Privacy Policy

GrowLog AI (“GrowLog AI,” “we,” “us,” or “our”) provides an AI-powered garden advisor and diary service (the “Service”). This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have. By using the Service you agree to the practices described here.

We collect the following categories of information:

• Account information: name, email address, and authentication identifiers (for example, when you sign in with Google).
• Garden content you provide: messages you send to the AI, photos you upload, observations, crop names, locations, and notes you add to your diary.
• Derived data: AI-generated summaries, recommendations, tags, and structured diary entries created from your inputs.
• Location and weather data: approximate location (such as ZIP/postal code or coordinates you provide) used to fetch local weather and growing-zone information.
• Connected services: if you connect Google Sheets or other third-party storage, we access only what is needed to create and maintain your diary file.
• Usage and device data: log data, IP address, browser type, pages viewed, and basic analytics used to operate and improve the Service.
• Cookies and similar technologies: used for authentication, preferences, and analytics.

• Provide, maintain, and improve the Service.
• Process your messages, photos, and observations through large language models (LLMs) to generate advice, summaries, and diary entries.
• Personalize recommendations based on your garden history.
• Communicate with you about your account, updates, and support requests.
• Detect, prevent, and address abuse, fraud, or security issues.
• Comply with legal obligations.

The Service uses third-party LLM providers (such as OpenAI, Anthropic, Google, or similar) to process your inputs and generate responses. When you interact with the AI:

• Your messages, photos, and relevant context (such as past diary entries and weather) may be transmitted to these providers solely to generate a response for you.
• We instruct providers, where contractually available, not to use your content to train their general models. However, providers may retain inputs and outputs for a limited period for abuse monitoring and service operation under their own policies.
• AI outputs may be inaccurate, incomplete, or unsuitable for your specific situation. You are responsible for evaluating any recommendation before acting on it (see our Terms of Service).
• We do not sell your content, and we do not use your private garden data to train our own models without your explicit consent.

We share information only as described below:

• Service providers: hosting, authentication, analytics, error monitoring, email delivery, and the LLM providers described above, each acting on our behalf under contractual safeguards.
• Connected accounts: if you connect Google Sheets or another third-party service, your diary content is written to that service under your own account and governed by its terms and privacy policy.
• Legal and safety: when required by law, valid legal process, or to protect rights, safety, or property.
• Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections.

We do not sell your personal information or share it for cross-context behavioral advertising.

We retain account information and diary content for as long as your account is active, and for a reasonable period afterward to comply with legal obligations, resolve disputes, and enforce our agreements. Diary content stored in your own connected services (such as Google Sheets) remains under your control and is retained according to your preferences there.

We use industry-standard administrative, technical, and physical safeguards designed to protect your information, including encryption in transit, access controls, and least-privilege principles. No system is perfectly secure, and we cannot guarantee absolute security.

Depending on where you live, you may have rights to access, correct, delete, port, or restrict processing of your personal information, and to object to certain uses. You can exercise these rights by contacting hello@growlogai.com. You may also delete your account at any time, which will remove your personal information from our active systems, subject to limited retention for legal and operational purposes.

California, EU/UK, and similar jurisdictions: you have additional rights under applicable laws (CCPA/CPRA, GDPR, UK GDPR). We act as a data controller for the personal information you provide directly to us.

The Service is not directed to children under 13 (or 16 in the EEA/UK), and we do not knowingly collect personal information from them. If you believe a child has provided us information, please contact us and we will delete it.

We operate in the United States and may process information in other countries where our service providers operate. We use appropriate safeguards (such as standard contractual clauses) where required by law.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service. Continued use after the changes take effect constitutes acceptance of the updated policy.

Questions or requests about this Privacy Policy can be sent to hello@growlogai.com, or by mail to: