Privacy Policy

This Privacy Policy explains how GardenPlan (“we”, “our”, or “us”) collects, uses, shares, and protects your information when you use the GardenPlan mobile application on iOS and Android, the website at gardenplan.cc, and any related services (together, the “Service”). It applies whether you use GardenPlan as a free user, during a free trial, or as a paid subscriber.

We built GardenPlan to be useful and respectful of your data. Most of what you create — your gardens, plant entries, photos, and notes — stays on your device. We do not sell personal information, we do not share your data with advertisers, and we do not use your content to train AI models.

1. Who we are (Data Controller)

The data controller responsible for your personal information is GardenPlan. You can reach us at any time at support@gardenplan.cc for privacy questions, data requests, or to exercise the rights described below.

2. Information we collect

2.1 Information you provide

• Garden content. Garden layouts, dimensions, plant entries, planting dates, watering and fertilizing logs, harvest notes, and free-form notes you create.
• Photos for plant identification. Photos you take or upload to identify a plant or diagnose a plant-health issue. These photos are sent to our backend for AI processing — see Section 4.
• Onboarding answers. Your gardening experience, space, sun exposure, time commitment, household composition (e.g. presence of pets or children for plant-safety filtering), and plant interests. Used solely to personalize plant recommendations.
• City or approximate location. Either entered manually or detected once with your permission, used only for local weather forecasts.
• Optional contact. Your email address if you contact support, request data deletion, or subscribe.

2.2 Information collected automatically

• Crash & error reports. When the app crashes or hits an unexpected error, we collect a stack trace, the app version, OS version, device model class (e.g. “iPhone 15”), language, free memory and disk space, and a short list of recent in-app navigation events (called “breadcrumbs”) so we can reproduce the bug. These reports are sent to Sentry (see Section 5), are not linked to your name, email, or any persistent user identifier, and are used solely to fix bugs and improve stability.
• Usage events. Aggregated, non-identifying counts of which screens and features are used. Used to improve the product.
• Subscription state. Whether you have an active subscription or trial, retrieved from RevenueCat using an anonymous identifier — see Section 5.
• Cookies (website only). Our marketing website at gardenplan.cc uses essential cookies only — no advertising or cross-site tracking cookies are set.

2.3 Information we do NOT collect

• We do not collect your name, address, or government ID.
• We do not collect your phone number unless you email it to us.
• We do not collect your contacts, calendars, or browser history.
• We do not access your microphone or health data.
• We do not use the iOS Identifier for Advertisers (IDFA) and we do not request App Tracking Transparency (ATT) permission, because we do not track you across other apps or websites.

3. Permissions the app requests

GardenPlan only requests permissions when a feature you use needs them. You can revoke any permission at any time in your device settings; the app will continue to work with that feature disabled.

• Camera. Used only when you tap the scan button to photograph a plant. We never record video, never run the camera in the background, and never read previously taken photos through this permission.
• Photo Library. Used only when you choose to pick an existing photo to identify a plant. We only read the image you select; we do not enumerate your library.
• Location (While Using the App). Used only when you tap “Use my location” during onboarding or while editing a garden, to look up the nearest city for weather. Coarse city-level accuracy is sufficient; we never collect precise GPS history.
• Notifications. Used to deliver care reminders (watering, fertilizing, harvest, growth-stage updates) you have enabled. All reminders are scheduled locally on your device — we do not run a push-notification server.

4. How AI plant identification works

When you use GardenPlan’s plant identification or diagnosis feature, the photo you submit is sent over an encrypted (HTTPS) connection to our backend, processed by an AI model operated by OpenAI on our behalf, and the result (plant name, health diagnosis, advice) is returned to your device. Specifically:

• Your photo is processed transiently to generate the result.
• We do not permit OpenAI or any other provider to use your photos to train their models. OpenAI’s API is configured with zero-data-retention defaults for non-abuse traffic, and inputs are not used to train OpenAI models.
• The result of the scan is stored locally on your device in your scan history. You can delete a scan at any time from the app.
• Your photos are not linked to your name, email, contacts, or any other identifying information.

