Skip to content
Planner.coach
Trust & Compliance

You coach the team. We handle the small print.

From parental consent to retention sweeps and audit logs — it's running in the background of every account, on every plan, from day one. Safeguarding kids, parental consent, data protection, audits: you don't have to think about it. We already have.

UK GDPR
Data Protection Act 2018
EU GDPR
Article 28 DPA
GDPR-K
EU children
COPPA
US under-13
ICO Children's Code
Age Appropriate Design
DBS / WWCC / SafeSport
Credential tracking
Built In

The bit we do, so you don't have to

No add-ons. No checkboxes to find in settings. Open an account and the protections below are already running in the background.

Athlete details locked behind real encryption

Dates of birth, medical notes, phone numbers, emergency contacts — all encrypted. The key sits outside the database in a separate vault, so even a worst-case database leak reveals nothing readable.

Parental sign-off, built in

Add a young athlete and we automatically ask their guardian for consent. They click a link, you get notified. If your club already collects paper forms, upload the scan and we treat it the same.

Every sensitive view is logged

When a safeguarding officer or admin views a coach's DBS or background-check document, we keep a permanent record. Append-only. If anyone ever needs to ask "who saw what, and when?", the answer is one click away.

Old records clean themselves up

Athletes inactive for six years are flagged, warned twice by email, then erased — not because we're strict, because UK GDPR says you can't keep data forever. Touch a record (an attendance, a note) and the clock resets.

Coaching Minors

Coaching kids? You're already covered.

Most coaching platforms leave parental consent up to you and your clipboard. We don't. The moment you enter a young athlete's date of birth, the right safeguarding flow kicks in automatically.

Knows the right age in every country

13 in the UK and US. 14 in Spain. 15 in France. 16 in Germany. We apply the right threshold based on the athlete's country — you don't have to memorise a table.

Two ways to capture consent

Email a guardian a one-tap link, or attest an existing paper form. Both are stamped with timestamps and IP records so the audit trail holds up.

One-click revoke for parents

The same link guardians use to grant consent can revoke it. You get notified. For under-13s in the US, the record is wiped automatically the moment they revoke.

Photo and video preferences

Guardians can opt their child in or out of being photographed or filmed. It surfaces as a visible flag on the athlete's profile so it's impossible to miss.

Country-aware consent ages

Sample of the thresholds we apply automatically — the full table covers every country we serve.

🇬🇧 UK13+
🇺🇸 US13+
🇪🇸 Spain14+
🇮🇹 Italy14+
🇫🇷 France15+
🇮🇪 Ireland16+
🇩🇪 Germany16+
🇳🇱 Netherlands16+
Wherever You Coach

We speak your region's language

Whether you're in Manchester, Madrid, Minneapolis or Melbourne, the protections that matter where you coach are already switched on. Compliant where you coach, not just where we're based.

UK coaches

  • UK GDPR + Data Protection Act 2018
  • ICO Age Appropriate Design Code ('Children's Code')
  • DBS certificate storage with auto-renewal reminders
  • DBS Code of Practice retention — scans purged 12 months post-expiry

EU coaches

  • GDPR (Articles 5, 6, 8, 9, 28)
  • GDPR-K country-specific consent ages (14 / 15 / 16)
  • Standard Contractual Clauses for any data leaving the EU
  • Right to erasure, portability and rectification — all in-app

US coaches

  • COPPA — direct auto-erase for under-13s on parent revoke
  • SafeSport certificate tracking with expiry reminders
  • CCPA-style data export and deletion on request
  • Verifiable parental consent before any minor data is saved

Australian coaches

  • Working With Children Check (WWCC) credential tracking
  • Australian Privacy Principles (APPs) baseline on every account
  • Parental consent capture aligned with OAIC guidance for minors
  • Notifiable Data Breaches scheme — reportable within the OAIC's required window if it ever matters
Audit-Ready

If a regulator asks, you've got receipts

Compliance isn't just about prevention — it's about being able to prove the right things happened. We keep the records so you can point to them.

Hashed deletion receipts

Every record we erase leaves a cryptographically hashed audit row behind — no personal data, just proof the deletion happened. If a regulator ever asks, you can demonstrate the work was done.

Credential access log

Every cross-user view of a DBS, WWCC or SafeSport document is logged: who, when, from where. Append-only. Safeguarding officers can pull it any time.

Daily safety-net sweeps

A nightly job catches missed deletions, expiring certifications, and revoked-but-not-removed records. Reminders go out before anything slips. A paper trail you didn't have to build.

Data Processing Agreement on file

Club accounts get an Article 28-compliant DPA covering sub-processors, breach notification, and your right to audit. Sign once on your team settings — done.

Roles, Plainly

Who's responsible for what

The law calls it 'controller and processor'. In plain English: you bring the team and decide what to keep. We bring the secure filing cabinet and lock the door.

What we handle

  • Encrypt sensitive athlete data
  • Send guardian consent emails
  • Apply country-specific age thresholds
  • Log every credential view
  • Auto-purge inactive records (after warning the coach)
  • Auto-delete US under-13 data on parent revoke (COPPA)
  • Daily compliance sweeps and reminder emails
  • Maintain the DPA, ToS and Privacy Policy
  • Notify the ICO within 72 hours if there's ever a breach

What you handle

  • Tell parents and athletes you use Planner.coach
  • Collect consents (we provide the tool)
  • Action deletion requests when guardians ask
  • Keep your own credentials current (we'll remind you)
  • Decide who at your club gets what role
  • Respect any preferences guardians set (e.g. no photos)

Full controller / processor terms live in our Data Processing Agreement.

Safeguarding Records

Your DBS, WWCC and SafeSport — never expired again

Store every coaching, safeguarding and first-aid credential against your profile. We send the renewal reminders. Safeguarding officers can verify them with one click. The certificate scan never has to live in someone's inbox again.

  • Reminders at 60, 30, 7 and 0 days before expiry — plus 7 days after
  • 60-second signed download links — no long-lived public URLs
  • Visible only to safeguarding officers and admins (you control who)
  • Every download logged, append-only
  • Scans auto-purge 12 months after expiry; metadata kept for audit
Enhanced DBS
Issued by Disclosure & Barring Service
Active
Reference0012•••••89
Issued12 Aug 2024
Expires12 Aug 2027
Renewal reminder will send to your inbox on 12 Jun 2027 (60 days before expiry).
FAQ

The questions safeguarding officers ask first

The full legal documents

Walk into your next safeguarding meeting prepared

Book a 20-minute call with us and we'll walk your safeguarding officer through every protection on this page — answering the questions before they're asked.