Privacy Policy

Version: 1.1

Effective Date: January 2, 2026

Last Updated: May 27, 2026

1. Introduction

Welcome to Flora Sketch, operated by Flora Sketch LLC, a Washington State limited liability company ("we," "us," or "our"). We respect your privacy and are committed to protecting your personal data.

This privacy policy explains how we collect, use, and safeguard your information when you use our garden design application. This Privacy Policy supplements and should be read together with our Terms of Service, which govern your use of the Service.

Data Minimization Principle: We collect only the minimum data necessary to provide our service. We do NOT collect location data, browsing history, contacts, device identifiers for advertising, or any other information not directly related to garden design functionality.

1.1 Google Play Data Safety Disclosure

In compliance with Google Play's Data Safety requirements, we declare the following:

Data Types Collected:

- Email address - for account authentication

- Username/display name - auto-generated from email if not provided; used for account identification only

- Timezone preference - user-selected (or auto-detected from the app as a one-time default suggestion) for accurate timestamp display on garden edits; no location coordinates are collected

- User-generated content - garden designs, uploaded images

- App activity - subscription tier, used solely to enforce plan limits and unlock features

- IP address and User Agent - collected transiently during login attempts for security monitoring and brute-force attack prevention only. User Agent (browser type and OS) is collected alongside IP for the same security purpose. Both are stored separately from your account, not linked to your identity, not used for advertising or tracking, and deleted within 90 days. See Section 2.4 for full details.

Data Collected Only With Your Explicit Action:

- Photos (user-uploaded images) - Accessed only when you explicitly select a photo to upload as a custom plant image or garden background. This feature is available to Hobby and Pro subscribers only; Free-tier accounts do not have upload access. Tapping upload opens the OS photo picker where you browse and choose a single photo. On Android 13 and above, this uses the dedicated Android Photo Picker — a gallery-only UI with no camera access. On Android 12 and below, the system's legacy image chooser is used instead, which may present device camera apps as an option alongside your existing photos; if you choose to take a new photo, the resulting image enters the upload flow, but the app itself does not activate the camera directly. In all cases, the app only receives the individual photo you select — it cannot enumerate, scan, or access any other photos in your library. Photos are stored securely in your account and never used for advertising or AI training. This is declared as optional, user-initiated data collection in our Google Play Data Safety form.

Data Types NOT Collected:

- Location data - We do not collect precise or approximate location. EXIF metadata (including any GPS coordinates embedded in photos) is actively stripped from all uploaded images before they are stored — this is enforced in code, not just policy.

- Personal identifiers - Not collected. No device IDs, advertising IDs, or phone numbers

- Financial information - Payment processing handled by Google Play Billing. We never receive or store your payment card details.

- Contacts or calendar - We never access your contacts or calendar

- Web browsing history - We do not track your browsing

- Health and fitness data - Not collected

Data Usage and Sharing:

- All collected data is encrypted in transit (HTTPS/TLS)

- Data is encrypted at rest in secure databases

- You can request deletion of your data at any time

- We do not sell or share data with third parties for advertising or marketing

- We do not use data for purposes other than providing garden design services

Data Safety Consistency:

This privacy policy is consistent with our Google Play Data Safety declaration. The information disclosed here matches exactly what we report in the Play Store Data Safety section. Any updates to our data practices will be reflected in both locations simultaneously.

2. Information We Collect

2.1 Account Information:

- Email Address: Used for authentication, account recovery, and important notifications

- Username: Display name for your account (auto-generated from email if not provided, can be customized)

- Password: Securely encrypted using industry-standard bcrypt hashing (we never store plain-text passwords)

- Email Verification Status: Tracks whether you've confirmed your email address

- Account Metadata: Creation date, last login, and admin status (if applicable)

- Timezone Preference: User-selected timezone for accurate timestamp display on garden edits. Your device's timezone may be auto-detected to provide a default suggestion (Pacific Time if detection fails), but this is a one-time passive detection - NO location coordinates are collected or stored

2.2 Garden Design Data:

- Garden Metadata: Garden name, description, status (active/archived), and timestamps

- Design Specifications: Dimensions, shape (rectangular/custom), grid size, and display mode

- Plant Selections: Plant types, positions (X/Y coordinates), rotation, scale, and custom properties

- Hardscape Elements: Paths, patios, and other non-plant garden features you add

- Cost Estimates: Price calculations based on your plant and material selections

- Garden Task Calendar: Gardening tasks linked to your designs, including task titles and descriptions (system-generated tasks use standard care reminder text; user-created custom tasks may include personal notes you write), due dates, task type (maintenance, seasonal, protection, planting, or custom), priority level (low, medium, high), and completion status (pending, completed, snoozed, or dismissed). Completion timestamps are recorded when you mark tasks done. User-created custom task templates — including template names, descriptions, categories, estimated durations, and tool lists — are also stored.

