Privacy notice

Last updated: 6 May 2026

Cette page n'est actuellement publiée qu'en anglais. Les versions française et allemande sont en attente de révision de traduction. La version anglaise fait foi. English version →

This notice tells you how MyPensionPlan.lu processes personal data. It is written to satisfy Article 13 of the General Data Protection Regulation (GDPR) — the information you are entitled to receive when we collect data from you directly. The site is a free, English-first calculator for the Luxembourg statutory pension. We do not sell anything, we do not recommend insurance products, and we do not run a user database.

1. Controller and contact

The data controller is Rogan Cowan, doing business as MyPensionPlan, based in Luxembourg. The full publisher details are on the Legal notice page. The entity will be incorporated as a Luxembourg company before paid subscription features launch; this notice will be updated to name the company at that point.

Contact for any privacy matter: hello@mypensionplan.lu. Mark the subject line "GDPR request" so your message is triaged correctly.

We have not appointed a Data Protection Officer because the project does not meet the Article 37 GDPR thresholds (no large-scale or systematic processing of special-category data, no core activities consisting of regular and systematic monitoring of data subjects on a large scale).

2. What data we collect and why

The calculator works by sending the inputs you enter (date of birth, gross annual salary, salary growth assumption, nationality, retirement date and place, career history, and — for the survivor calculation — gender and spouse details) to our calculation engine, which returns a pension estimate. We do not ask for and do not process any special-category data (Article 9 GDPR) such as health, religion, or ethnic origin.

The lawful basis for the calculation is Article 6(1)(f) GDPR — our legitimate interest in providing the information service you have requested. The data minimisation principle (Article 5(1)(c)) is respected: every input is necessary to compute the result under the official CNAP formula.

We also use a small amount of browser-side storage (localStorage):

We set no tracking cookies. The site does not use Google Analytics, Meta Pixel, or any advertising tracker.

We do use Plausible Analytics (Plausible Insights OÜ, Estonia, infrastructure in Hetzner Falkenstein, Germany) for aggregate site-usage analytics. Plausible is cookieless: it sets no cookies on your device and does not store IP addresses. It rotates a daily salt to prevent cross-day correlation, processes data exclusively on EU servers, and produces only aggregate counts (no individual profiles). Because the processing is fully aggregate and cookieless, our lawful basis for it is Article 6(1)(f) GDPR (legitimate interest in measuring site performance) and no consent banner is required. You can read Plausible's data policy at plausible.io/data-policy.

3. Who else sees your data

Your calculation request is processed by the following data processors, each under a written data processing agreement that complies with Article 28 GDPR:

We do not share your data with insurance companies, banks, brokers, ad networks, or any party in their distribution chain. Affiliate revenue, where present, is from non-regulated, non-insurance products and never involves disclosing your data.

4. International transfers

Vercel and Railway are headquartered in the United States. Where data crosses to a US-based subprocessor, the transfer relies on the European Commission's Standard Contractual Clauses (Article 46(2)(c) GDPR), as published in the processors' Data Processing Agreements, supplemented by the technical measures described below (HTTPS in transit; PII-free logging on the engine API; no application-side persistence of the submitted data). EuroDNS data stays within the EEA.

5. How long we keep it

Your form data lives in your browser only and is cleared when you close the tab or clear your browser storage. Our calculation engine is stateless: it does not save your inputs. Server logs on the engine API contain only a SHA-256 hash of the request payload (never raw values such as your salary or date of birth) and are kept for approximately 30 days for operational diagnostics. Frontend access logs (Vercel) are kept for approximately 7 days. Email correspondence with us is kept for 12 months by default.

6. Your rights

Under the GDPR you have the right to:

To exercise any of these rights, write to hello@mypensionplan.lu with the subject line "GDPR request". We will respond within 30 days (Article 12(3) GDPR). In practice, because we do not retain identifiable personal data on our systems beyond the duration of a single calculation request, most requests will be answered with instructions for clearing your browser-side localStorage.

You also have the right to lodge a complaint with the Commission nationale pour la protection des données (CNPD), Luxembourg's data protection authority:

7. No automated decision-making with legal effects

The calculator produces an arithmetic estimate that is informational only. It does not make a decision about you that produces legal effects or similarly significantly affects you within the meaning of Article 22 GDPR. Your actual pension entitlement is determined by CNAP at the point of claim, based on your real contribution record.

8. Changes to this notice

We will update this notice when our processing practices change. The "last updated" date at the top of the page tells you when. Material changes will be flagged in the site banner before they take effect.

For the broader regulatory posture (no insurance distribution, no payment services, no investment advice), see the Legal notice and Terms of use.