STAY PLANNER

Privacy Policy

Effective Date: 30 April 2026 | Last Updated: 30 April 2026

1. Introduction

Welcome to Stay Planner ("the App", "we", "us", "our"). Stay Planner is a mobile application that helps you track days spent in different tax jurisdictions for assisting in determining tax residency, manage compliance, and optimize your travel schedule.

This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use the Stay Planner application and related services available at stayplanner.io (collectively, "the Service").

We are committed to protecting your privacy and complying with the Personal Data (Privacy) Ordinance, Cap. 486 of Hong Kong ("PDPO"), as well as applicable data protection laws including the Personal Information Protection Law of the People's Republic of China ("PIPL").

By using the Service, you consent to the collection and use of your personal data as described in this policy. If you do not agree, please do not use the Service.

2. About Stay Planner and the Data Controller

Stay Planner is a stay and tax day tracking application designed primarily for professionals who travel between Hong Kong/Macau and mainland China (but not limited to these jurisdictions). The Service helps you:

  • Track days spent in different jurisdictions for tax residency purposes
  • Monitor compliance with applicable tax treaty thresholds, tax residency rules, and local day-counting regulations
  • Import and parse official immigration records
  • Receive AI-powered stay schedule optimization recommendations
  • Receive compliance alerts and push notifications

Data User (Controller): The operator of Stay Planner is the data user under the PDPO and the data controller under applicable data protection laws for all personal data processed through Stay Planner.

Contact for data protection matters: privacy@stayplanner.io

3. Privacy Contact

We have designated a privacy contact responsible for overseeing data protection compliance and handling your queries and requests:

  • Email: privacy@stayplanner.io

If you have any questions about this Privacy Policy, wish to exercise your rights under the PDPO (including data access or correction requests under Sections 28 and 29), or wish to make a complaint, please contact us using the details above. We will respond to all legitimate requests within 30 days (or within the timeframe required by applicable law).

4. What Personal Data We Collect

4.1 Account and Identity Data

  • Alias (nickname)
  • Email address
  • Password (stored as a cryptographic hash — we never store plaintext passwords)
  • Unique user identifier (UUID)

4.2 Authentication Data

  • OIDC account identifier (if you sign in with a third-party OIDC provider)
  • Biometric authentication enrolment status (Face ID / Touch ID — biometric data itself is processed by your device's Secure Enclave and never transmitted to us)
  • Login session tokens (JWT access tokens and refresh tokens)

4.3 Travel and Stay Data

  • Country entries and exits (dates, border ports)
  • Stay records (entry date, exit date, location, source: manual/imported/planned)
  • Pending crossing records (unmatched entries or exits)
  • Planned stay schedules (future travel plans for optimization)
  • Geolocation data (only when you explicitly enable geolocation features — GPS coordinates used to determine which jurisdiction you are in)

4.4 Document Data

  • Passport and travel document scans/images uploaded for PDF import

4.5 Compliance and Tax Configuration Data

  • DTA threshold settings (max stay days, warning thresholds, rolling window size)
  • Six-year rule tracking data (cumulative residency years, reset events)
  • Optimizer preferences (weekday weights, travel minimization preferences, prohibited/forced dates)
  • Notification preferences (email alerts, push notification settings, plan reminders)

4.6 Device and Technical Data

  • Device type (iOS/Android), operating system version, device model
  • Device push notification token
  • IP address
  • App version and build number
  • Crash reports and error logs
  • Language preference

4.7 Billing and Subscription Data

  • Subscription tier (Free or Pro)
  • Subscription provider (Apple App Store, Google Play Store, Samsung Galaxy Store, Huawei AppGallery, Stripe)
  • Subscription status and expiry date

Payment-related data is processed by the payment provider directly (Apple, Google, or Stripe). We do not store your credit card or payment card details.

4.8 Data Not Processed by Third-Party AI/LLM Services

When you upload a passport or immigration PDF for import, the document is parsed locally on your device. No document images or extracted text are transmitted to any external server. Structured stay records are generated on-device and stored locally.