- Task Engagement Preferences: To personalize future task recommendations, the app stores per-task-type behavioral data: your completion rate (what percentage of each task type you typically finish), whether you frequently snooze a given task type, and your preferred timing offset (whether you tend to act on tasks earlier or later than the suggested date). This data is linked to your account and used solely to improve task scheduling for you — it is never used for advertising or shared with third parties.

2.3 User-Uploaded Assets:

- Image Files: Custom plant images, garden photos, or design inspiration you upload

- Asset Metadata: File names, categories, tags, upload dates, and URLs

- Original Filenames: Preserved for your reference

2.4 Technical Information:

- Authentication Tokens: Stored in app-local storage (localStorage within the app's sandboxed WebView) to keep you logged in between app sessions

- Session Data: Managed by Supabase to maintain your active session

- App-Local Storage: We use localStorage for authentication tokens and sessionStorage for temporary plant description caching (cleared when the app is closed) — no tracking or analytics cookies

Security Audit Logging (For Account Protection):

To protect your account from unauthorized access and security threats, we log the following security-related information:

- Login Attempts: Email address, success/failure status, timestamp of each login attempt

- IP Address: Your internet IP address is temporarily collected during login attempts to detect brute-force attacks and unauthorized access patterns. Stored separately from your account data, used exclusively for fraud prevention, and retained only for the lockout duration (15 minutes) plus audit trail purposes (maximum 90 days).

- User Agent: Browser type and operating system information collected during login attempts for security monitoring

- Purpose: Prevent unauthorized account access, detect brute-force login attempts, and protect against security breaches

- Privacy: IP addresses and user agents are used ONLY for security monitoring, never for advertising, tracking, or user profiling. Not linked to your user identity or shared with third parties.

Error Reporting and Crash Diagnostics:

We use Sentry for anonymous crash reporting and error diagnostics. Sentry collects device model, OS version, app version, and error stack traces to help us identify and fix bugs. IP address collection is explicitly disabled in our Sentry configuration (sendDefaultPii: false). When you are logged in, an anonymous internal user ID (a random UUID — not your email, name, or any identifying information) is associated with error reports solely to help us identify if a bug affects one user or many. This ID cannot be used to identify you personally and is not shared with any other party. No email addresses, garden data, or uploaded images are ever sent to Sentry. Privacy Policy: sentry.io/privacy

App Version and Update Information:

- Current App Version: Stored to ensure compatibility with backend services

- Update History: NOT tracked - we don't monitor when you update the app

- Platform Version: Basic Android version checking for compatibility only

- Error Diagnostics: Collected anonymously via Sentry (device model, OS version, error details only — no personal data)

2.5 Mobile App Permissions and Data:

When you use the mobile app version, we request only essential permissions. Here's exactly what we access and why:

- Internet Access (REQUIRED): Essential for syncing your garden designs with our cloud database

- Network State (REQUIRED): Checks if you're online before syncing to prevent data loss

Photo Access (PRIVACY-PRESERVING APPROACH):

When you choose to upload custom plant images, garden backgrounds, or design inspiration photos, we use the system photo picker. The behavior varies by Android version:

**Android 13 and above:** Uses the dedicated Android Photo Picker — a gallery-only UI provided by the OS. No camera access is presented; you can only select from existing photos.

**Android 12 and below:** Uses the legacy system image chooser. This OS UI may present device camera apps alongside your existing photos as selectable options. If you choose to take a new photo via that OS option, the resulting image enters the upload flow. The app does not directly activate the camera, and no CAMERA permission is requested — this behavior is controlled entirely by the operating system's chooser UI.

