Privacy Policy

Privacy Policy

Updated: 8 March 2026

1. Introduction

Objector.ai Limited ("objector.ai", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our planning application analysis platform.

2. Information We Collect

Account Information

  • Username (required for account identification)

  • Email address (required for communications and account recovery)

  • First and last name (required for personalisation)

  • Phone number and country code (required for SMS-only authentication)

  • Account preferences and settings

Planning Documents

  • Planning application documents you upload

  • Document metadata and extracted text content

  • Analysis results and generated reports

  • Application references and location data

Security and Usage Data

  • IP address and browser information

  • Login attempts and authentication events

  • Security events and session data

  • Platform usage patterns and preferences

  • Error logs and system performance data

  • SMS verification codes (temporary storage)

  • Two-factor authentication settings (if enabled)

Free Portal Opinion Scans

When you use the free planning portal opinion service, we log the URL you submit, the timestamp, and your account identifier. This data is used solely for rate-limiting (one scan per account per 24-hour period), service quality monitoring, and fraud prevention. Portal scan logs are retained for 12 months and then deleted.

Plan-AI Intelligence Data (Anonymised)

When you complete a paid analysis, we automatically generate an anonymised record and add it to our internal planning intelligence dataset. This record contains no personal data. It includes:

  • Application type (outline or standard) and country

  • Local planning authority name

  • Site postcode prefix only (e.g. "TN13" — not the full postcode or street address)

  • Classified development type (e.g. residential, commercial, industrial)

  • Number and categories of objection grounds identified

  • NPPF paragraph references cited in the analysis

  • Whether internal document contradictions were detected

  • Aggregated analysis confidence scores

  • Whether the full toolkit was purchased

  • Planning decision outcome, if later voluntarily submitted

No user identifiers, names, email addresses, phone numbers, full addresses, or any other personal information are included. It is not possible to identify you or your property from the data stored. As this record contains no personal data, it falls outside the scope of UK GDPR and is not subject to data subject access or deletion rights.

3. How We Use Your Information

We use your information to:

  • Provide planning document analysis services

  • Generate objection letters and supporting materials

  • Maintain your account and provide customer support

  • Process payments and manage subscriptions

  • Send service-related communications

  • Improve our platform and develop new features

  • Comply with legal obligations

  • Enforce rate limits and prevent misuse of the free portal opinion service

  • Build and maintain our anonymised planning intelligence dataset for platform improvement, internal analytics, and planning research

Use of the platform is subject to our Terms of Service, including Acceptable Use and Indemnity clauses.

4. Information Sharing

We do not sell, trade, or rent your personal information. We may share information only in the following circumstances:

  • Service Providers: Trusted third parties who assist in platform operations (e.g. OpenAI, Anthropic, Google, SendGrid, Stripe, Neon/PostgreSQL, Twilio, Google Tag Manager)

  • SMS Authentication: Your phone number is shared with Twilio solely for sending verification codes. Twilio complies with GDPR and operates under strict data protection agreements.

  • Legal Requirements: When required by law or to protect our rights

  • Business Transfers: In connection with mergers or acquisitions

  • Consent: With your explicit permission

SMS Data Processing (GDPR Compliance)

Phone numbers are processed on the lawful basis of legitimate interest for authentication. SMS verification codes are stored temporarily (15 minutes) and automatically deleted.

5. Data Security

We implement appropriate security measures to protect your information:

  • Encrypted data transmission (HTTPS/TLS)

  • Secure database storage with access controls

  • Regular security audits and updates

  • Limited employee access on a need-to-know basis

6. Your Rights

You have the right to:

  • Access your personal information

  • Correct inaccurate data

  • Request deletion of your account and data

  • Export your data

  • Withdraw consent for processing

  • Lodge complaints with data protection authorities

If you are a consumer, you may also have the right to cancel paid services within 14 days of purchase under the Consumer Contracts Regulations 2013. See our Terms of Service for details.

Note: anonymised intelligence records (see Section 2) contain no personal data and are therefore not subject to data subject rights under UK GDPR. Deleting your account does not affect these records.

7. Data Retention

We retain your information as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Unpaid analyses: Not stored

  • Free initial analysis (Part A): 60 days from analysis completion

  • Free initial analysis (Part B — outline): 30 days from analysis completion

  • Paid full analyses: 6 months from analysis completion

  • Portal opinion scan logs: 12 months from the date of the scan

  • Anonymised planning intelligence records: Retained indefinitely for research and analytics purposes. As these records contain no personal data, account deletion does not affect them.

You may request account deletion at any time through your account settings.

8. Cookie Policy

Last Updated: 8 March 2026

What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They help ensure functionality, remember preferences, and provide usage insights.

How We Use Cookies

Objector.ai uses cookies to:

  • Ensure proper functioning and security

  • Authenticate users and maintain login sessions

  • Protect against threats and fraud

  • Remember cookie preferences

  • Collect anonymous usage statistics (with your consent)

Types of Cookies We Use

1. Essential Cookies (Always Active)

These are required for core functionality and include:

Session Cookie

  • Maintains login session

  • Duration: 1 week

  • Security: HttpOnly, Secure, SameSite: 'lax'

  • Stored in PostgreSQL

CSRF Protection Cookie

  • Prevents CSRF attacks

  • Duration: 1 week

  • Security: Secure, SameSite: 'lax'

2. Analytics Cookies (Optional)

With your consent, we use Google Analytics 4 to collect anonymous usage data such as pages visited, device and browser info, general location, anonymised IP, and on-site interactions. These cookies are only activated if you consent via our cookie banner. For details, see Google's Privacy Policy.

3. Advertising Cookies (Optional)

With your consent, we use Google Tag Manager to enable advertising cookies that help us show relevant advertisements, measure advertising effectiveness, understand how users find our website through ads, and limit how often you see the same advertisement. These cookies are only activated if you click "Accept All" on our cookie banner. You can change your preference at any time through the Cookie Settings link.

Local Storage

We use browser localStorage to remember your cookie preferences. This data remains on your device and is not transmitted to our servers.

cookieConsent: Stores your cookie preference ('all' or 'essential')

Managing Your Preferences

  • On first visit, choose "Accept All" or "Essential Only"

  • Click "Manage Preferences" to customise your choices

  • Change preferences at any time via the Cookie Settings link in the footer

  • Blocking essential cookies may impact functionality

9. Data Controller

Company: objector.ai Limited

Registration Number: 16505692

Registered Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

10. Contact Us

For privacy-related questions or requests:

Email: support@objector.ai

Postal Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

11. Policy Updates

We may update this Privacy Policy periodically. Updates will be posted on our website and take effect upon publication. Continued use of the platform constitutes acceptance of the updated policy. For legal terms including limitation of liability, indemnity, and force majeure, please refer to our Terms of Service.

objector.ai Limited — Registered in England and Wales (Company No. 16505692)

Registered address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

  .