Privacy Policy

This Privacy Policy explains how GardenPlan (“we”, “our”, or “us”) collects, uses, shares, and protects your information when you use the GardenPlan mobile application on iOS and Android, the website at gardenplan.cc, and any related services (together, the “Service”). It applies whether you use GardenPlan as a free user, during a free trial, or as a paid subscriber.

We built GardenPlan to be useful and respectful of your data. Most of what you create — your gardens, plant entries, photos, and notes — stays on your device. We do not sell personal information, we do not share your data with advertisers, and we do not use your content to train AI models.

1. Who we are (Data Controller)

The data controller responsible for your personal information is GardenPlan. You can reach us at any time at support@gardenplan.cc for privacy questions, data requests, or to exercise the rights described below.

2. Information we collect

2.1 Information you provide

• Garden content. Garden layouts, dimensions, plant entries, planting dates, watering and fertilizing logs, harvest notes, and free-form notes you create.
• Photos for plant identification. Photos you take or upload to identify a plant or diagnose a plant-health issue. These photos are sent to our backend for AI processing — see Section 4.
• Onboarding answers. Your gardening experience, space, sun exposure, time commitment, household composition (e.g. presence of pets or children for plant-safety filtering), and plant interests. Used solely to personalize plant recommendations.
• City or approximate location. Either entered manually or detected once with your permission, used only for local weather forecasts.
• Optional contact. Your email address if you contact support, request data deletion, or subscribe.

2.2 Information collected automatically

• Crash & error reports. When the app crashes or hits an unexpected error, we collect a stack trace, the app version, OS version, device model class (e.g. “iPhone 15”), language, free memory and disk space, and a short list of recent in-app navigation events (called “breadcrumbs”) so we can reproduce the bug. These reports are sent to Sentry (see Section 5), are not linked to your name, email, or any persistent user identifier, and are used solely to fix bugs and improve stability.
• Usage events. Aggregated, non-identifying counts of which screens and features are used. Used to improve the product.
• Subscription state. Whether you have an active subscription or trial, retrieved from RevenueCat using an anonymous identifier — see Section 5.
• Website analytics (gardenplan.cc). If — and only if — you accept the cookie banner on our marketing website, we use Firebase Analytics (a Google service, also known as Google Analytics 4) to understand which pages are read and how visitors move around the site. The data we collect is aggregated: page paths viewed, language, device class, country (city-level at most), and Core Web Vitals (load speed, responsiveness). The Firebase Analytics cookies (typically _ga and _ga_*) are first-party and do not contain your name, email, or any identifier we control. They expire after 13 months. No data is collected if you decline the banner. No advertising or cross-site tracking cookies are used on the website.

2.3 Information we do NOT collect

• We do not collect your name, address, or government ID.
• We do not collect your phone number unless you email it to us.
• We do not collect your contacts, calendars, or browser history.
• We do not access your microphone or health data.
• We do not use the iOS Identifier for Advertisers (IDFA) and we do not request App Tracking Transparency (ATT) permission, because we do not track you across other apps or websites.

3. Permissions the app requests

GardenPlan only requests permissions when a feature you use needs them. You can revoke any permission at any time in your device settings; the app will continue to work with that feature disabled.

• Camera. Used only when you tap the scan button to photograph a plant. We never record video, never run the camera in the background, and never read previously taken photos through this permission.
• Photo Library. Used only when you choose to pick an existing photo to identify a plant. We only read the image you select; we do not enumerate your library.
• Location (While Using the App). Used only when you tap “Use my location” during onboarding or while editing a garden, to look up the nearest city for weather. Coarse city-level accuracy is sufficient; we never collect precise GPS history.
• Notifications. Used to deliver care reminders (watering, fertilizing, harvest, growth-stage updates) you have enabled. All reminders are scheduled locally on your device — we do not run a push-notification server.

4. How AI plant identification works

When you use GardenPlan’s plant identification or diagnosis feature, the photo you submit is sent over an encrypted (HTTPS) connection to our backend, processed by an AI model operated by OpenAI on our behalf, and the result (plant name, health diagnosis, advice) is returned to your device. Specifically:

• Your photo is processed transiently to generate the result.
• We do not permit OpenAI or any other provider to use your photos to train their models. OpenAI’s API is configured with zero-data-retention defaults for non-abuse traffic, and inputs are not used to train OpenAI models.
• The result of the scan is stored locally on your device in your scan history. You can delete a scan at any time from the app.
• Your photos are not linked to your name, email, contacts, or any other identifying information.