5. How We Collect Your Personal Data

5.1 Directly from You

  • Account registration: alias, email address, and password
  • Manual stay entry: dates, ports, and direction (entry/exit)
  • Import of official immigration records
  • Settings configuration: notification preferences, DTA thresholds, optimizer settings
  • Communication: when you contact us via email or other channels

5.2 Automatically Through Your Use of the Service

  • Device information: device type, OS version, app version, IP address
  • Geolocation: only when you explicitly opt in; used solely to determine your current jurisdiction, not continuously tracked or stored
  • Push notification tokens: generated and registered when you enable push notifications
  • Usage analytics and crash reports: anonymized technical data

5.3 From Third Parties

  • OIDC provider: Account identifier and associated email address from your chosen OIDC identity provider
  • Payment providers: subscription status and transaction confirmations (not payment card details)

6. Purposes of Collection and Use

6.1 Core Service Provision

PurposeData UsedLegal Basis (PDPO)
Create and manage your accountAccount data, authentication dataNecessary for the performance of a contract
Track your stay records and compliance statusTravel data, compliance configurationNecessary for the performance of a contract
Import and parse immigration documentsDocument data, extracted stay recordsNecessary for the performance of a contract
Provide AI stay optimizationTravel data, optimizer preferencesNecessary for the performance of a contract
Display compliance dashboardsTravel data, compliance configurationNecessary for the performance of a contract

6.2 Service Communication and Support

PurposeData UsedLegal Basis (PDPO)
Send compliance alerts and push notificationsPush tokens, compliance dataYour consent (withdrawable at any time)
Respond to enquiries and support requestsEmail, account data, message contentLegitimate interests
Send service-related communicationsEmail, account dataLegitimate interests

6.3 Service Improvement and Analytics

PurposeData UsedLegal Basis (PDPO)
Monitor app performance and fix bugsDevice data, crash reportsLegitimate interests
Improve Service features and user experienceAnonymized usage dataLegitimate interests

6.4 Billing and Legal Compliance

PurposeData UsedLegal Basis (PDPO)
Manage your subscription (Free/Pro)Subscription data, account dataNecessary for the performance of a contract
Process paymentsTransaction data handled by payment providerNecessary for the performance of a contract
Comply with applicable laws and regulationsAccount data, transaction recordsCompliance with legal obligations
Respond to lawful requests from authoritiesAll data as requiredCompliance with legal obligations

Notice at Collection (PDPO Data Protection Principle 1): We inform you at or before the point of collection of: (a) whether the supply of personal data is obligatory or voluntary (generally voluntary, though some data is necessary to provide the Service); (b) the purposes for which the data will be used (as set out in this section); (c) the classes of persons to whom the data may be transferred (see Section 10 below); (d) your right to request access to and correction of your personal data (see Section 7 below); and (e) the person to whom you may direct enquiries (see Section 3 above).

7. Your Privacy Rights Under the PDPO

Under the Personal Data (Privacy) Ordinance, Cap. 486 of Hong Kong, you have the following rights:

7.1 Right of Access (PDPO Section 28)

You have the right to request access to the personal data we hold about you. Upon receiving a valid data access request, we will confirm whether we hold personal data about you, provide a copy in a commonly used electronic format, and respond within 40 days (the statutory timeframe under the PDPO). We may charge a reasonable fee for processing your request, as permitted under the PDPO.

7.2 Right of Correction (PDPO Section 29)

You have the right to request correction of any personal data we hold about you that is inaccurate, incomplete, or out of date. If we do not agree that the data requires correction, we will provide you with reasons in writing.

7.3 Right to Withdraw Consent

Where we process your personal data based on your consent (for example, push notification tokens, geolocation data, direct marketing), you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing that occurred before withdrawal.

7.4 Right to Object to Direct Marketing

You have the right to object to the use of your personal data for direct marketing purposes. We may use your personal data for direct marketing unless you have exercised your right to opt out. See Section 12 below for details.

7.5 Right to Complain to the Privacy Commissioner

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong.

  • Address: Unit 1303, 13/F, Dah Sing Financial Centre, 248 Queen's Road East, Wanchai, Hong Kong
  • Telephone: +852 2827 2827
  • Email: enquiry@pcpd.org.hk
  • Website: www.pcpd.org.hk

7.6 How to Exercise Your Rights

To exercise any of the above rights, please contact us at privacy@stayplanner.io. We will respond within 30 days, or within the statutory timeframe under the PDPO (40 days for access/correction requests). We may request additional information to verify your identity before processing your request.

8. Data Protection Principles We Follow

We structure our data handling practices in accordance with the six Data Protection Principles set out in Schedule 1 of the PDPO:

DPP 1: Purpose and Manner of Collection

Personal data is collected by lawful and fair means. Data subjects are informed of the purposes of collection (Section 6 above). Data collected is adequate but not excessive for the stated purposes. Data is accurate and kept up to date.

DPP 2: Accuracy and Retention

We take all practicable steps to ensure personal data is accurate and kept up to date. Personal data is not kept longer than is necessary for the fulfillment of the purposes for which it was collected (see Section 14 for retention periods). We provide mechanisms for you to access and correct your data (Section 7 above).