In all cases:

- You select which specific photo to upload (one at a time)

- We only receive the individual photo you explicitly select

- No broad access to your photo library — we do not request READ_MEDIA_IMAGES permission

- Each upload requires your explicit action

- The app remains fully functional if you choose not to upload images

- No permission dialog is triggered by the app — the OS chooser provides access control

- EXIF metadata is stripped from every uploaded photo before it is stored, including any GPS coordinates that may be embedded in the image file

Permissions We DO NOT Request:

- Storage/Photo Library Access - Not requested. We use the system photo picker instead (no READ_MEDIA_IMAGES permission)

- Camera (CAMERA permission) - Not requested and not declared in our AndroidManifest.xml. We exclusively use CameraSource.Photos in all three upload components — the app never directly activates the device camera. On Android 13+, the dedicated Photo Picker is used and no camera option is presented. On Android 12 and below, the OS's legacy image chooser may offer device camera apps as an option; if you take a new photo via that system option, no CAMERA permission is granted to our app — the OS manages that interaction independently. Users can verify the absence of CAMERA permission in the published APK manifest.

- Location - Not requested. We never ask for or use location services

- Contacts - Not requested. We do not access your contact list

- Calendar - Not requested. We do not integrate with your calendar

- Microphone - Not requested. No audio recording capabilities

- Phone/SMS - Not requested. We do not make calls or send SMS messages

- Bluetooth - Not requested or used

- Device Admin - Not requested. We never request admin privileges

- Biometric Data - Not requested. We do not support fingerprint or face recognition login

Why This Is More Private:

Traditional apps request broad "Storage" or "Photos" permission to access ALL photos on your device. We deliberately chose NOT to do this. Instead, our app uses the system photo picker, which gives you complete control over which photos, if any, we can access. This is the same privacy-preserving approach recommended by Google Play for apps that only need occasional photo uploads.

Device Information:

- Device Identifiers: We do NOT collect device IDs, IDFA, Android Advertising ID, or any advertising identifiers

- Push Notifications: Not implemented — we do not request notification permission, collect notification tokens, or send push notifications

- App Store Account: We do not access your Google account or payment information from Google Play

- Device Model/OS: Basic device info may be logged for crash reporting only (not used for tracking)

- Clipboard Access: We do NOT access your device clipboard

- Screenshots: We cannot access screenshots or screen recordings you take of the app

2.6 Subscription and Payment Information:

Flora Sketch offers different subscription tiers (Free, Hobby, Pro) with varying feature limits. If you subscribe to a paid plan, we may collect:

- Subscription Tier: Your current plan level (free, hobby, pro) stored in our database

- Garden Limits: Maximum number of gardens, plants per garden, and other tier-specific limits

- Storage Quota: Storage space allocation for uploaded assets (varies by tier)

- Feature Access: Tier-specific features you have access to

Payment Processing:

- We DO NOT directly collect, store, or process credit card information

- All payment processing is handled by Google Play Billing. We do not use any additional payment processors.

- Google Play Billing is PCI-DSS compliant and follows industry security standards

- We only receive confirmation of successful/failed payments, subscription status, and subscription expiration dates

- Payment failure & access: If a renewal payment fails, Google Play applies a grace period (up to 30 days for monthly/annual plans) during which you retain access while Google retries your payment. If payment is not recovered, Google places the subscription into account hold and access to paid features is suspended. Your data is never deleted during this process. Access is restored automatically once payment succeeds. See the Payment Failure, Grace Period & Account Hold section of our Terms of Service for full details.

- Your billing details remain with Google Play Billing and are not visible to us

- Refund requests are processed according to Google Play's refund policy

2.7 Third-Party Service Data Collection:

We use the following third-party services that may collect or process data on our behalf:

- Supabase (Database, Authentication & Storage): Stores all user account data, garden designs, and uploaded assets. Acts as our data processor. Location: United States. Privacy Policy: supabase.com/privacy

- Sentry (Crash Reporting): Anonymous error and performance monitoring. Collects device model, OS version, app version, and error stack traces. No personally identifiable information (name, email, or garden data) is sent. Privacy Policy: sentry.io/privacy

- Google Play Billing (Payment Processing): Handles all in-app subscription purchases on Android. We do not receive your payment card details — only confirmation of subscription status and expiration. Privacy Policy: policies.google.com/privacy

- Cloudflare (CDN & Security): Provides content delivery, DDoS protection, and DNS services. Cloudflare may process your IP address and request metadata to route traffic and protect against attacks. No personal garden data is shared with Cloudflare. Privacy Policy: cloudflare.com/privacy-policy

