Privacy Policy
Last updated: January 2026
The Short Version
We collect the minimum data needed to make Plantegia work. We don't sell it, share it, or creep on it. Your grow plans are yours. We use Google Analytics to understand how people use the app (not what they plan) and Firebase to make the app function. That's it.
If you need the detailed version for GDPR or peace of mind, keep reading.
1. Who We Are
Plantegia is operated from Estonia. We're a small team building planning software for indoor gardeners. We're not a data company. We don't make money from your information. We make money from selling software.
Contact: builder@plantegia.com
2. What We Collect
Data You Give Us
| Data | Why | Stored Where |
|---|---|---|
| Email address | Account creation, purchase receipts, rare updates | Firebase |
| Password | So only you can access your account (hashed, we can't read it) | Firebase |
| Payment info | Processing your purchase | Stripe (we never see your card number) |
Data You Create
| Data | Why | Stored Where |
|---|---|---|
| Your grow plans | That's the whole point of the app | Firebase |
| Plant names, dates, notes | Your planning data | Firebase |
| Tent/space configurations | Your setup | Firebase |
Important: We don't look at your plans. We don't analyze what you're growing. We don't care. It's not our business. Literally.
Data We Collect Automatically
| Data | Why | Tool |
|---|---|---|
| Pages visited | Understanding which features people use | Google Analytics |
| Time spent | Knowing if the app is confusing or smooth | Google Analytics |
| Device type, browser | Making sure the app works everywhere | Google Analytics |
| Country (approximate) | Knowing if we should translate to German | Google Analytics |
| Crash reports | Fixing bugs | Firebase Crashlytics |
What we DON'T collect:
- Your IP address (we anonymize it)
- Your precise location
- What plants you add
- Your schedule details
- Anything that would let us know what you're actually growing
3. How We Use Your Data
To make Plantegia work
- Your account data → so you can log in
- Your plans → so they're saved and synced
- Crash reports → so we can fix what broke
To make Plantegia better
- Analytics → which features are used, which are ignored
- Aggregate patterns → "most users have 2-3 spaces" (not "user X has 2 tents")
To communicate with you (rarely)
- Purchase confirmations
- Critical security updates
- Major feature announcements (you can opt out)
We will never:
- Send you marketing spam
- Sell your email to third parties
- Email you "we miss you" nonsense
4. Third-Party Services
We use two Google services. Here's exactly what they do:
Google Analytics
What it does: Tracks anonymous usage patterns across all users.
What it sees: Pages viewed, session duration, device type, country.
What it doesn't see: Your account info, your plans, anything personal.
Why we use it: To know if people actually use the features we build.
Opt out: You can block Google Analytics with browser extensions like uBlock Origin or Privacy Badger. We won't be offended.
Google's privacy policy: https://policies.google.com/privacy
Firebase (by Google)
What it does: Stores your account and plan data. Handles authentication. Reports crashes.
What it sees: Your email, your plans (encrypted in transit and at rest).
Why we use it: It's reliable, secure, and lets us focus on building features instead of maintaining servers.
Data location: Firebase servers in the EU (we configured it that way on purpose).
Firebase privacy info: https://firebase.google.com/support/privacy
Stripe (Payments)
What it does: Processes your payment.
What it sees: Your card number, billing address.
What we see: Confirmation that you paid, last 4 digits of card, your email.
Why we use it: Industry standard, secure, we never touch your card data.
Stripe's privacy policy: https://stripe.com/privacy
5. Cookies
We use cookies, but not the creepy kind.
| Cookie | Purpose | Type |
|---|---|---|
| Session | Keeping you logged in | Essential |
| Analytics | Google Analytics tracking | Optional |
| Preferences | Remembering your settings | Functional |
No advertising cookies. We don't run ads. We don't track you across the internet. We don't build profiles to sell you things.
You can disable non-essential cookies in your browser. The app will still work.
6. Data Retention
| Data | How Long |
|---|---|
| Account data | Until you delete your account |
| Your plans | Until you delete them or your account |
| Analytics | 14 months (Google's default, anonymized) |
| Crash logs | 90 days |
| Payment records | 7 years (legal requirement for accounting) |
When you delete your account:
- Your plans are deleted immediately
- Your email is deleted from our active systems
- Backups are purged within 30 days
- Payment records stay for legal compliance but aren't linked to your usage
7. Your Rights
Depending on where you live, you have rights over your data. Here's what you can do regardless of location:
Access
Want to see what we have? Email us. We'll send you everything within 30 days.
Correction
Something wrong? Tell us. We'll fix it.
Deletion
Want out? Delete your account in the app, or email us and we'll do it manually. No guilt trips, no "are you sure?" dialogs repeated 47 times.
Export
Want to take your data elsewhere? We'll provide it in a standard format (JSON/CSV).
Opt out of analytics
Use a browser extension, or email us and we'll exclude your account from tracking.
For EU residents (GDPR): You have the right to lodge a complaint with your local data protection authority if you think we're handling your data wrong. We don't think you'll need to, but the option exists.
For California residents (CCPA): We don't sell personal information. We don't share it for advertising. You have the right to know, delete, and opt-out. Consider it done.
8. Security
We take reasonable measures to protect your data:
- All data transmitted over HTTPS
- Passwords hashed (bcrypt)
- Firebase security rules restrict access to your own data
- We don't store payment card numbers (Stripe does)
- Team access is limited and logged
We're not a bank or a hospital. We're a planning app. Our security is appropriate for what we do — solid but not paranoid.
If we ever have a breach, we'll tell you within 72 hours. We'll explain what happened and what we're doing about it. No corporate-speak, no burying it in a blog post.
9. Children
Plantegia is not for children under 16. We don't knowingly collect data from minors. If you're a parent and think your kid signed up, email us and we'll delete the account.
10. International Transfers
Your data is stored on Firebase servers in the EU. If you're outside the EU, your data crosses borders to reach our servers. By using Plantegia, you consent to this transfer.
We've configured things to keep data in the EU because GDPR is the strictest standard and meeting it means we're probably meeting your local requirements too.
11. Changes
We might update this policy. When we do:
- We'll change the "last updated" date
- We'll summarize what changed
- For significant changes, we'll email you
We won't suddenly start selling your data and bury it in paragraph 47. That would be against everything we stand for.
12. Contact
Questions about your data? Want to exercise your rights? Just curious?
Email: builder@plantegia.com
We respond to humans like humans. Usually within a few days, faster if it's urgent.
The Philosophy
We built Plantegia because we believe in tools that respect their users. The surveillance economy is bullshit. Your data should work for you, not for advertisers.
We collect what we need. We protect what we collect. We delete what we don't need anymore.
That's it. No dark patterns. No hidden agendas. Just software that does what it says.
By using Plantegia, you acknowledge that you have read and understood this Privacy Policy.