DPP 3: Use of Personal Data

Personal data is not used for a new purpose without your prescribed consent. Data is not disclosed for a new purpose without your consent, except as permitted by law.

DPP 4: Security of Personal Data

We take all practicable steps to protect personal data against unauthorized or accidental access, processing, erasure, loss, or use. Technical and organizational security measures are in place (see Section 12 below).

DPP 5: Information to be Generally Available

This Privacy Policy is publicly available and describes our policies and practices regarding personal data. We are transparent about the kinds of data we hold and how it is used.

DPP 6: Access and Correction

You have the right to access and correct your personal data under Sections 28 and 29 of the PDPO (see Section 7 above). We respond to access and correction requests within the statutory timeframe.

9. Providing Your Personal Data to Others

9.1 Service Providers and Processors

We engage third-party service providers who process personal data on our behalf under strict contractual obligations:

We confirm that any third party with whom we share your personal data — including analytics tools, advertising networks, third-party SDKs, and any related entities that may have access to your data — will provide the same or equal protection of your personal data as required under this Privacy Policy and applicable law.

Service ProviderService ProvidedData AccessedLocation
Cloud hosting providerBackend API hosting and database storageAll user dataCloud provider region
Push notification servicePush notification relayPush notification tokensUnited States
Crash reporting serviceError monitoring and diagnosticsAnonymized device info, crash logsUnited States / EU
App Store (Apple App Store, Google Play Store, Samsung Galaxy Store, Huawei AppGallery, or similar)App distribution and in-app purchasesStore account ID, purchase historyVarious
StripePayment processing for subscriptionsPayment details, transaction dataUnited States
OIDC identity providerIdentity verification for third-party sign-inOIDC account identifier, emailUnited States

9.2 Legal and Regulatory Disclosures

We may disclose your personal data if required to do so by law, or in response to valid requests by public authorities (including a court or government agency), or where we believe disclosure is necessary to comply with a legal obligation, protect and defend our rights or property, prevent or investigate possible wrongdoing, or protect the personal safety of users or the public.

9.3 Business Transfers

If Stay Planner is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change and provide you with choices regarding your personal data.

9.4 What We Do NOT Share

  • We do not sell your personal data to third parties
  • We do not share your personal data with advertisers
  • We do not share your travel data, stay records, or compliance status with tax authorities unless legally compelled to do so

10. International Transfers

Your personal data is primarily stored and processed on servers operated by our cloud hosting provider. Data may be processed in locations outside Hong Kong, including but not limited to the United States, the United Kingdom, and the European Economic Area.

10.1 PDPO Section 33 Considerations

Section 33 of the PDPO provides that personal data shall not be transferred to a place outside Hong Kong unless one or more of the following conditions is met:

  • The data subject has given consent (express or implied) to the transfer
  • The data subject has been informed of the places to which data may be transferred and has given no objection
  • The place is on a list of jurisdictions prescribed by the Privacy Commissioner
  • The data user has reasonable grounds to believe that the destination jurisdiction has substantially similar data protection laws
  • The transfer is necessary for the performance of a contract between the data user and the data subject

We rely on contractual necessity, user consent (by using the Service, you consent to cross-border transfers as described in this policy), and substantially similar protections (all third-party service providers are bound by contractual obligations requiring data protection standards substantially similar to those under the PDPO) as the legal bases for cross-border transfers.

10.2 Safeguards

  • Standard contractual clauses or equivalent data protection agreements with service providers
  • Technical measures including encryption in transit (TLS) and at rest
  • Regular assessment of service provider compliance with data protection obligations

11. Security of Personal Data

We take the security of your personal data seriously and implement the following measures in accordance with PDPO Data Protection Principle 4:

11.1 Technical Measures

  • Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security)
  • Encryption at rest: Personal data stored in our databases is encrypted at rest
  • Password security: Passwords are stored as cryptographic hashes using industry-standard algorithms
  • Secure token storage: Authentication tokens on your device are stored in the device's secure storage (iOS Keychain / Android Keystore)
  • Biometric security: Biometric authentication (Face ID / Touch ID) is processed by your device's Secure Enclave — biometric data is never transmitted to or stored by us
  • Access controls: Access to personal data is restricted to authorized personnel on a need-to-know basis
  • Regular security assessments: We conduct periodic reviews of our security practices

11.2 Organizational Measures

  • Staff with access to personal data are trained on data protection obligations
  • We maintain incident response procedures for data breaches
  • We conduct due diligence on all third-party service providers before engagement

11.3 Limitations

While we take all practicable steps to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of your personal data.

