strictly on the tenant's instruction |
When you are invited to Always On as a team member, the following data is held:
Lawful basis: Contract performance — providing access to the platform under the tenant's subscription.
The platform holds data about your company's contacts and prospects. Your employer (the tenant) is the Data Controller for this data. It includes:
Where email sync is enabled by a rep, the platform captures:
Always On uses AI agents (Sally, Dan, Caroline) powered by Google Gemini. When the AI processes a contact interaction:
| Purpose | Lawful basis |
|---|---|
| Provide and operate the Always On platform | Contract performance |
| Authenticate users and manage access | Contract performance / legitimate interest |
| Enable AI-assisted qualification and communication | Contract performance (on behalf of tenant) |
| Sync emails between rep mailboxes and contact records | Consent — rep explicitly authorises via OAuth |
| Send transactional emails (invites, notifications) | Contract performance |
| Security monitoring and fraud prevention | Legitimate interest |
| Platform analytics and improvement | Legitimate interest |
| Component | Provider | Location |
|---|---|---|
| Database | Supabase (PostgreSQL) | EU — Ireland (eu-west-1) |
| File storage | Supabase Storage | EU — Ireland (eu-west-1) |
| Email sending | Resend | EU region |
| Application hosting | Vercel | Edge — primarily EU |
| AI processing | Google Gemini API | Google Cloud |
| WhatsApp messages | Meta Cloud API | Meta infrastructure |
All primary data storage is within the EU. Where data is processed outside the EU (Google, Meta), appropriate safeguards are in place under Standard Contractual Clauses.
Always On is a multi-tenant platform. Your employer's data is strictly isolated from all other tenants:
tenant_id at the database levelAlways On allows you to connect your email account to sync communications with your contact records. The following applies to all email connections:
When you choose to connect your Gmail account to Always On, we request access to the following Google account data:
gmail.readonly) — We access your Gmail messages solely to match incoming and outgoing emails against contact records in your sales pipeline. Email content is stored securely and linked to the relevant contact profile within your organisation's workspace.gmail.send) — We send emails through your Gmail account when you compose and send messages from within the platform. These sent emails are also recorded against the relevant contact record.We do not:
Your Gmail connection can be disconnected at any time from your account settings. Disconnecting immediately revokes our access and stops any further email syncing.
You can also revoke access directly via your Google Account permissions page.
When you choose to connect your Microsoft (Outlook / Microsoft 365) account to Always On, we request access to the following Microsoft account data via the Microsoft Graph API:
Mail.Read) — We access your Outlook messages solely to match incoming and outgoing emails against contact records in your sales pipeline. Email content is stored securely and linked to the relevant contact profile within your organisation's workspace.Mail.Send) — We send emails through your Outlook account when you compose and send messages from within the platform. These sent emails are also recorded against the relevant contact record.offline_access) — We request a refresh token so your connection remains active without requiring you to re-authenticate each session. This token is encrypted at rest and never visible to other users or PGD staff.We do not:
Your Microsoft connection can be disconnected at any time from your account settings. Disconnecting immediately revokes our access and stops any further email syncing.
You can also revoke access directly via your Microsoft My Apps portal or through your Microsoft Account permissions page at account.microsoft.com.
| Data type | Retention | Deletion |
|---|---|---|
| Contact and prospect records | Until deleted by the tenant | Tenant manager can delete any record |
| Communication history | Tied to contact record | Deleted with the contact record |
| User accounts | Until removed by the tenant manager | Manager removes team members |
| Email sync history | Tied to contact record | Deleted with the contact record |
| Platform logs | 30 days | Automatic |
| Bug reports | 12 months | PGD admin managed |
If you have a concern about how data is handled within Always On, contact info@plangrowdo.com in the first instance.
You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
We may update this policy as the platform evolves. The version date at the top indicates when it was last revised. Significant changes will be notified to tenant administrators.