Sign in Start Free
Features How It Works Pricing Docs
Sign in Start Free

Privacy Policy

Last updated: January 2026

Who we are

TestPlan is operated by The Code Guy Ltd, a company registered in England and Wales (Company No. 09407392). We are the data controller for your personal data.

Contact: privacy@test-plan.io

What data we collect

Information you provide

  • Account information: Name, email address, password (hashed and salted)
  • Billing information: Company name, billing address (payment details are handled by Stripe)
  • Workspace content: Features, test cases, test runs, and other content you create

Information collected automatically

  • Usage data: Features used, pages visited, actions taken
  • Device information: Browser type, operating system, screen resolution
  • Server logs: IP address, access times, error logs

Information from third parties

  • Stripe: Payment status and subscription information

How we use your data

We use your data to:

  • Provide and maintain the TestPlan service
  • Process payments and manage subscriptions
  • Send service-related communications (account notifications, security alerts)
  • Respond to support requests
  • Improve the product based on usage patterns
  • Detect and prevent fraud or abuse

We don't sell your data. We don't use your workspace content to train AI models. Your test cases and data belong to you.

Legal basis for processing

We process your data based on:

  • Contract: To provide the services you've signed up for
  • Legitimate interests: To improve our service and prevent abuse
  • Legal obligation: To comply with tax and accounting requirements

Who we share data with

We only share data with service providers essential to running TestPlan:

  • Microsoft Azure: Cloud hosting and infrastructure
  • Stripe: Payment processing
  • SendGrid: Transactional email delivery

All service providers are bound by data processing agreements and process data only on our instructions.

International transfers

Your data may be transferred to and processed in countries outside the UK/EEA. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and Data Privacy Framework certifications.

Data retention

  • Account data: Retained while your account is active, deleted within 30 days of account closure
  • Billing records: Retained for 7 years to comply with tax regulations
  • Server logs: Retained for 90 days

Your rights

Under UK GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interests

To exercise these rights, contact privacy@test-plan.io. We'll respond within 30 days.

Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest
  • Regular security assessments
  • Access controls and audit logging

See our Security page for more details.

Children

TestPlan is not intended for users under 16 years of age. We do not knowingly collect data from children.

Changes to this policy

We may update this policy from time to time. We'll notify you of significant changes via email or through the application. Continued use of TestPlan after changes constitutes acceptance.

Contact

For privacy-related questions or to exercise your rights:
privacy@test-plan.io

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.