Privacy Policy

Last updated: May 18, 2026

What we collect

• Account data: email address, created via Supabase Auth (OAuth or email/password).
• Plant data: plant names, species, notes, care events, and tags you enter.
• Photos: images you upload for plant identification or health checks, stored privately in Supabase Storage scoped to your account.
• Usage analytics: anonymised page views and performance metrics via Vercel Analytics. No personally identifiable data is sent.
• Waitlist and newsletter: email address submitted to the Pro waitlist or Plant Letter newsletter, stored with insert-only RLS policy.

How we use it

• To provide and improve the PlantWatch service.
• Photos submitted for identification are sent to PlantNet (species identification) and Anthropic's Claude API (health diagnosis). Both providers process these transiently and do not retain them for training.
• Care plan requests are sent to the Anthropic Claude API to generate personalised recommendations.
• We do not sell, rent, or share your data with third parties for marketing purposes.

Data storage and security

All plant data and photos are stored in Supabase (hosted on AWS) with row-level security enforcing per-user access. Your data is not visible to other users or to us in the normal course of operations.

Data retention and deletion

You can delete your account at any time from Settings. Plant data, photos, and timeline events are deleted from the database immediately. Supabase backup copies roll off within 30 days.

Cookies

We use one first-party session cookie set by Supabase Auth for authentication. We do not use third-party tracking or advertising cookies.

Your rights

You may request a copy of your data, correction of inaccurate data, or deletion of your account by emailing hello@useplantwatch.com.

Changes

We will update this policy when practices change and post the new effective date above. Continued use after an update constitutes acceptance.

Contact

Questions? Email hello@useplantwatch.com.