- Resend (Transactional Email): Delivers account-related emails on our behalf, including email verification links, password reset emails, and critical security alerts. Resend receives your email address solely to send these messages. No garden designs or uploaded assets are shared with Resend. Location: United States. Privacy Policy: resend.com/legal/privacy-policy

2.9 Support Requests and Feedback:

When you contact us through the Help & Support section in the app, we store the following in our database:

- Category: The type of submission you select — Bug Report, Help Request, or General Feedback

- Subject: The short title you write for your request

- Message: The detailed description you write

- Email Address: Copied from your account at submission time so we can follow up with you

- Resolution Status: Tracks whether your request is new, in progress, resolved, or closed

- Timestamps: When the request was submitted and last updated

Purpose: Support request content is used exclusively to respond to your inquiry and improve the app. It is never used for marketing, advertising, or shared with third parties beyond what is necessary to operate our support workflow.

Retention: Support requests are retained while your account is active. All support requests are permanently deleted when your account is closed via CASCADE database constraints. You may also request deletion of individual support requests by contacting us at florasketch@proton.me.

2.8 Background Data Collection:

Flora Sketch does NOT collect data when the app is in the background or closed.

- Foreground Only: All data syncing occurs only when app is actively in use

- Authentication: Tokens refresh only during active sessions, not in background

- No Background Location: We never track location, foreground or background

- No Background Photo Access: Camera/storage only accessed when you explicitly choose to upload

- Push Notifications: Not implemented — the app does not use push notifications

- Offline Mode: If internet disconnects, edits are saved locally and synced when you return online

- Cross-Device Syncing: Your data syncs automatically across devices when logged into same account (foreground only)

3. How We Use Your Information

We use your information for the following specific purposes:

3.1 Core Functionality:

- Authenticate your identity and maintain secure access to your account

- Save and synchronize your garden designs across app sessions and devices

- Store your uploaded assets in secure cloud storage (Supabase Storage)

- Calculate costs based on your plant and material selections

- Enable undo/redo functionality for design changes

3.2 Account Management:

- Send email verification links to confirm your account

- Process password reset requests when you forget your credentials

- Notify you of critical account security events

- Manage your subscription or service access (if applicable)

3.3 Service Improvement:

- Monitor system performance and identify technical issues

- Optimize database queries for faster load times

- Identify and fix bugs using anonymous crash reports and error diagnostics from Sentry (no personal or garden data is included)

- Respond to bug reports, help requests, and feedback submitted through the Help & Support section in the app

3.4 Legal and Security:

- Enforce our Terms of Service and prevent abuse

- Comply with legal obligations and respond to lawful requests

- Protect the rights, property, and safety of our users

4. Data Storage and Security

4.1 Infrastructure:

- Database: Supabase (PostgreSQL) with enterprise-grade security and automatic backups

- Authentication: Supabase Auth with bcrypt password hashing and JWT tokens

- File Storage: Supabase Storage with access controls and public URL generation

- Data Location: Your data is stored in secure data centers operated by Supabase

4.2 Security Measures:

- Row Level Security (RLS): Database policies ensure you can only access your own data

- Encryption in Transit: All data transmissions use HTTPS/TLS 1.2+ encryption

- Encryption at Rest: Database uses AES-256 encryption managed by Supabase PostgreSQL. File storage uses server-side encryption (SSE) for all uploaded assets

- Password Security: Passwords are hashed with bcrypt (cost factor 12, industry standard) - never stored in plain text and not reversible

- Authentication Tokens: JWT tokens with HMAC SHA-256 signatures, 1-hour expiration for security

- Foreign Key Constraints: Automatic data cleanup when accounts are deleted

- Email Verification: Required before full account access to prevent fake accounts

Security Audits and Compliance:

- Infrastructure Provider: Supabase maintains SOC 2 Type II certification for data security

- Internal Security Reviews: We conduct quarterly security reviews of our codebase and practices

- Vulnerability Disclosure: We welcome responsible security disclosures at florasketch@proton.me

- Monitoring: Automated alerts for suspicious activity, failed login attempts, and unusual data access patterns

4.3 Data Retention:

- Active Accounts: Garden designs are retained indefinitely while your account is active

- Uploaded Assets: Images remain available until you delete them, close your account, or your subscription is downgraded to a tier with a lower upload limit. If a downgrade causes your upload count to exceed the new tier's limit, the oldest uploads over that limit will be permanently deleted at or shortly after the downgrade effective date. Downgrading to the Free tier results in deletion of all uploaded images, as Free accounts do not permit image uploads. We display the specific files queued for deletion within the app before you confirm any downgrade, giving you the opportunity to download them first. Upload limits by tier: Free — 0 uploads; Hobby — up to 250 uploads; Pro — up to 1,000 uploads. Photo access is declared as an optional, user-initiated feature in our Google Play Data Safety form.