5. Service providers (subprocessors)

We rely on a small number of trusted providers. Each receives only the minimum data necessary to do its job, is contractually bound to protect that data, and is listed below with a link to its own privacy policy:

• Apple — App distribution, in-app purchases, push delivery infrastructure. Apple Privacy Policy
• Google — Android app distribution and in-app purchases via Google Play. Google Privacy Policy
• RevenueCat — Subscription state management. We send an anonymous app-user ID (not your name or email) so RevenueCat can tell us whether your subscription is active. RevenueCat Privacy Policy
• Supabase — Hosts our public plant catalog, plant images, and the Edge Function that proxies scan requests to OpenAI. Supabase Privacy Policy
• OpenAI — Performs AI plant identification and diagnosis on photos you submit. Inputs are not used to train OpenAI models. OpenAI Privacy Policy
• Sentry — Receives crash reports and unhandled errors so we can fix bugs. We have configured Sentry to not collect IP addresses, persistent user identifiers, screen recordings, or session replays. Crash reports contain only the stack trace, app version, OS version, device model class, language, and recent in-app navigation breadcrumbs, and are not linked to your identity. Sentry Privacy Policy
• Open-Meteo — Provides weather forecasts. We send coarse coordinates (city-level) only; no personal data. Open-Meteo Terms
• Google (Firebase Analytics / Google Analytics 4) — Web-only. Used to count visits to gardenplan.cc and measure page performance. Runs only after you accept the cookie banner on the website; we operate Google Consent Mode v2 with default-deny so no measurement happens otherwise. Cookies are first-party (_ga, _ga_*), expire after 13 months, and contain no personal identifiers. Google Privacy Policy · Google Analytics opt-out browser add-on

We do not share your personal information with any other third party for their own marketing or advertising purposes.

6. How we use information — purposes & legal bases (GDPR)

For users in the European Economic Area, the United Kingdom, and Switzerland, the legal basis for each processing activity is:

• Provide the Service (storing gardens, scheduling reminders, identifying plants) — performance of a contract.
• Personalize plant recommendations — your consent, given when you complete onboarding. You may withdraw this at any time by resetting onboarding in Settings.
• Process subscriptions — performance of a contract.
• Improve the app via crash reports & aggregated analytics— our legitimate interest in operating a stable product. Data is anonymous and cannot be used to identify you.
• Comply with legal obligations — legal obligation.

7. Data retention

• Local content (gardens, plants, photos, notes). Kept on your device until you delete it or uninstall the app.
• Plant scan photos sent to AI. Processed transiently. Not stored in our backend after the response is returned.
• Crash logs and anonymous diagnostics. Retained for up to 90 days, then deleted.
• Support emails. Retained for up to 24 months from last reply, then deleted.
• Subscription records (with RevenueCat). Retained for the life of your subscription plus the period required by Apple and Google for tax and accounting (typically 7 years).

8. International transfers

Our service providers are based primarily in the United States and the European Union. When personal data is transferred outside the EEA, UK, or Switzerland, we rely on the European Commission’s Standard Contractual Clauses or equivalent safeguards to protect your information, and we engage only providers that contractually commit to GDPR-equivalent protection.

9. Your rights — EEA, UK, and Switzerland (GDPR)

You have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data.
• Erase your data (“right to be forgotten”).
• Restrict or object to processing.
• Data portability — receive your data in a structured, machine-readable format.
• Withdraw consent at any time, without affecting the lawfulness of prior processing.
• Lodge a complaint with your local supervisory authority (a list is available at edpb.europa.eu).

To exercise any of these rights, email support@gardenplan.cc. We will respond within 30 days.

10. Your rights — California (CCPA / CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, disclose, and (do not) sell.
• Delete personal information we hold about you.
• Correct inaccurate personal information.
• Opt-out of sale or sharing. We do not sell your personal information and we do not “share” it for cross-context behavioral advertising as defined by the CPRA.
• Non-discrimination. We will not discriminate against you for exercising any of these rights.

To exercise these rights, email support@gardenplan.cc with the subject line “California Privacy Request.”

11. Children’s privacy (COPPA)

GardenPlan is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at support@gardenplan.cc and we will delete it within 30 days.

12. How to delete your data and request account deletion

Because GardenPlan does not require you to create an account, almost all of your data lives on your device and is fully under your control. You have three ways to delete data:

• In-app — one tap. Open Settings → Privacy & Data → Delete all my data. This erases every garden, plant entry, photo, log, scan history item, and onboarding answer from your device, and signals our backend to delete any associated subscription identifier.
• Local content only. Delete the app from your device, or use the individual “Reset onboarding,” “Delete garden,” or “Delete scan” options in the corresponding settings.
• Backend & subscription records by email. Email support@gardenplan.cc with the subject line “Data deletion request” from the address associated with your purchase (or include your RevenueCat anonymous ID, available in Settings → About). We will delete account-linked data within 30 days and confirm by reply, except records we are legally required to retain (e.g. tax-mandated subscription receipts kept by Apple or Google).

You can also submit a deletion request via the public web form at gardenplan.cc/delete (which opens a pre-filled email to support).

13. Security

We use industry-standard transport security (HTTPS / TLS 1.2+) for all network traffic. Backend systems use least-privilege access controls, secrets are never embedded in the app bundle, and our OpenAI proxy is implemented as a server-side Edge Function so API keys never reach client devices. No system is perfectly secure, but we work hard to keep your information safe and will notify users without undue delay in the event of a personal-data breach as required by law.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify you in the app and update the “Last updated” date at the top of this page. Continued use of the Service after the change takes effect means you accept the updated policy.

15. Contact us

Privacy questions, data requests, or complaints? Email support@gardenplan.cc. We aim to reply within five business days.