Privacy Policy — Plotera

    Plotera is built by a single developer for home gardeners. We collect only what's needed to make the app work, we don't sell your data, and we don't show you ads.
  

Who We Are

Plotera ("we", "us", "our") is a garden planning web application operated by an individual developer at plotera.app. If you have any questions about this policy, contact us at admin@plotera.app.

What Information We Collect

Account information: When you create an account, we collect your email address, a display name (optional), and a hashed password. We never store your password in plain text.

Garden data: Everything you enter into Plotera — gardens, zones, plants, watering logs, fertiliser records, todos, yield logs, costs, photos, nursery trays, and seed inventory — is stored in your account and associated only with you.

Location data: If you search for your location in the garden settings, we store your suburb name and approximate coordinates (latitude/longitude) to provide weather data and seasonal planting advice. We do not track your device's GPS continuously.

Usage data: We store a login count and may log page views in aggregate to understand how the app is used. We do not use third-party analytics tools.

Photos: Photos you upload to the garden gallery are stored on our server. They are not shared, indexed, or used for any purpose other than displaying them to you in the app.

Support messages: If you contact us via the in-app support form, we store your message and email address to respond to you.

How We Use Your Information

To operate and maintain your account and garden data
To provide weather data relevant to your garden location
To send transactional emails — email verification, password resets (if applicable)
To respond to support requests you send us
To understand usage patterns and improve the app

We do not use your data for advertising, profiling, or sale to third parties.

Data Storage & Security

Your data is stored on servers hosted by Hostinger (cloud infrastructure). Data is stored in Australia/EU depending on server location. We use industry-standard security practices including:

Passwords hashed with bcryptjs (never stored in plain text)
HTTPS enforced on all connections
JWT tokens with 30-day expiry for authentication
Rate limiting on login and signup endpoints to prevent brute force attacks

No system is 100% secure. In the unlikely event of a data breach affecting your personal information, we will notify affected users by email as soon as reasonably practicable.

Third-Party Services

Plotera uses a small number of third-party services to operate:

Open-Meteo (open-meteo.com) — free weather API. Your garden's coordinates are sent to retrieve weather data. No account or API key required. See their terms.
Google Fonts — font files (Nunito, Fraunces) are loaded from Google's CDN. This involves a request to Google servers. See Google's privacy policy.
hCaptcha — used on the login and signup forms to prevent spam. A verification challenge is presented. See hCaptcha's privacy policy.
Tesseract.js — OCR library for the seed packet scanner. Runs entirely in your browser. No data is sent to any server.

Cookies & Local Storage

We do not use advertising cookies or tracking cookies. We use:

localStorage — to store your login token, app preferences, notification settings, and wizard history. This stays on your device and is never transmitted except as part of API requests.
sessionStorage — for temporary in-session state like the current garden page. Cleared when you close the browser tab.

Your Rights

You have the right to:

Access all data we hold about you — your account and garden data is fully visible in the app. You can export it at any time via Settings → Export Data.
Delete your account and all associated data — available in Settings → Delete Account. This is immediate and irreversible.
Correct your information — update your name and password in the app settings at any time.
Port your data — use the export feature to download your full garden data as JSON.

To exercise any right not available in-app, contact us at admin@plotera.app.

Children's Privacy

Plotera is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Changes to This Policy

We may update this policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. For significant changes, we'll notify users by email or via an in-app notice.

Contact

Questions about your privacy?

We're a small team and we take privacy seriously. Reach out any time.

admin@plotera.app