Private and Protected

Enterprise-grade security, advanced permissions, backup, encryption, and more. Planhat is built to keep your data private and protected. We put security front and centre so you don’t have to.

Always On
An abstract render indicating that Planhat has high uptime.

Prevent and protect

Planhat is built with best-in-class security protocols to keep your workspaces safe and secure at every level. We provide constant monitoring, enterprise-grade SIRP and dedicated security support as standard.

24/7 monitoring

Planhat uses an industry standard application management solution to monitor all systems 24/7 and trigger alerts based on event logs. Our global team is on-call to address threats and resolve incidents as soon as they arise.

Robust SIRP

Planhat has developed a robust Security Incident Response Process to address security events efficiently and quickly. We screen and evaluate issues continuously, immediately remediating all critical issues and prioritising less pressing issues for resolution as part of the standard release and development process.

Dedicated security services

Planhat has a dedicated squad of security specialists as part of its global platform team. They conduct regular security reviews and risk assessments and can provide targeted protocols and SLAs to meet unique security needs.

An abstract render indicating that Planhat is backed up twice.

Your contingency plan, built-in

Planhat stores all your data in secure, distributed, and fully redundant databases through scheduled daily and intraday backups.

Daily & intraday backup

Put nothing at risk with near-continuous backup of your entire Planhat environment and database.

Secure multi-location storage

We mitigate correlated risk by storing all backups in geographically separate locations to our main warehouse.

Redundancy as standard

Planhat is architected to ensure no system or device has a single point of failure. Data is always written to two locations when stored.

An abstract render of a keyhole indicating that Planhat is secure.

Hidden in plain sight

Planhat forces HTTPS on all connections and encrypts data in-transit with TLS. All data at-rest is secured using AES 256-bit encryption. Our encryption protocol is best-in-class and virtually impenetrable.

TLS in-transit

We deploy TLS 1.2 or 1.3 (browser dependent) on all HTTPS requests to ensure in-transit data remains private and secure.

AES-256 at-rest

We use AES 256-bit encryption to protect data at-rest.

Identity Management
An abstract render of a Planhat login page.

Safe from prying eyes

Planhat offers multiple login methods and granular login restrictions for enhanced security.

Single sign-on (SSO)

Users can authenticate themselves into Planhat using SSO. Session length and time-based log-out restrictions can be configured to mitigate the probability of unauthorised access.


Planhat offers SAML 2.0 standard with Okta, Azure AD, GSuite, ADFS and Custom SSO. Across these, we support both Service Provider (SP) initiated and Identity Provider (IdP) initiated flows. Admins can configure whether to use IdP or both.

Login restrictions

Non-SAML users can restrict which login methods (Google SSO, Email login) are permitted in their workspace as an additional security layer.

An abstract render of a secured dashboard in Planhat.

Now you see me

Deeply configurable permissions all the way from entire feature sets to company portfolios and specific actions on individual fields, by user role, portfolio and team.

Property-action permissions

Permission specific actions like view, create, update and export at the level of the individual object property. Allow different roles to access different subsets of your customer database by individual portfolio, team or specific customer segments.

Granular user roles

Create an infinite number of fully custom user roles with highly granular permissions on property access, features like customer conversations and revenue, and account portfolios. Restrict access to system-level privileges with designated Admins.

Distinct workspaces

Workspaces allow you to architect Planhat around specific use cases like new business sales, customer support and revenue operations. They foster privacy by showing your team what they need, and eliminating the rest.

An abstract render showing that Planhat is AICPA SOC II compliant.

Built on a world-class security infrastructure

Planhat builds and maintains best-in-class data privacy and security protocols across both platform and services.

SOC 2 Type II

Planhat’s exceptional security standards and policies have been independently validated in a SOC 2 Type II audit.

Reliable and secure infrastructure partners

Planhat uses Google Cloud Platform (GCP) and hosts services within its own secure cloud environment. Read about our partnership here.

Start delivering results, not promises

See why Planhat is the tool of choice for the world’s most customer-centric businesses.