5. Service providers (subprocessors)

We rely on a small number of trusted providers. Each receives only the minimum data necessary to do its job, is contractually bound to protect that data, and is listed below with a link to its own privacy policy:

• Apple — App distribution, in-app purchases, push delivery infrastructure. Apple Privacy Policy
• Google — Android app distribution and in-app purchases via Google Play. Google Privacy Policy
• RevenueCat — Subscription state management. We send an anonymous app-user ID (not your name or email) so RevenueCat can tell us whether your subscription is active. RevenueCat Privacy Policy
• Supabase — Hosts our public plant catalog, plant images, and the Edge Function that proxies scan requests to OpenAI. Supabase Privacy Policy
• OpenAI — Performs AI plant identification and diagnosis on photos you submit. Inputs are not used to train OpenAI models. OpenAI Privacy Policy
• Sentry — Receives crash reports and unhandled errors so we can fix bugs. We have configured Sentry to not collect IP addresses, persistent user identifiers, screen recordings, or session replays. Crash reports contain only the stack trace, app version, OS version, device model class, language, and recent in-app navigation breadcrumbs, and are not linked to your identity. Sentry Privacy Policy
• Open-Meteo — Provides weather forecasts. We send coarse coordinates (city-level) only; no personal data. Open-Meteo Terms

We do not share your personal information with any other third party for their own marketing or advertising purposes.

6. How we use information — purposes & legal bases (GDPR)

For users in the European Economic Area, the United Kingdom, and Switzerland, the legal basis for each processing activity is:

• Provide the Service (storing gardens, scheduling reminders, identifying plants) — performance of a contract.
• Personalize plant recommendations — your consent, given when you complete onboarding. You may withdraw this at any time by resetting onboarding in Settings.
• Process subscriptions — performance of a contract.
• Improve the app via crash reports & aggregated analytics— our legitimate interest in operating a stable product. Data is anonymous and cannot be used to identify you.
• Comply with legal obligations — legal obligation.

7. Data retention

• Local content (gardens, plants, photos, notes). Kept on your device until you delete it or uninstall the app.
• Plant scan photos sent to AI. Processed transiently. Not stored in our backend after the response is returned.
• Crash logs and anonymous diagnostics. Retained for up to 90 days, then deleted.
• Support emails. Retained for up to 24 months from last reply, then deleted.
• Subscription records (with RevenueCat). Retained for the life of your subscription plus the period required by Apple and Google for tax and accounting (typically 7 years).

8. International transfers

Our service providers are based primarily in the United States and the European Union. When personal data is transferred outside the EEA, UK, or Switzerland, we rely on the European Commission’s Standard Contractual Clauses or equivalent safeguards to protect your information, and we engage only providers that contractually commit to GDPR-equivalent protection.

9. Your rights — EEA, UK, and Switzerland (GDPR)

You have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data.
• Erase your data (“right to be forgotten”).
• Restrict or object to processing.
• Data portability — receive your data in a structured, machine-readable format.
• Withdraw consent at any time, without affecting the lawfulness of prior processing.
• Lodge a complaint with your local supervisory authority (a list is available at edpb.europa.eu).

To exercise any of these rights, email support@gardenplan.cc. We will respond within 30 days.

10. Your rights — California (CCPA / CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, disclose, and (do not) sell.
• Delete personal information we hold about you.
• Correct inaccurate personal information.
• Opt-out of sale or sharing. We do not sell your personal information and we do not “share” it for cross-context behavioral advertising as defined by the CPRA.
• Non-discrimination. We will not discriminate against you for exercising any of these rights.

To exercise these rights, email support@gardenplan.cc with the subject line “California Privacy Request.”

11. Children’s privacy (COPPA)

GardenPlan is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at support@gardenplan.cc and we will delete it within 30 days.

12. How to delete your data

You have two ways to delete your data:

• Local content. Delete the app from your device, or use the “Reset onboarding” / “Delete garden” options in Settings.
• Backend & subscription records. Email support@gardenplan.cc from the address associated with your purchase (or include your RevenueCat anonymous ID, available in Settings → About). We will delete account-linked data within 30 days, except records we are legally required to retain.

13. Security

We use industry-standard transport security (HTTPS / TLS 1.2+) for all network traffic. Backend systems use least-privilege access controls, secrets are never embedded in the app bundle, and our OpenAI proxy is implemented as a server-side Edge Function so API keys never reach client devices. No system is perfectly secure, but we work hard to keep your information safe and will notify users without undue delay in the event of a personal-data breach as required by law.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify you in the app and update the “Last updated” date at the top of this page. Continued use of the Service after the change takes effect means you accept the updated policy.

15. Contact us

Privacy questions, data requests, or complaints? Email support@gardenplan.cc. We aim to reply within five business days.