Last Updated: June 2, 2026
Introduction
Welcome to PlanttyTime ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services.
By using PlanttyTime, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our application.
1. Information We Collect
1.1 Personal Information
We collect the following personal information when you use our app:
- Email Address: Used for passwordless authentication via one-time passcode (OTP) and account management.
- Name (Optional): First and last name can be provided to personalize your experience, but this is entirely optional.
- Language Preference: Your selected language (English, German, Hungarian, Spanish, Italian, or Russian) to customize the app interface.
1.2 Plant-Related Data
To provide our plant care services, we collect and store:
- Plant Information: Species name, common name, custom names you assign, planting dates, locations, and notes.
- Plant Images: Photos you upload for plant identification and health analysis.
- Care Schedules: Watering, fertilizing, and other care activities you track.
- Health Analysis History: AI-generated health assessments and recommendations for your plants.
- Wishlist: Plants you save to your wishlist for future reference.
- Recommendation History: Plant recommendations you've viewed or saved.
1.3 Device Information
We collect device-specific information to provide push notifications and improve app functionality:
- Device Tokens: Firebase Cloud Messaging (FCM) tokens for sending push notifications.
- Device Information: Device model, operating system version, and platform (iOS or Android).
- Time Zone: Your device's time zone to schedule care reminders appropriately.
1.4 Usage Data
- Leaf Token Balance: Your current balance of leaf tokens (our in-app currency), ads watched, and tokens consumed.
- App Activity: Features you use, care activities logged, and general interaction with the app.
1.5 Automatically Collected Information
- Log Data: IP addresses (anonymized by our proxy), request timestamps, and API endpoints accessed for debugging and security purposes.
- Error Reports: Crash logs and error messages to improve app stability.
2. How We Use Your Information
We use the collected information for the following purposes:
2.1 Core Services
- Authentication: Email-based OTP login to secure your account without passwords.
- Plant Care Management: Store and manage your plant collection, care schedules, and history.
- AI Analysis: Process plant images through advanced AI technology to provide health assessments and care recommendations.
- Push Notifications: Send care reminders, health alerts, and app updates to your registered devices.
- Personalization: Customize the app experience based on your language preference and usage patterns.
2.2 Service Improvement
- Analyze usage patterns to improve app features and performance.
- Debug technical issues and ensure app stability.
- Monitor for fraudulent activity and security threats.
2.3 Communication
- Send transactional emails (OTP codes, account notifications).
- Respond to support requests and inquiries.
3. Third-Party Services
We use the following third-party services to operate our app. Each service has its own privacy policy:
3.1 AI Services
We use third-party AI services to analyze plant images and provide health assessments. When you request an analysis, your plant photos and related data are processed by our AI partners. We carefully select providers that maintain high privacy and security standards.
3.2 Firebase Cloud Messaging (FCM)
We use Firebase Cloud Messaging by Google to deliver push notifications to your device. FCM processes device tokens and notification payloads. Learn more in Google's Firebase Privacy Policy.
3.3 Wikimedia Commons
Plant images and information are sourced from Wikimedia Commons to enhance our plant database. We do not share your personal data with Wikimedia. Their Privacy Policy applies to content we retrieve.
3.4 Resend (Email Service)
We use Resend to deliver transactional emails (OTP codes for authentication). Your email address is processed by Resend solely for email delivery. See Resend's Privacy Policy.
3.5 Cloudflare
Our infrastructure uses Cloudflare for security, performance, and hosting. Cloudflare may process your IP address and other request metadata. Review Cloudflare's Privacy Policy.
3.6 Google AdMob
We use Google AdMob to display advertisements in exchange for leaf tokens (in-app rewards). AdMob may collect device identifiers and usage data for ad targeting. You can review Google's Advertising Privacy Policy and opt out of personalized ads in your device settings.
Note: We do not sell or rent your personal information to any third parties. Data shared with service providers is strictly for operational purposes.
4. Data Storage and Security
4.1 Where We Store Data
- Database: PostgreSQL hosted on our secure VPS server.
- Image Storage: Plant images are stored on our server's local filesystem with restricted access.
- Cache: Redis cache for improved performance, storing temporary session data.
- Location: All data is stored on servers within the European Union (Germany/Netherlands region).
4.2 Security Measures
We implement industry-standard security measures to protect your data:
- Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL.
- Authentication: Secure JWT (JSON Web Token) authentication with refresh tokens.
- Access Control: Strict access controls ensure only authorized systems can access user data.
- Regular Updates: We keep our systems updated with the latest security patches.
- Monitoring: Automated monitoring for suspicious activity and security threats.
4.3 Data Retention
- Account Data: Retained for the lifetime of your account or until you request deletion.
- OTP Codes: Expire after 15 minutes and are marked as used after authentication.
- Plant Images: Retained until you delete them from your plant collection.
- Log Data: Retained for up to 90 days for debugging purposes, then automatically deleted.
- Inactive Accounts: Accounts with no activity for 3 years may be anonymized or deleted.
5. Your Rights and Choices
You have the following rights regarding your personal information:
5.1 Access and Portability
- View and export your plant data, care history, and account information from within the app.
- Request a complete copy of your data by contacting us at [email protected].
5.2 Correction and Deletion
- Update your profile information (name, language) directly in the app settings.
- Delete individual plants, images, or care activities from your collection.
- Request complete account deletion by contacting [email protected]. We will permanently delete your data within 30 days.
5.3 Notification Control
- Manage push notification preferences in the app settings.
- Disable specific notification types (care reminders, health alerts) or turn off all notifications.
- Unregister device tokens to stop receiving notifications on specific devices.
5.4 Advertising Preferences
- Opt out of personalized ads through your device settings (iOS: Settings > Privacy > Advertising, Android: Settings > Google > Ads).
- Note: Disabling personalized ads will not reduce the number of ads shown but may make them less relevant.
5.5 Withdraw Consent
- You may stop using the app at any time.
- Contact us to request data deletion if you no longer wish to use our services.
6. Children's Privacy
PlanttyTime is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected], and we will promptly delete such information.
7. International Data Transfers
If you are accessing PlanttyTime from outside the European Union, please note that your data will be transferred to and processed on servers located in the EU. We ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by:
- Posting the updated policy in the app with a new "Last Updated" date.
- Sending a push notification or email (for material changes).
Your continued use of PlanttyTime after changes are posted constitutes your acceptance of the updated policy.
9. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request disclosure of the categories and specific pieces of personal information we collect.
- Right to Delete: Request deletion of your personal information (subject to certain exceptions).
- Right to Opt-Out: We do not sell personal information, so no opt-out is necessary.
- Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise these rights, contact us at [email protected].
10. GDPR Rights (European Users)
If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):
- Right of Access: Obtain confirmation of whether we process your data and access to such data.
- Right to Rectification: Correct inaccurate or incomplete personal data.
- Right to Erasure: Request deletion of your personal data ("right to be forgotten").
- Right to Restrict Processing: Limit how we use your data in certain circumstances.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: Withdraw consent for data processing at any time.
- Right to Lodge a Complaint: File a complaint with your local data protection authority.
To exercise these rights, contact us at [email protected].
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Email: [email protected]
- Website: https://plantytime.app
We will respond to your inquiry within 30 days.
Thank you for trusting PlanttyTime with your plant care journey! We are committed to protecting your privacy and providing a safe, transparent experience.