Privacy Policy

1. Information We Collect

We collect information that you provide directly to us and information that is automatically collected when you use our service.

Account Information

When you create an account, we collect your name, email address, and password. If you sign up using a social login provider (such as Google), we receive your public profile information including your name and email address.

Garden Data

We store information about your gardens including garden names, dimensions, geographic locations, climate zones, soil types, sun exposure, and plant inventories. This data is essential for providing personalized recommendations and garden planning features.

Photos and Images

When you upload photos to document your garden, we may extract EXIF metadata including GPS coordinates, date and time of capture, and camera information. This data enhances your garden documentation by automatically associating photos with locations and timestamps. You can disable location extraction in your account settings.

Usage Information

We automatically collect information about how you interact with Plantory, including features accessed, pages viewed, AI chat conversations, garden planning activities, and time spent on various sections of the application.

Device Information

We collect information about the device you use to access Plantory, including browser type, operating system, device type, and IP address.

2. AI and Data Processing

Plantory uses artificial intelligence to provide personalized garden recommendations and assistance.

How We Use AI

Your garden data, including plant information, garden dimensions, climate data, and chat conversations, is processed by Google AI services to generate personalized recommendations, task suggestions, planting advice, and garden visualizations.

Third-Party Plant Data

We integrate with Trefle and Perenual APIs to enrich plant information. When you search for plants or add them to your garden, your plant queries may be shared with these services to retrieve detailed botanical information, growing conditions, and care instructions.

AI Data Retention

AI conversation history is retained for 90 days to improve recommendation accuracy and provide context for ongoing garden planning. You can request deletion of your AI conversation history at any time through your account settings or by contacting us.

3. How We Share Your Data

We are committed to protecting your privacy and only share your data as described below.

We Never

• Sell your personal data to third parties
• Share your garden photos publicly without your explicit consent
• Use your data for targeted advertising
• Share your data with data brokers

Service Providers

We share data with trusted service providers who assist us in operating our platform:

• Google Cloud - AI processing and recommendations
• Amazon Web Services (AWS) - Cloud infrastructure and data storage
• Stripe - Payment processing for subscriptions
• Resend - Transactional email delivery
• Vercel - Application hosting and deployment

Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, privacy, safety, or property.

4. Cookies and Tracking

We use cookies and similar technologies to enhance your experience.

Essential Cookies

Required for authentication, session management, and security. These cookies are necessary for the platform to function properly.

Functional Cookies

Store your preferences such as language selection, theme (light/dark mode), and display settings.

Analytics

We use analytics to understand how users interact with Plantory, identify issues, and improve our service. Analytics data is aggregated and anonymized where possible.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS/SSL
• Data at rest is encrypted using AES-256 encryption
• We store data in EU-based data centers
• Regular security audits and vulnerability assessments
• Access to personal data is restricted to authorized personnel only
• Two-factor authentication available for account protection

6. Your Rights

Under GDPR and other applicable privacy laws, you have the following rights:

• Access - Request a copy of your personal data
• Rectification - Request correction of inaccurate data
• Erasure - Request deletion of your personal data
• Portability - Export your data in a machine-readable format
• Restriction - Request limitation of data processing
• Objection - Object to certain types of data processing
• Withdraw Consent - Withdraw your consent at any time

To exercise any of these rights, please contact us at support@plantory.ai or use the data export and deletion features in your account settings.

7. Children's Privacy

Plantory is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly.

8. International Data Transfers

Your data may be transferred to and processed in countries outside of your residence. When we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

9. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of significant changes via email or through a prominent notice on our platform at least 30 days before the changes take effect.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

support@plantory.ai