Privacy Policy

This Privacy Policy explains how Sageview Software, LLC (“Sageview,” “we,” “us,” or “our”) collects, uses, shares, and protects information in connection with PriorityPlanner (the “Service”), available at priorityplanner.co and app.priorityplanner.co.

If you have questions, contact us at or:

1. Who This Policy Applies To

This policy applies to three groups of people:

• Users — product managers and other individuals who create an account and use PriorityPlanner to prioritize features.
• Stakeholders — third parties invited by a User to respond to prioritization surveys. Stakeholders do not have accounts; they interact with the Service only through survey links.
• Visitors — anyone who visits our marketing website at priorityplanner.co without signing up.

Each group is treated somewhat differently, and we’ll note those differences throughout this policy.

2. Information We Collect

2.1 Information Users provide directly

When you create an account or use the Service, we collect:

• Account information — name, email address, and authentication credentials (password is handled by our authentication provider and we never see it in cleartext).
• Google account information — if you sign in with Google, we receive your name, email address, and profile picture from Google.
• Profile information (optional) — company name, job title, and other details you choose to provide.
• Payment information — our payment processor (Stripe) collects your billing address, payment card details, and transaction history. We receive a customer identifier, subscription status, and the last four digits of your card, but we never see or store your full card number.
• Content you create — features, priorities, survey questions, notes, and any other information you enter into the Service.
• Support communications — messages you send us through our support chat, email, or other channels.

2.2 Information Stakeholders provide

When a Stakeholder receives a survey invitation from a User and responds, we collect:

• Contact information — the email address and (if provided) the name of the Stakeholder, as entered by the inviting User.
• Survey responses — ratings, rankings, and any free-text comments the Stakeholder submits.
• Technical information — the same technical information we collect from anyone who visits our Service (see Section 2.4).

2.3 Information we collect automatically

When you use the Service, we automatically collect:

• Usage data — pages viewed, features used, clicks, session duration, and similar interaction data.
• Device and technical data — IP address, browser type and version, operating system, device type, screen resolution, time zone, and referring URL.
• Cookies and similar technologies — see our Cookie Policy for details.

2.4 Information from third parties

We may receive information about you from:

• Authentication providers — if you sign in with Google, Google shares profile information with us (subject to the permissions you grant).
• Payment processor — Stripe shares transaction and subscription status with us.
• Analytics and error tracking services — these services may combine information they collect about your use of the Service with information they have about you from other sources, subject to their own privacy policies.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To provide the Service — create and manage your account, deliver product features, send survey invitations, process responses, and generate prioritization outputs.
• To process payments — manage subscriptions, process billing, issue refunds, and maintain financial records.
• To communicate with you — send transactional emails (receipts, password resets, stakeholder invitation confirmations, service notifications), respond to support requests, and send product announcements or marketing emails if you’ve opted in.
• To improve the Service — analyze usage patterns, test new features, debug issues, and understand how the Service is used.
• To maintain security — detect and prevent fraud, abuse, unauthorized access, and other security incidents.
• To comply with legal obligations — respond to lawful requests from authorities, enforce our Terms of Service and Acceptable Use Policy, and meet tax and accounting requirements.

Legal bases for processing (GDPR)

For Users and Stakeholders in the European Economic Area, United Kingdom, or Switzerland, we rely on the following legal bases to process personal data:

• Performance of a contract — to deliver the Service you signed up for, including processing payments and sending stakeholder invitations you initiate.
• Legitimate interests — to improve the Service, maintain security, prevent fraud, and communicate with you about the product. We balance our interests against your rights and freedoms.
• Consent — for optional marketing emails and non-essential cookies. You can withdraw consent at any time.
• Legal obligations — to comply with tax, accounting, and other applicable laws.

4. How We Share Your Information

We do not sell your personal information. We share it only in the following circumstances:

4.1 Service providers (subprocessors)

We rely on trusted third parties to help us operate the Service. These providers only access personal data to perform services on our behalf and are contractually required to protect it. Our current subprocessors include:

This list may change from time to time. Material changes will be communicated as described in Section 11.

Note about Google reCAPTCHA

We use Google’s invisible reCAPTCHA service to protect the Service from automated abuse (bots, spam signups, credential stuffing). reCAPTCHA analyzes visitor behavior — including IP address, mouse movements, cookies, and other signals — and may set its own cookies. Use of reCAPTCHA is subject to Google’s Privacy Policy and Terms of Service. By using the Service, you consent to Google’s use of this information as described in Google’s policies.

4.2 Legal and safety disclosures

We may disclose information when we believe in good faith that doing so is necessary to:

• Comply with a subpoena, court order, or other legal process.
• Enforce our Terms of Service or Acceptable Use Policy.
• Protect the rights, property, or safety of Sageview, our Users, or the public.
• Investigate or prevent fraud, abuse, or security incidents.

4.3 Business transfers

If Sageview is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

4.4 With your consent

We may share your information with third parties when you explicitly direct us to — for example, if you authorize an integration with another service.

4.5 What we do NOT do

• We do not sell your personal information to third parties.
• We do not share your personal information with advertisers for their own marketing purposes.
• We do not use your data to train machine learning models for use outside of delivering the Service to you.
• We use PostHog as our sole product analytics provider and do not use Google Analytics.