- Authentication Tokens: JWT tokens expire after 1 hour of inactivity for security. Refresh tokens last up to 7 days

- Support Requests: Retained while your account is active. Permanently deleted when your account is closed via CASCADE constraints. Individual requests can be deleted on request by contacting florasketch@proton.me.

- Deleted Gardens: Permanently removed immediately (no soft-delete recovery period)

- Closed Accounts: All user data (gardens, assets, account info, support requests) is permanently deleted within 30 days via CASCADE constraints

- Email Verification: Unverified accounts have a 3-day verification deadline before account access is restricted

- Backup Retention: Database backups are retained for 7 days for disaster recovery, then permanently deleted

4.4 File Storage Specifications:

- Storage Bucket: Private bucket (user-assets) - not publicly accessible

- Access Method: Signed URLs with 1-year expiration for authenticated access only

- File Naming: Random UUIDs to prevent enumeration attacks (format: userId/random-uuid-timestamp.jpg)

- Supported Formats: JPEG, PNG, WebP, GIF (images only)

- Maximum File Size: 10MB per file

- Row Level Security: Database policies ensure you can only access your own files

4.5 Data Portability and Export:

You have the right to export your data in machine-readable formats:

- Garden Designs: Export as JSON containing all garden metadata, plant positions, and hardscape elements

- Asset List: CSV export of uploaded asset metadata (names, categories, tags, URLs)

- Account Data: Request complete data export including account information, subscription details, and all associated content

- Request Method: Contact us through Help & Support or email for data export requests (processed within 30 days)

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. Your garden designs and personal data remain private and are only accessible by you.

5.1 Service Providers:

We share data only with the following service providers, solely to operate the app on your behalf:

- Supabase: Database, authentication, and file storage. Receives your account data, garden designs, and uploaded assets.

- Sentry: Crash reporting and error diagnostics. Receives anonymous device and error data only — no personal or garden data.

- Google Play Billing: Payment processing for Android subscriptions. Receives payment details directly from you; we receive only subscription status confirmation.

- Cloudflare: CDN, DDoS protection, and DNS. Processes IP addresses and request metadata for traffic routing and security. Does not receive your personal or garden data.

- Resend: Transactional email delivery. Receives your email address solely to send account-related emails (verification links, password resets, security alerts) on our behalf. No garden designs or uploaded assets are shared with Resend.

- All service providers are contractually prohibited from using your data for their own purposes beyond providing services to us.

5.2 Legal Requirements:

- We may disclose data when required by law, court order, or government request

- We may share information to enforce our Terms of Service

- We may disclose data to protect the rights, safety, or property of our users or the public

5.3 What We DO NOT Do:

- No third-party analytics (Google Analytics, Facebook Pixel, etc.)

- No advertising networks or tracking cookies

- No data brokers or marketing companies

- No social media integration that shares your data

- No AI training on your garden designs

6. Your Rights and Controls

6.1 Access and Portability:

- View all your garden designs at any time from the Account page

- Access your uploaded assets and their metadata

- Export your designs: Download SVG (vector format for infinite zoom) and JSON (complete data) files of your gardens, and PDF plant shopping lists, directly from the editor (available to Hobby and Pro subscribers only; not available on the Free tier)

- Request a copy of all your personal data in machine-readable format by contacting support

6.2 Modification:

- Update your email address through Account Settings

- Change your password at any time

- Edit, rename, or delete any of your garden designs

- Remove uploaded assets from your library

6.3 Deletion and Right to be Forgotten:

In compliance with GDPR, CCPA, and Google Play requirements, you have complete control over your data deletion:

- Individual Items: Delete individual garden designs from the Account page instantly

- Assets: Remove uploaded images from your asset library at any time

- Full Account Deletion: Request complete account deletion through Help & Support in the app, email florasketch@proton.me, or visit https://florasketch.co/deleteaccount

