Own your future. Not your debt.
Build My Strategy

DebtPlan.me

Privacy Policy

Last updated: May 5, 2026

This Privacy Policy explains how DebtPlan.me handles information for its no-auth, token-based debt payoff planning flow.

Overview

DebtPlan.me provides debt payoff planning tools that help users understand possible payoff paths. No bank account connection is required. You control the information you enter, and public plan access uses secure planToken links instead of customer sign-in.

Information collected

We may collect the information you choose to enter or submit:

  • Debts entered, including names, balances, APRs, and payment details.
  • Income, expense, rainy day fund, and available cash information.
  • First name if you provide it for plan and email personalization.
  • Email address if you request plans, check-ins, secure plan access, or support requests.
  • Analytics and events such as visits, preview generation, checkout, plan views, PDF downloads, and validation issues.
  • Plan tokens used to retrieve token-based plans and secure plan links.

DebtPlan.me does not collect banking credentials, performs no credit pulls, requires no last name, address, or phone number for public plans, and does not store payment card data directly. Payment card processing is handled by the payment provider.

How information is used

  • Generate payoff previews, plans, and plan validation results.
  • Improve calculations, reliability, and the product experience.
  • Send plans, secure access links, and check-ins if requested.
  • Support review submissions and follow-up communication.
  • Monitor system reliability, validation failures, email delivery, and PDF delivery.

Plan access

Plans are accessed through a secure planToken. No customer account is required for public plan access. Plan links will expire after the configured access period, and plans will expire after 30 days, unless deleted by the user sooner.

Email communication

If you provide an email address, DebtPlan.me may send plan links, secure access links, monthly check-ins, support replies, or review responses. Check-in and marketing-style messages include unsubscribe controls where applicable.

Data retention

In practice, plans may expire after 30 days. Analytics, reliability, payment, validation, and audit events may be retained longer to operate and improve the service. You can request deletion where applicable through the Contact Us form.

Security

DebtPlan.me uses validation protections before showing plans, generating PDFs, sending plan emails, or creating checkout sessions. Public plan access uses secure tokens. Transmission should occur over encrypted connections in production. Administrative tools are limited to admin authentication and are separate from the public no-auth flow.

Contact

For privacy requests, please use our Contact Us form. Open Contact Us.