Planalyte is an AI requirement management and agile planning tool that transforms BRDs, meeting notes, and raw requirements into structured, estimated work items. It integrates directly with Azure DevOps, GitHub, and Jira.

How does Planalyte help with sprint planning?

Planalyte uses AI to analyse your requirements, generate user stories and tasks, assign effort estimates, and organise work items into a sprint-ready backlog — eliminating hours of manual planning work.

Can Planalyte convert a BRD into user stories?

Yes. Upload a BRD (PDF or document), and Planalyte's AI extracts requirements, groups them by feature, generates user stories and acceptance criteria, and pushes them directly to your project management tool.

Which tools does Planalyte integrate with?

Planalyte integrates with Azure DevOps, GitHub, and Jira. Work items generated by AI can be pushed to any of these platforms in one click.

Is Planalyte free to use?

Planalyte offers a free tier with core features. Premium plans unlock advanced AI capabilities, higher usage limits, and team collaboration features.

What is AI requirement management?

AI requirement management uses artificial intelligence to analyse, structure, and transform business requirements into actionable development tasks. Planalyte automates this process, reducing requirement analysis time by up to 80%.

Privacy Policy

Effective Date: March 19, 2026

1. Introduction

Sambangi Consultancy Inc., doing business as Sambangi Inc. ("we", "us", "our"), operates the Planalyte platform ("Service"), an AI-powered project planning and work-item management application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using Planalyte, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

Account Data — Name, email address, and authentication credentials (OAuth tokens from GitHub, Azure DevOps, Jira, or email/password).
Work Items — Titles, descriptions, acceptance criteria, and metadata you create or import into Planalyte.
Chat Messages — Conversations with the AI assistant, including prompts and generated responses.
Provider Connections — OAuth tokens and project/repository identifiers for integrated services (Azure DevOps, GitHub, Jira).
Support Requests — Information you submit via the support form or email.

2.2 Information Collected Automatically

Usage Data — Pages visited, features used, timestamps, and interaction patterns collected through our monitoring infrastructure.
Device Data — Browser type, operating system, screen resolution, and IP address.

2.3 What We Do Not Collect or Store

Source Code — We operate a zero code retention policy. We do not store, copy, or retain your source code at any time. During code impact analysis, repository data is processed in real-time in memory and is never written to disk or any persistent storage.
Payment Information — We do not currently collect payment information directly. When billing is implemented, all payment processing will be handled by a PCI-compliant third-party processor. We will never store credit card numbers on our servers.

3. How We Use Your Information

To provide, maintain, and improve the Service.
To process AI analyses — your work-item descriptions and chat messages are processed by AI models hosted exclusively within our Canadian infrastructure. Your data never leaves Canada for AI processing.
To authenticate your identity and manage your account.
To send transactional emails (e.g., password resets, billing receipts).
To respond to support requests.
To detect, prevent, and address security issues or abuse.
To generate aggregated, anonymized analytics to improve the product.

We do not sell your personal data to third parties. We do not use your data to train AI models.

4. Data Residency and Security

4.1 Data Residency

All Planalyte infrastructure — including application servers, databases, AI model endpoints, file storage, and monitoring systems — is hosted exclusively in Canada Central. Your data never leaves Canadian territory for processing or storage. This applies to all tiers of service.

4.2 Security Measures

Data is stored on enterprise-grade cloud infrastructure within Canada Central with disaster-recovery capabilities.
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
OAuth tokens and secrets are encrypted and stored in a dedicated vault, never in application code.
Database access is restricted to application-level managed identities with least-privilege permissions.
We follow industry-standard practices including access logging, encryption, and role-based access control.

4.3 Zero Code Retention

We maintain a strict zero code retention policy. When you connect a repository for code impact analysis, the repository data is streamed and analyzed in real-time. No source code is ever persisted to disk, database, or any form of permanent storage. Once the analysis is complete, all code data is discarded from memory.

5. Data Retention and Deletion

Data Type	Retention Period
Account data	Until account deletion + 15 days
Work items	Until deleted by user or account deletion + 15 days
Chat history (Free tier)	7 days
Chat history (Pro / Pro Team / Enterprise)	Until deleted or account closure
Impact analysis results	90 days, then auto-archived
Source code	Never stored — zero retention policy
Server logs	30 days
Analytics data	12 months (aggregated, anonymized)

Account Deletion

You may request account deletion at any time by contacting support@planalyte.com or through the account settings page.

Upon deletion request, your account is immediately deactivated.
All personal data, work items, chat history, and provider connections are permanently deleted within 15 days.
Anonymized, aggregated analytics data may be retained beyond this period as it cannot be linked back to you.
Backups containing your data are purged within 90 days of deletion.

6. Cookies and Tracking

Essential Cookies — Authentication session tokens and CSRF protection. Required for the Service to function.
Analytics — Aggregated performance metrics collected through our infrastructure hosted in Canada Central. No third-party analytics services are used.
We do not use advertising cookies or trackers.
We do not share cookie data with third parties for marketing purposes.

For full details, see our Cookie Policy.

7. AI Processing and Third-Party Services

7.1 AI Processing

All AI models used by Planalyte are hosted exclusively within our Canada Central infrastructure. Your work-item descriptions, chat messages, and analysis data are processed by these in-region models and are never transmitted to external AI providers or any servers outside of Canada. No third-party AI company receives, processes, or has access to your data.

7.2 Third-Party Integrations

When you choose to connect third-party project management tools (such as Azure DevOps, GitHub, or Jira), data is exchanged with those services only at your direction:

Work items are pushed to or pulled from these integrations only when you explicitly initiate a sync or push action.
OAuth tokens for these integrations are encrypted and stored in our secure vault within Canada Central.
Data pushed to third-party services is governed by those services' respective privacy policies.

7.3 Sub-Processors

Our cloud infrastructure provider hosts all services within Canada Central. We have Data Processing Agreements in place with all sub-processors. No sub-processor receives your source code.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

Access — Request a copy of the personal data we hold about you.
Rectification — Correct inaccurate personal data.
Deletion — Request deletion of your personal data (see Section 5).
Data Portability — Receive your data in a structured, machine-readable format.
Restriction — Request restriction of processing in certain circumstances.
Objection — Object to processing based on legitimate interests.
Withdraw Consent — Where processing is based on consent, you can withdraw at any time.

For GDPR (EU/EEA/UK): You may exercise these rights by emailing privacy@planalyte.com. We will respond within 30 days.

For PIPEDA (Canada): Canadian residents have the right to access, correct, and challenge the accuracy of their personal information held by Planalyte. All data is processed and stored in Canada in compliance with the Personal Information Protection and Electronic Documents Act.

For CCPA (California): California residents have additional rights including the right to know what data is collected, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information.

9. Data Transfers

All Planalyte services, databases, and AI models are hosted in Canada Central. Your data does not leave Canada for processing or storage. The only circumstances in which data may cross borders are:

When you explicitly push work items to a third-party service (e.g., GitHub, Azure DevOps, Jira) that may host data in other regions.
When you access the Service from outside Canada, your requests are routed to our Canadian servers over encrypted connections.

We maintain Data Processing Agreements (DPAs) with all sub-processors. Standard Contractual Clauses (SCCs) are available for users in jurisdictions that require them.

10. Children's Privacy

Planalyte is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@planalyte.com and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the Service or sending an email to the address associated with your account. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, contact us at:

Email: privacy@planalyte.com
Company: Sambangi Consultancy Inc., doing business as Sambangi Inc.