- What Gets Deleted: ALL your data including gardens, plants, uploaded assets, account information, and subscription details

- Timeline: Account deletion is processed and all data is permanently deleted within 30 days of your request

- Irreversibility: Account deletion is permanent and cannot be undone. No recovery options available

- Exceptions: We may retain limited data only if required by law (e.g., financial records for tax purposes), but personal identifiers are removed

- Important — Subscriptions: Deleting your account does not automatically cancel an active Google Play subscription. You must cancel your subscription separately via Google Play Subscriptions before or after deleting your account to avoid further charges

6.4 Data Download and Portability:

You can request a copy of all your data in machine-readable format:

- Email florasketch@proton.me to request data export

- Receive JSON files with all garden designs, metadata, and account information

- Includes list of uploaded assets with download links

- Delivered within 30 days via secure download link

6.5 Communication Preferences:

We only send transactional emails directly related to your account:

- Email verification — sent once when you create an account

- Password reset — sent only when you request it

- Account deletion confirmation — sent when your account is deleted

- Critical security alerts — sent only if unauthorized access is detected

We do not send marketing emails, newsletters, or promotional communications.

7. Local Storage and Session Data

7.1 What We Use:

- localStorage (app-local): Stores authentication tokens to keep you logged in between app sessions

- Session Cookies: Managed by Supabase for authentication within the app (essential for functionality)

- sessionStorage (app-local): Used for temporary plant description caching within the current app session only; cleared automatically when the app is closed

- All storage is cleared when you log out or uninstall the app

7.2 What We DON'T Use:

- No third-party tracking cookies

- No advertising cookies

- No cross-site tracking

- No analytics cookies (Google Analytics, etc.)

- No fingerprinting or device tracking

8. AI and Database Content Sourcing

Database Creation with AI: Our plant database was enriched during development using AI (Anthropic Claude) to generate botanical facts such as sunlight requirements, watering needs, and bloom characteristics. This was a one-time offline process performed by our development team, not a runtime feature of the app.

- What Happened: During database creation, AI generated factual botanical data (hardiness zones, care instructions, plant characteristics) from plant scientific names

- Your App Does NOT: Make any calls to AI services. AI enrichment happened once during development, not when you use the app

- Your Data is Safe: Your personal data, garden designs, and uploaded images are NEVER sent to AI services or used for AI training

- Static Database: The app downloads a pre-built plant catalog. No real-time AI processing occurs

- Transparency: AI-generated plant information is flagged with visible disclaimer warnings within the app

- No Automated Decisions: We do not use AI or automated processing to make decisions that affect your account or service

9. Children's Privacy (COPPA Compliance)

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

Age Restriction Enforcement:

- Platform Age Rating: Our app is rated 13+ on Google Play Store

- Terms of Service: Account creation requires users to be at least 13 years old

- No Age Gate: We rely on platform-level age restrictions rather than collecting birthdates

- Discovery and Deletion: If we learn a user is under 13, their account is immediately deleted with all associated data

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at florasketch@proton.me, and we will delete such information within 48 hours.

10. International Data Transfers

Flora Sketch LLC is based in Washington State, USA. Your personal data is processed and stored on servers operated by Supabase, which are located in the United States. If you access Flora Sketch from the European Economic Area (EEA), United Kingdom, or Switzerland, your data is transferred to and processed in the United States.

10.1 Legal Transfer Mechanism (EU, UK, and Switzerland)

We rely on Standard Contractual Clauses (SCCs) as the legal basis for transferring personal data from the EEA, UK, and Switzerland to the United States. SCCs are contractual safeguards approved by the European Commission under GDPR Article 46(2)(c) that legally bind our data processor to protect your data to EEA standards.

Specifically, all personal data is processed through Supabase, which:

- Offers a GDPR-compliant Data Processing Agreement (DPA) incorporating the EU Standard Contractual Clauses (available at supabase.com/dpa)

- Is certified under the EU-U.S. Data Privacy Framework (DPF), an adequacy mechanism recognized by the European Commission

- Maintains SOC 2 Type II certification for data security and confidentiality controls

- Applies technical and organizational safeguards (encryption in transit and at rest, access controls, audit logging) to all data it processes on our behalf

Cloudflare, which provides CDN and security infrastructure, also participates in the EU-U.S. Data Privacy Framework (see cloudflare.com/trust-hub/gdpr).

