Privacy Policy
Last updated: October 3, 2025
Introduction
Welcome to Tendra ("Tendra," "we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we handle data. This Privacy Policy explains our practices regarding the collection, use, and disclosure of information when you use our mobile application and related services (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.
1. What Information Do We Collect?
Personal Information You Provide
We collect personal information that you voluntarily provide when you:
- Create an Account: Email address, username, password, profile picture
- Use Our Services: Plant photos, plant names, care schedules, notes, and observations
- Participate in Community Features: Posts, comments, and shared content
- Contact Support: Name, email, and any information you choose to provide
Information Automatically Collected
When you use our Service, we automatically collect certain information:
- Device Information: Device type, operating system, unique device identifiers
- Usage Data: Features accessed, time spent, interactions, search queries
- Location Data: Approximate location based on IP address (we do not collect precise geolocation)
- Log Data: IP address, browser type, access times, pages viewed, app crashes
2. How Do We Process Your Information?
We process your information for the following purposes:
- Provide and Maintain the Service: Plant identification, care reminders, disease diagnosis, and personalized recommendations
- Account Management: Create and manage your account, authenticate users
- Improve Our Service: Analyze usage patterns, develop new features, enhance accuracy of plant identification
- Communication: Send notifications, updates, support responses, and service-related announcements
- Safety and Security: Detect fraud, prevent abuse, enforce our terms of service
- Legal Compliance: Comply with applicable laws and regulations
3. Legal Bases for Processing
We process your personal information based on the following legal grounds:
- Consent: You have given us explicit permission to process your information
- Contract Performance: Processing is necessary to provide the Service you requested
- Legitimate Interests: To improve our Service, prevent fraud, and ensure security
- Legal Obligations: To comply with applicable laws and regulations
4. Sharing Your Personal Information
We may share your information in the following circumstances:
With Third-Party Service Providers
We work with third-party service providers who perform services on our behalf:
- Plant Identification Services: For enhanced plant identification features
- AI and Machine Learning Providers: For disease diagnosis and intelligent features
- Cloud Services: For hosting, authentication, database, and storage
- Payment Processors: Apple App Store and Google Play Store handle all subscription transactions
These service providers have access only to information necessary to perform their functions and are obligated not to disclose or use it for other purposes.
Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your personal information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.
Legal Requirements
We may disclose your information if required by law or in response to valid requests by public authorities.
Community Content
Content you post to community features (posts, comments) may be visible to other users. Community-shared observations and images are published under a Creative Commons Attribution-ShareAlike (CC-BY-SA) license.
5. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track activity on our Service and store certain information. These technologies help us:
- Remember your preferences and settings
- Understand how you use our Service
- Improve user experience and Service performance
- Analyze usage patterns and trends
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
6. Social Login
Our Service offers the ability to register and log in using your Google account. When you use social login, we collect and process:
- Your name and email address from your social media account
- Profile picture (if you choose to share it)
- Any other information you consent to share
We use this information only to create and manage your Tendra account. Please review your social media privacy settings to understand what information may be shared.
7. International Data Transfers
Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using our Service, you consent to the transfer of your information to the United States and other countries where our service providers operate.
8. How Long Do We Keep Your Information?
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will delete it or anonymize it.
- Account Information: Retained until you request account deletion
- Plant Data: Retained as long as your account is active
- Usage Logs: Typically retained for 12-24 months for analytics purposes
Account Deletion and Data Retention
When you request account deletion through the app:
30-Day Grace Period
Your account will be scheduled for permanent deletion after 30 days. During this grace period:
- You can cancel the deletion request and fully restore your account at any time
- Your data remains stored and your account remains fully accessible
- Your account functions normally with no restrictions or hidden content
- You will see a notification about the scheduled deletion date in your account settings
After the 30-day grace period expires, we will permanently delete:
- Personal Information: Email address, username, profile picture, and account details
- Plant Data: ALL PLANTS and all data you have created in Tendra, including plant names, care schedules, notes, and observations
- Media: All photos and images you have uploaded to the Service
- Collections: All spaces and plant collections you have created
- Community Content: All posts, comments, and interactions (note: content shared under CC-BY-SA license may remain accessible to users who previously accessed it)
- Authentication Data: Your Firebase authentication record
This deletion is permanent and cannot be undone. We do not retain backups of deleted accounts beyond the 30-day grace period.
9. How Do We Keep Your Information Safe?
We implement appropriate technical and organizational security measures to protect your personal information, including:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication requirements
- Secure cloud infrastructure
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
10. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information:
General Rights
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information through the Account settings in the app (subject to 30-day grace period as described in Section 8) or by contacting support@gaialab.io
- Data Portability: Request a copy of your data in a structured, commonly used format
- Withdraw Consent: Withdraw consent for processing where we rely on consent
- Object to Processing: Object to our processing of your information for certain purposes
California Residents
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected, used, shared, or sold
- Right to delete personal information held by businesses
- Right to opt-out of sale of personal information (we do not sell your information)
- Right to non-discrimination for exercising your CCPA rights
European Residents (GDPR)
If you are in the European Economic Area (EEA), UK, or Switzerland, you have rights under GDPR including the rights listed above, plus the right to lodge a complaint with your local data protection authority.
To exercise any of these rights, please contact us at support@gaialab.io
11. Do-Not-Track Signals
We do not currently respond to Do-Not-Track (DNT) signals as there is no consistent industry standard for compliance. We continue to monitor developments in DNT technology and may adopt a standard once established.
12. Children's Privacy
Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@gaialab.io so we can delete such information.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make changes, we will:
- Update the "Last updated" date at the top of this policy
- Notify you through the Service or via email for significant changes
- Obtain your consent if required by applicable law
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Company: Gaialab
Email: support@gaialab.io
Website: https://tendra-app.com