PlantCareAI 🪴 🌱 🌵

1. Introduction

EDH Dev ("we", "our", or "us") operates the PlantCareAI website and service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Information You Provide

• Email Address: Required for account creation and magic link authentication
• Plant Information: Plant names, descriptions, photos, and care schedules you add
• Location Data: Optional city or ZIP code for weather-aware plant care tips
• Questions and Interactions: Questions you ask the AI assistant and related information

Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on the Service
• Device Information: Browser type, operating system, IP address
• Analytics: We use Cloudflare Web Analytics (privacy-preserving, no cookies)

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Authenticate your account via magic links
• Generate personalized plant care recommendations
• Provide weather-aware suggestions based on your location
• Improve and optimize the Service
• Send you important Service updates (via email)
• Protect against abuse and unauthorized access

4. Data Storage and Security

Your data is stored securely using Supabase (a PostgreSQL database provider) with the following protections:

• Encryption: All data is encrypted at rest and in transit (HTTPS/TLS)
• Row-Level Security: Database access is restricted to your own data
• Rate Limiting: Protection against brute force and abuse attempts
• Regular Backups: Your data is backed up regularly

5. Third-Party Services

We use the following third-party services:

• Supabase: Database, authentication, and file storage (Privacy Policy)
• OpenAI: AI-powered plant care recommendations (Privacy Policy)
• OpenWeatherMap: Weather data for care suggestions (Privacy Policy)
• Cloudflare: Web analytics (no cookies, privacy-preserving) (Privacy Policy)

Important: When you ask the AI assistant a question, your question and plant information may be sent to OpenAI's API. OpenAI does not use API data to train their models. See their Privacy Policy for details.

6. Data Sharing

We do not sell your personal information to third parties. We may share your information only in the following circumstances:

• With Your Consent: When you explicitly agree to share information
• Service Providers: With trusted third-party services (listed above) necessary to operate the Service
• Legal Requirements: If required by law, regulation, or legal process
• Safety and Security: To protect the rights, property, or safety of EDH Dev, users, or others

7. Your Privacy Rights

You have the right to:

• Access Your Data: Request a copy of the personal information we hold about you
• Correct Your Data: Update or correct inaccurate information
• Delete Your Data: Request deletion of your account and associated data
• Export Your Data: Request a copy of your plant data in a portable format (coming soon)
• Opt-Out: Opt out of non-essential emails (essential Service emails may still be sent)

To exercise these rights, please contact us at [email protected].

8. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are legally required to retain certain data.

9. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

10. International Users

The Service is hosted in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States.

11. Cookies and Tracking

We use minimal cookies for essential functionality:

• Session Cookie: To keep you logged in (required for authentication)
• Analytics: Cloudflare Web Analytics (no cookies, privacy-preserving)

We do not use third-party advertising cookies or tracking pixels.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, if appropriate, sending you an email notification.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at [email protected].