Resend (Plus Five Five, Inc.), which delivers transactional account emails on our behalf, transfers personal data to the United States under two complementary mechanisms: (1) Standard Contractual Clauses (SCCs) — Resend's Data Processing Addendum (available at resend.com/legal/dpa) incorporates the EU SCCs approved under Commission Decision 2021/914, including UK Addendum coverage for ex-UK transfers and Swiss FADP coverage for transfers from Switzerland; and (2) EU-U.S. Data Privacy Framework (DPF) certification, including the UK Extension, as set forth by the U.S. Department of Commerce (see dataprivacyframework.gov). Resend receives only your email address, solely to deliver verification, password reset, and security alert emails.

10.2 Data Minimization for International Transfers

Only the minimum data necessary to operate the service is transferred internationally:

- Supabase: Email address, garden designs, uploaded assets, and subscription tier

- Sentry: Anonymous crash data — no personal identifiers are transmitted

- Google Play Billing: Payment data goes directly to Google; we receive only subscription status

- Cloudflare: IP addresses and request metadata for routing and DDoS protection only

- Resend: Email address only, solely to deliver transactional account emails (verification, password reset, security alerts). Location: United States.

10.3 Your Rights Regarding International Transfers

You have the right to request information about the specific safeguards applied to your data when transferred internationally. You may also request a copy of the Standard Contractual Clauses governing the transfer by contacting us at florasketch@proton.me. Additional GDPR rights (access, rectification, erasure, restriction, portability, objection) are described in Section 15.

11. Google Play Data Safety Labels

For users downloading from the Google Play Store, we provide the following data safety disclosures:

Data Used to Track You:

- None — we do not track you across apps or websites

Data Linked to You:

- Contact Info (Email) - for authentication only

- Identity (Username/display name) - used for account identification only

- App Activity (Subscription tier) - used solely to enforce plan limits and unlock features

- App Activity (Task engagement preferences) - completion rate, snooze frequency, and timing offset per task type; used solely to personalize task scheduling recommendations; never used for advertising

- Other (Timezone preference) - user-selected for accurate timestamp display; no location coordinates collected

- User Content (Garden designs, uploaded images, garden tasks, custom task templates, and support request messages) - stored in your account

Data NOT Linked to You (Anonymous):

- Crash Logs (Device model, OS, app version, error details) - anonymous, cannot be traced to individual users

- Diagnostics (Performance data, memory usage) - aggregated and anonymous

- Other — IP Address: collected transiently during login attempts for security and brute-force attack prevention; stored separately from your account identity, never used for advertising or tracking, deleted within 90 days

- Other — User Agent (browser type and OS): collected alongside IP address during login attempts for the same security purpose; stored separately from your account identity, deleted within 90 days

Data NOT Collected:

- Location data (precise or approximate) - not collected

- Browsing history - not collected

- Contacts or calendar - not collected

- Financial information (payment processing handled by Google Play Billing) - not collected by us

- Health & fitness data - not collected

- Device identifiers for advertising (no IDFA, no Android Advertising ID) - not collected

- Biometric data (no fingerprint or face recognition) - not collected

12. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

- Notify affected users without undue delay via email once we have confirmed the breach and identified which accounts are affected. Where required by law (including GDPR Article 33), we will also notify the relevant supervisory authority within 72 hours of becoming aware of the breach.

- Describe what information was compromised

- Explain what steps we're taking to address the breach

- Provide recommendations for protecting your account

- Comply with all applicable data breach notification laws (including Washington State RCW 19.255.010 and GDPR Articles 33-34)

13. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

- Update the "Effective Date" at the top of this policy

- Send you an email notification to your registered address

- Display a prominent notice in the application for 30 days

Your continued use of the service after changes become effective constitutes acceptance of the updated policy.

