Privacy First

Privacy Policy

Your privacy matters to us. This policy explains how we collect, use, and protect your data.

Last updated: December 3, 2025

Our Privacy Principles

Data Minimization

We only collect the data we need to provide our services.

Transparency

We are open and honest about what data we collect and how we use it.

Your Control

You have control over your data and can view, change, or delete it at any time.

Information We Collect

Information You Provide to Us

  • Account information: Name, email address, password during registration
  • Company data: Company name, address, trade type, timezone settings
  • Customer data: Customer names, addresses, contact information, service histories
  • Job data: Job details, time slots, prices, material requirements
  • Technician data: GPS locations, working hours, service documentation, photos
  • Communication: Messages you send to us or exchange through our platform
  • Payment information: Credit card data and billing addresses (securely processed by Polar.sh)

Automatically Collected Information

  • Usage data: How you interact with our platform, pages visited, clicks
  • Device information: IP address, browser type, operating system, device identifiers
  • Location data: GPS coordinates for geofencing, route optimization, and time tracking (only with your consent)
  • Analytics: Performance metrics and error reports to improve our services (PostHog)
  • Cookies: Small files to personalize and improve your experience

How We Use Your Information

Service Provision
  • Route optimization and dispatch planning for your technicians
  • Automatic time tracking using geofencing
  • AI-powered job documentation (Whisper for speech recognition, GPT-4o for text rewrite)
  • Customer notifications via SMS, email, or push notification
  • ERP system integration (Hero, openHandwerk, SAP B1, Lexoffice, sevDesk)
Platform Improvement
  • Improve route calculations and dispatch planning
  • Develop new features based on user behavior
  • Identify and fix technical issues
  • Provide personalized customer support

Data Security

Industry-Leading Security Measures

We implement robust security measures to protect your personal and business data:

  • End-to-end encryption for all data transmissions
  • AES-256 encryption for stored data
  • Regular security audits and penetration testing
  • PostgreSQL database with Row-Level Security (Neon)
  • Multi-factor authentication for additional protection (Better Auth)
  • Secure backup and disaster recovery procedures

Your Rights

Access & Portability

You have the right to access all your data and export it in a structured, machine-readable format.

Correction & Updates

You can update your personal data at any time through your account settings or contact us to make corrections.

Deletion

You can delete your account and all associated data at any time. This action is irreversible.

Opt-Out

You can opt out of marketing communications at any time and restrict data processing for certain purposes.

Data Sharing

We Never Sell Your Data

ManoPlan never sells, rents, or trades your personal data. Your privacy is not for sale.

We only share limited data with trusted third-party providers who help us deliver our services:

  • Payment processing: Polar.sh for subscription management
  • Cloud hosting: Vercel for web hosting, Neon for database
  • File storage: Cloudflare R2 for photos and documentation
  • Notifications: Firebase (Push), Twilio/MessageBird (SMS), Brevo/Resend (Email)
  • Maps and navigation: Google Maps for route optimization

AI Processing (OpenAI)

Use of OpenAI for AI-Powered Features

We use OpenAI services to provide our AI-powered features such as speech recognition (Whisper) and documentation rewriting (GPT-4o).

Your Data and OpenAI:

  • OpenAI has no right to use your data to train their AI models
  • Your data is used exclusively to process your requests via the OpenAI API
  • OpenAI does not permanently store your data sent via the API
  • We have an Enterprise agreement with OpenAI that includes additional data protection guarantees
  • All data is transmitted to OpenAI in encrypted form
  • We only send the minimum necessary data to fulfill your request

Location Tracking & Geofencing

GPS Location for Automatic Time Tracking

ManoPlan uses GPS locations of your technicians for automatic time tracking using geofencing. This feature is optional and requires your explicit consent.

Use of location data:

  • Automatic start/stop of working hours when entering/leaving customer location
  • Route optimization for efficient dispatch planning
  • Live ETA updates for customers
  • Location history to verify visited sites

Your technicians can disable location tracking at any time in the app settings. However, this will affect automatic time tracking.

Data Storage and Server Location

Your data is stored and processed on servers located in the United States (Vercel, Neon PostgreSQL) and Europe (Cloudflare R2). We use professional cloud hosting services that meet industry-leading security standards.

International Data Transfers

As our servers are located in the USA, data from EU users is transferred to the United States. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR for all EU data transfers
  • Regular assessment of data protection risks and implementation of additional safeguards
  • Encryption of all data during transmission and storage
  • Compliance with US data protection laws and best practices

Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16 without explicit parental consent.

Detailed Cookie List

The following list contains all cookies used by ManoPlan. All listed cookies are essential for the operation of the platform.

better_call_session

Stores your session information after login. Enables authentication and access to your account. Automatically deleted when you log out or the session expires.

Duration: Session (deleted when logging out or after 30 days)

Type: Essential - HTTP-Only, Secure, SameSite

better_call_session_token

Secure token for authentication. Used to verify your identity for API requests and prevent unauthorized access.

Duration: Session (deleted when logging out or after 30 days)

Type: Essential - HTTP-Only, Secure, SameSite

theme

Stores your preference for light or dark mode. Allows the website to maintain your chosen theme on your next visit.

Duration: 1 year

Type: Essential - Functionality

NEXT_LOCALE

Stores your preferred language (German or English). Allows the website to automatically load in your chosen language.

Duration: 1 year

Type: Essential - Functionality

No Tracking or Marketing Cookies

ManoPlan does not use any third-party tracking, analytics, or marketing cookies except PostHog for anonymized usage statistics. We respect your privacy and only use the minimally necessary cookies for platform operation.

Cookie Management

All cookies we use are essential for the operation of the website and cannot be disabled without affecting the functionality of the platform. You can delete cookies in your browser settings at any time, but this will result in logout and loss of your preferences.

Policy Changes

We may update this privacy policy occasionally. We will notify you of significant changes via email or through our platform. Continued use after changes constitutes your consent to the updated terms.

Contact Us

For questions about this privacy policy or your data rights, please contact us:

Email: support@manoplan.de

Address: Eichenweg 34b, 9581 Ledenitzen, Austria

Data Protection Officer: Andre Prochiner

Privacy Policy - ManoPlan | GDPR Compliant & Secure