11.4 Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, inform affected users without undue delay.

12. Direct Marketing

We comply with the direct marketing provisions of the PDPO (Sections 35A–35K). Our direct marketing practices are as follows:

12.1 What Constitutes Direct Marketing

Under the PDPO, "direct marketing" includes offering or advertising goods, facilities, or services, or soliciting donations or contributions, by means that are addressed to a specific individual.

12.2 Our Direct Marketing Activities

  • Announcing new features or updates to the Stay Planner Service
  • Sending promotional offers related to Pro subscription upgrades
  • Sharing relevant tax compliance news or tips

12.3 Your Consent (Opt-Out)

We may use your personal data for direct marketing purposes, such as sending you information about Pro subscription upgrades or tax compliance tips. You have the right to opt out of direct marketing at any time by tapping "unsubscribe" in any marketing email, disabling marketing notifications in app settings, or emailing privacy@stayplanner.io. If you have not opted out, you are deemed to have consented to receiving such communications.

12.4 Withdrawing Consent

If you no longer wish to receive direct marketing communications, you may withdraw your consent at any time by tapping "unsubscribe" in any marketing email, disabling marketing notifications in app settings, or emailing privacy@stayplanner.io. We will cease using your personal data for direct marketing within 30 days of receiving your withdrawal request. We will not charge any fee for processing your withdrawal.

12.5 Provision of Data to Others for Direct Marketing

We do not provide, sell, or transfer your personal data to any third party for their direct marketing purposes.

13. Retaining and Deleting Personal Data

We retain your personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. We do not retain personal data beyond what is reasonably required for our legitimate business needs, statutory obligations, or dispute resolution. Personal data that is no longer necessary will be deleted or anonymized.

13.1 Account Deletion

You may request deletion of your account and personal data at any time through Settings > Account > Delete Account in the app, or by emailing privacy@stayplanner.io. Upon account deletion, your personal data will be erased from our active systems within 30 days. Data required for legal or regulatory compliance may be retained for the applicable statutory period. Anonymized or aggregated data that cannot identify you may be retained for analytics purposes.

14. Children's Privacy

Stay Planner is not intended for use by children under the age of 16. We do not knowingly collect personal data from children under 16.

In accordance with the Personal Information Protection Law of the People's Republic of China ("PIPL"), applicable to users in mainland China, when processing personal information of minors under the age of 14, the personal information processor must obtain the consent of their parents or guardians and formulate specialized personal information processing rules for processing such personal information. We will comply with these requirements for users in mainland China under the age of 14.

If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at privacy@stayplanner.io, and we will take steps to delete such information from our systems.

15. Third-Party Websites and Services

The Stay Planner Service may contain links to third-party websites or services that are not operated by us. These include the Apple App Store, Google Play Store, Samsung Galaxy Store, Huawei AppGallery, and similar app stores for app downloads, payment providers (Stripe, Apple Pay, Google Pay) for subscription management, and social media platforms (if applicable).

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. We encourage you to review the privacy policies of these third parties before providing any personal data to them.

This Privacy Policy applies only to personal data collected through the Stay Planner Service.

16. Social Media

Stay Planner does not currently operate social media accounts. This section will be updated if we do so in the future.

17. Cookies and Local Storage

17.1 What We Store Locally

The Stay Planner landing page (stayplanner.io) uses browser localStorage to store your theme preference (light or dark mode) and language preference (en, zh-cn, zh-hk). These preferences are stored locally on your device and are not transmitted to our servers.

17.2 Essential Technical Data

Our backend API may set essential session cookies or tokens for authentication purposes. These are strictly necessary for the operation of the Service and cannot be disabled if you wish to use the app.

17.3 No Tracking Cookies

We do not use tracking cookies, analytics cookies, or advertising cookies on our landing page. The landing page uses Cloudflare Web Analytics, which is a privacy-friendly, cookieless analytics service.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by posting the updated policy on this page with a new "Last Updated" date, sending you a notification through the app or by email (for material changes), or requiring you to review and accept the updated policy upon next login (where appropriate).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

19. Contact Us

For any privacy-related inquiries, please contact us at privacy@stayplanner.io

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us:

  • Email: privacy@stayplanner.io

Regulatory Authority

If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong:

  • Address: Unit 1303, 13/F, Dah Sing Financial Centre, 248 Queen's Road East, Wanchai, Hong Kong
  • Telephone: +852 2827 2827
  • Email: enquiry@pcpd.org.hk
  • Website: www.pcpd.org.hk

For any privacy-related inquiries, please contact us at privacy@stayplanner.io