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

- Right to Know: Request disclosure of personal data we collect, use, and share

- Right to Delete: Request deletion of your personal information

- Right to Opt-Out: We don't sell personal information, so no opt-out is needed

- Right to Non-Discrimination: We won't discriminate against you for exercising your rights

15. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR). The table below maps each processing activity to its specific legal basis under GDPR Article 6:

- Account creation, authentication, and session management — Contract performance (Article 6(1)(b)): necessary to provide the Service you signed up for

- Saving and syncing garden designs and uploaded assets — Contract performance (Article 6(1)(b)): the core function of the Service

- Subscription and feature-access management — Contract performance (Article 6(1)(b)): necessary to enforce your tier limits and unlock paid features

- Transactional emails (email verification, password reset, security alerts) via Resend — Contract performance (Article 6(1)(b)): required to maintain secure account access

- Security audit logging (IP address and User Agent during login attempts) — Legitimate interests (Article 6(1)(f)): protecting accounts from brute-force attacks and unauthorized access; data is not linked to your identity and is deleted within 90 days

- Anonymous crash reporting via Sentry — Legitimate interests (Article 6(1)(f)): identifying and fixing software bugs to maintain service quality; no personal data is transmitted

- Retaining limited records after account deletion where required by law — Legal obligation (Article 6(1)(c)): for example, financial records for tax compliance

Your GDPR rights are listed below. Note that some rights (such as erasure or objection) may be limited where processing is necessary for contract performance or legal compliance.

- Right to Access: Request a copy of the personal data we hold about you

- Right to Rectification: Correct inaccurate personal data

- Right to Erasure: Request deletion under certain conditions. Note: security audit logs (IP address and User Agent collected during login attempts) are processed under legitimate interests (Article 6(1)(f)) for account protection and are retained for up to 90 days even if you request erasure of your account data, as permitted under Article 17(3)(e) GDPR (establishment, exercise, or defence of legal claims and fraud prevention). These logs are not linked to your identity and are deleted automatically at the end of the retention period.

- Right to Restrict Processing: Limit how we process your data

- Right to Data Portability: Receive your data in a structured format

- Right to Object: Object to processing based on legitimate interests

- Right to Lodge a Complaint: You have the right to lodge a complaint with the data protection supervisory authority in your EU/EEA member state of residence, place of work, or the location of the alleged infringement. A list of EU/EEA national data protection authorities is available at edpb.europa.eu. This right is in addition to any other remedies available to you and does not affect your right to seek judicial remedies.

To exercise your rights (other than the right to lodge a supervisory authority complaint), contact us at florasketch@proton.me or through the Help & Support section in the app.

16. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Washington, USA, without regard to its conflict of law provisions.

Any disputes arising from this Privacy Policy or your use of the Service shall be subject to the exclusive jurisdiction of the state and federal courts located in Washington State.

EU/EEA and UK consumers — mandatory consumer protection laws: Notwithstanding the choice of Washington State law above, if you are a consumer resident in a European Union or European Economic Area member state, or in the United Kingdom, this choice of law does not deprive you of the protection afforded to you by provisions that cannot be derogated from by agreement under the mandatory consumer protection and data protection laws of your country of residence (including the GDPR, the UK GDPR, and equivalent applicable law). In any conflict between this Privacy Policy and such mandatory provisions, the mandatory provisions of your country's law prevail to the extent of the conflict.

EU/EEA jurisdiction: If you are a consumer resident in the EU or EEA, you may bring proceedings related to this Privacy Policy in the courts of your country of residence, in addition to or instead of the courts of Washington State. You may also lodge a complaint with your local data protection supervisory authority (see Section 15).

UK jurisdiction: If you are a consumer resident in the United Kingdom, you may bring proceedings related to this Privacy Policy in the courts of England and Wales, Scotland, or Northern Ireland (as applicable to your place of residence), in addition to or instead of the courts of Washington State.

17. Contact Information

Company Legal Name: Flora Sketch LLC

State of Formation: Washington State, USA

Privacy Inquiries:

- Email: florasketch@proton.me

- In-App Support: Help & Support section in the application

- Data Rights Requests: florasketch@proton.me

- Security Concerns: florasketch@proton.me

Mailing Address:

Flora Sketch LLC

Privacy Officer

2111 N Dick Rd

Spokane Valley, WA 99212

United States

Response Times:

- General inquiries: Within 7 business days

- GDPR/CCPA/Washington privacy rights requests: Within 30 days (may extend to 45 days if complex)

- Data breach or security concerns: Within 72 hours

- Account deletion requests: Processed within 30 days

Note: This privacy policy complies with Google Play Store requirements, as well as federal laws (COPPA, CAN-SPAM) and state laws including Washington State privacy regulations, California CCPA, and European GDPR where applicable.