Privacy Policy

At Plan Ahead Co we help you organise sensitive personal information, so we take your privacy seriously. We collect what’s needed to deliver your Personal Affairs Plan, store it securely, keep it for as long as we need it (and no longer), and never sell it. You can ask to see, correct, or delete your information at any time.

1. About this Policy

• This Privacy Policy explains how Plan Ahead Co Pty Ltd (ACN 697 886 614) (“Plan Ahead Co”, “we”, “us”, “our”) collects, uses, stores, and discloses personal information.
• We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
• This Policy applies to all personal information we collect through our website, intake forms, sessions, communications, and the delivery of our services.
• By using our services or providing personal information to us, you agree to this Policy.

2. The information we collect

To prepare your Personal Affairs Plan well, we need to collect information that is more personal than most service businesses ask for. We only collect what is necessary to deliver the Personal Affairs Plan you have asked us to prepare. This includes:

• Identity and contact details (name, date of birth, address, email, phone, emergency contacts)
• Information about your affairs (accounts, assets, insurance, debts, the people in your life, references to legal documents you hold)
• Wishes and personal guidance (funeral wishes, messages to loved ones, care preferences for dependants and pets)
• Payment information (processed by our payment provider; we do not see or store full card details)
• Website information (IP address, device type, pages visited — used for analytics)
• Sensitive information – some of the information you may choose to share with us is “sensitive information” under the Privacy Act and APPs (including health information, religious or cultural preferences, racial or ethnic origin, political opinions, and biometric or genetic information). We only collect sensitive information where it is reasonably necessary to deliver your Personal Affairs Plan and where you have provided your consent. Before completing our intake form, you’ll receive our Companion Workbook, which sets out the kinds of questions we may ask. This gives you time to consider what you’d like to share before any information is collected. You can choose not to share sensitive information with us – your Personal Affairs Plan will still be useful, though those sections will be left blank or general. Sensitive information you share with us will only be used and disclosed for the purpose it was collected, unless you give us further consent.

3. How and why we collect your information

We collect information directly from you — through our intake forms, guided sessions, email, and any documents you choose to share. We collect information from third parties only with your express instruction (for example, if you ask us to liaise with a professional adviser). We do not buy personal information from data brokers.

We use the information you give us to:

• Prepare, deliver, and (where applicable) renew your Personal Affairs Plan
• Communicate with you about your engagement
• Process payments and meet our tax and accounting obligations
• Respond to enquiries, complaints, or disputes
• Improve our services (using de-identified information where possible)
• Send you marketing communications, only where you have opted in
• Comply with our legal obligations

4. Who we share your information with

We do not sell your personal information.

We may share information with:

• Third party service providers, including agents or sub-contractors, to enable them to provide their services. This may include parties located, or which may store data, outside of Australia. Each provider handles only the information they need to do their job, and is subject to its own privacy and security obligations
• Our employees and contractors
• Professional advisers (such as our accountant, lawyer, or insurer), bound by confidentiality
• Anyone you specifically authorise us to share information with
• Government authorities or courts, where we are legally required to do so
• Credit reporting agencies, courts, tribunals, and regulatory authorities, in the unlikely event of an unresolved unpaid invoice or a dispute over payment for our services
• Third-party analytics tools (such as Google Analytics or similar), which may store data outside Australia
• A purchaser, in the unlikely event that our business or its assets are transferred (subject to equivalent privacy protections)

5. Cross-border disclosure

Several of our service providers store or process information outside Australia, primarily in the United States, the United Kingdom and the European Union. By providing your information to us, you consent to this disclosure. We choose our providers carefully and prefer providers with recognised security and privacy standards.

You acknowledge that overseas recipients may be subject to foreign laws that differ from Australian law, and that the protections of the Privacy Act and the APPs may not apply to information held overseas.

If you have concerns, please contact us before engaging our services so we can discuss alternatives where possible.

6. How we store and protect your information

We take security seriously because the information you share with us is personal and sensitive. Information is stored on encrypted servers operated by our third-party providers, with encryption applied both in transit and at rest. Access is restricted to people who need it to deliver the service, and administrative accounts use multi-factor authentication. We regularly review our security practices.

While we take reasonable steps to protect your information, no online service can guarantee absolute security. If we become aware of a data breach likely to result in serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.

7. What we don’t store

We do not store original legal documents (wills, powers of attorney, advance care directives) on your behalf.

We do not act as a digital vault or custodian for your Personal Affairs Plan after delivery — the Plan is delivered to you, and you are responsible for storing it and informing the right people where to find it.

We do not retain your Plan for retrieval by family members, executors, or attorneys after your death or incapacity.

8. How long we keep your information

We keep the information you give us for your Personal Affairs Plan for up to 18 months after delivery (or after your most recent renewal), so we can support your annual update. We keep signed agreements and invoices for 7 years to meet legal and tax obligations. Other operational records are kept for shorter periods. We may delete information sooner where it is no longer needed for our purposes. At the end of the relevant period, information is securely deleted or de-identified, unless we are required by law to keep it longer. You can ask us to delete your information sooner — see Section 11.

9. Cookies, tracking, and analytics

Our website uses cookies and similar technologies (such as web beacons and tracking pixels) to remember your preferences, understand how the site is used, and measure the performance of our marketing communications. We may use third-party tools including Google Analytics for analytics, and Meta (Facebook) and Google for marketing measurement and retargeted advertising. You can disable cookies in your browser, though some parts of the website may not work as well. Emails we send may include open and click tracking — you can adjust this by viewing our emails in plain text or with images disabled.

10. Links to other websites

Our website may include links to other websites. We don’t control how those sites handle personal information, and this Policy doesn’t apply to them. Please check the privacy policies of any sites you visit through our links.

11. Your rights

You have the right to:

• Ask what personal information we hold about you, and get a copy
• Ask us to correct information that is inaccurate, out of date, or incomplete
• Ask us to delete your information (subject to any legal obligation we have to keep it)
• Withdraw any consent you have given (for example, marketing consent — you can opt out of marketing emails at any time using the unsubscribe link, and we comply with the Spam Act 2003)
• Make a complaint about how we have handled your information

To exercise any of these rights, contact us at brooke@planaheadco.com.au. We will respond within 30 days. We may need to verify your identity first, particularly given the sensitivity of the information involved.

12. Children

Our service is for adults (18 years or over) and we do not knowingly collect personal information from children. Where adults using our service include information about dependent children in their Plan (such as guardianship or care preferences), that information is collected from the adult, not from the child.

13. How to make a privacy complaint

If you believe we have not handled your information in accordance with this Policy or the Privacy Act, please contact us first at brooke@planaheadco.com.au with the subject line “Privacy Complaint”. We will acknowledge your complaint within 5 business days and respond substantively within 30 days.

If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC):

• Website: oaic.gov.au
• Phone: 1300 363 992
• Post: GPO Box 5288, Sydney NSW 2001

14. Changes to this Policy

We may update this Policy from time to time to reflect changes in our service, our providers, or the law. If we make material changes, we will notify current clients by email and post a notice on our website. The “Last updated” date at the end of this Policy shows when it was last revised.

15. Contact us

Plan Ahead Co Pty Ltd
ACN 697 886 614
Email: hello@planaheadco.com.au
Website: planaheadco.com.au

Last updated: 15 May 2026