4.6 Advertising and remarketing

We may use advertising and remarketing cookies (such as Google Ads and Meta Pixel) to measure the effectiveness of our marketing and show our ads to people who have previously visited our website. These cookies are described in our Cookie Policy.

When we use these cookies, we share limited information — such as pseudonymous identifiers, page views, and actions you take on our marketing website — with the advertising providers. This is done to measure and improve our marketing, not to build a detailed profile of you for sale.

You can opt out of advertising cookies at any time as described in our Cookie Policy. In jurisdictions that require opt-in consent (such as the European Economic Area and United Kingdom), advertising cookies will not be activated until you provide consent.

5. International Data Transfers

We are based in the United States, and the Service is primarily operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States and other countries where our subprocessors operate.

For transfers from the European Economic Area, United Kingdom, or Switzerland to countries that are not deemed to provide an adequate level of data protection, we rely on appropriate safeguards, including the European Commission’s Standard Contractual Clauses (SCCs), with our subprocessors.

6. Data Retention

We retain personal information for as long as needed to provide the Service and fulfill the purposes described in this policy, unless a longer retention period is required by law.

• Active accounts — retained for the life of your account.
• Deleted accounts — personal data is deleted from active systems within 30 days of account deletion, and from backups within 90 days.
• Stakeholder data — retained for the life of the inviting User’s account or until the Stakeholder requests deletion, whichever comes first.
• Billing and financial records — retained for up to 7 years to comply with tax and accounting obligations.
• Support conversations — retained for up to 2 years.
• Marketing email unsubscribe records — retained indefinitely so we can honor your opt-out.
• Security and fraud prevention logs — retained as long as reasonably necessary for these purposes.

7. Your Privacy Rights

Depending on where you live, you may have the following rights regarding your personal information:

• Access — request a copy of the personal information we hold about you.
• Correction — ask us to correct inaccurate or incomplete information.
• Deletion — ask us to delete your personal information, subject to certain legal exceptions.
• Portability — receive your data in a structured, commonly used, machine-readable format.
• Objection — object to certain types of processing, including processing based on legitimate interests.
• Restriction — ask us to limit how we process your information in certain circumstances.
• Withdraw consent — where we rely on your consent, withdraw it at any time (this does not affect the lawfulness of processing before withdrawal).

To exercise any of these rights, email . We will respond within the timeframe required by applicable law (typically 30 days under GDPR, 45 days under CCPA). We may need to verify your identity before fulfilling your request.

7.1 California residents (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (as amended by the California Privacy Rights Act):

• Right to know what categories of personal information we collect, the sources, the purposes, and the categories of third parties we share it with.
• Right to delete the personal information we hold about you, subject to exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of the sale or sharing of personal information. We do not sell or share personal information as defined by the CCPA.
• Right to limit the use of sensitive personal information. We do not use sensitive personal information for purposes that require this right to be offered.
• Right to non-discrimination for exercising your privacy rights.

To exercise these rights, email . We will not discriminate against you for exercising any of these rights.

7.2 EEA, UK, and Swiss residents (GDPR / UK GDPR)

In addition to the rights listed above, you have the right to lodge a complaint with your local data protection authority. For EEA residents, you can find your authority at edpb.europa.eu. For UK residents, the Information Commissioner’s Office at ico.org.uk.

7.3 California “Shine the Light” and CalOPPA

In addition to the CCPA/CPRA rights above, California residents have rights under:

• California Shine the Light law (Civil Code § 1798.83) — you may request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes.
• California Online Privacy Protection Act (CalOPPA) — this Privacy Policy is designed to comply with CalOPPA. Specifically:
  • We notify Users of material changes to this policy as described in Section 11.
  • You can review and request changes to your personal information by contacting us at or through your account settings.
  • Do Not Track signals: some browsers send “Do Not Track” (DNT) signals. There is no universally accepted standard for how to respond to DNT signals, and we do not currently respond to them. You can control tracking through our cookie settings and the rights described in Section 7.

7.4 Stakeholders

If you are a Stakeholder (you received a survey invitation but are not a User), you have the same rights as Users with respect to the personal information we hold about you. Contact us at and we will assist. We may also direct you to the User who invited you, since they are the primary controller of their survey audience.

8. Security

We take reasonable administrative, technical, and physical measures to protect personal information against loss, theft, and unauthorized access. These include encryption of data in transit, access controls, infrastructure monitoring, and regular security reviews.

No system is perfectly secure, however, and we cannot guarantee absolute security. If we become aware of a data breach that affects your personal information, we will notify you and the relevant authorities as required by law.

9. Children’s Privacy

The Service is not intended for individuals under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact and we will promptly delete it.

10. Third-Party Links and Services

The Service may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing information to them.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Last Updated” date at the top of this policy.

For material changes — such as new categories of data collected, new subprocessors, new purposes for processing, or changes to your rights — we will provide at least 30 days’ advance notice by email to the email address associated with your account, and we will post a notice in the Service.

Continued use of the Service after the effective date of a change constitutes acceptance of the updated policy. If you do not agree to a change, you may cancel your account and stop using the Service.

12. Contact Us

Questions, requests, or complaints about this Privacy Policy or how we handle personal information can be directed to: