← Back to Sign Up

Privacy Policy

Last updated: April 24, 2026

Cloche ("we," "us," or "our") operates the Cloche gardening app at clochegarden.com. This Privacy Policy explains what personal data we collect, how we use it, and your rights. We keep it plain English — no legalese walls.

1. What We Collect

Information you provide:

• Account info: name, email address, password (hashed and never stored in plaintext)
• Garden data: plants you add, bed layouts, notes, garden photos, and your full plant inventory
• Journal entries: care logs, harvest records, and personal growing notes
• Location: ZIP code or city for weather, frost dates, and hardiness zone lookup
• AI Coach messages: questions and conversations you have with the AI gardening assistant
• Payment info: handled entirely by Stripe — we never see or store your card number

Information collected automatically:

• Usage data: which features you use, session duration, page views
• Device info: browser type, operating system, screen size
• Error logs: crash reports and error events to help us fix bugs (via Sentry)
• Analytics: anonymous usage metrics via the Polsia analytics beacon (no personal identifiers)

2. How We Use Your Data

• Provide, maintain, and improve the Service
• Personalize your gardening advice, zone-specific planting schedules, and AI recommendations
• Generate AI-powered plant diagnoses, care reminders, and seasonal alerts tailored to your location
• Surface relevant product recommendations via Amazon Associates affiliate links
• Send transactional emails (account confirmations, billing receipts, password resets)
• Send product updates and gardening tips (you can opt out anytime)
• Analyze aggregate usage patterns to improve features
• Comply with legal obligations

3. Third-Party Services We Use

We do not sell your personal data. We share data only with:

• Stripe — payment processing. Your billing info goes directly to Stripe; we only receive confirmation of payment status.
• OpenAI / Anthropic — AI features (plant advice, photo diagnosis, AI Coach conversations). Your queries are transmitted to these providers per their privacy policies.
• Sentry — error tracking and performance monitoring. Crash reports may contain device info and anonymized request context.
• Postmark — transactional email delivery. Your email address is transmitted to Postmark to send account and billing emails.
• Meta (Facebook Pixel) — conversion analytics and ad performance measurement. Page view and conversion events are sent to Meta.
• National Weather Service (NOAA) / Open-Meteo — we send your ZIP code or coordinates to fetch local forecasts and frost date data.
• Amazon Associates — affiliate product links. Clicking a product recommendation may set Amazon cookies. We earn a small commission on qualifying purchases at no extra cost to you.
• Render / Cloudflare / Neon — hosting, CDN, and database infrastructure for the Service.
• Law enforcement — only when legally required by valid legal process.

4. Cookies and Tracking

We use:

• Essential cookies — authentication tokens to keep you logged in. Required for the Service to function.
• Analytics — anonymous session analytics (no cross-site tracking, no personal identifiers).
• Third-party cookies — Meta Pixel may set cookies for ad measurement. Amazon may set cookies when you click affiliate product links.

You can control cookies in your browser settings. Disabling essential cookies will prevent you from staying logged in.

5. Data Retention

We retain your data as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where retention is required by law (e.g., billing records for 7 years in some jurisdictions).

6. Your Privacy Rights

Depending on your location, you have the following rights:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate data
• Deletion — request deletion of your account and personal data
• Data portability — request an export of your garden data in a portable format
• Opt out of marketing — unsubscribe link in every marketing email, or email us
• Withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, email us at hello@clochegarden.com. We will respond within 30 days.

7. GDPR — EU / EEA Residents

If you are located in the European Union or European Economic Area, the following additional rights apply under the General Data Protection Regulation (GDPR):

• Legal basis — we process your data based on: (a) performance of our contract with you (to provide the Service); (b) legitimate interests (security, fraud prevention, product improvement); and (c) your consent (marketing emails, optional analytics).
• Right to object — you may object to processing based on legitimate interests
• Right to restrict processing — you may request we restrict processing of your data in certain circumstances
• Right to erasure ("right to be forgotten") — you may request deletion of all personal data we hold about you
• Right to lodge a complaint — you have the right to lodge a complaint with your local supervisory authority (e.g., your national data protection authority)
• Data transfers — your data may be processed outside the EEA (e.g., on US-based servers). We rely on Standard Contractual Clauses or other appropriate safeguards for such transfers.

To exercise your GDPR rights, email hello@clochegarden.com.

8. CCPA — California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

• Right to know — you may request disclosure of the categories and specific pieces of personal information we collect about you
• Right to delete — you may request deletion of personal information we have collected from you
• Right to opt out of sale — We do not sell your personal information. We do not sell your data to third parties for monetary consideration.
• Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights

To exercise your CCPA rights or submit a verifiable consumer request, email hello@clochegarden.com. We will respond within 45 days.

9. Children's Privacy

Cloche is not directed to children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it promptly.

10. Security

We use industry-standard measures: HTTPS in transit, hashed passwords, encrypted storage for sensitive fields, and strict access controls. No system is 100% secure — we will notify you promptly if a breach affects your data.

11. Changes to This Policy

We will notify you of material changes via email or in-app notice at least 7 days before they take effect. The "last updated" date at the top always reflects the current version.

12. Contact

Privacy questions or requests? Email hello@clochegarden.com. We aim to respond within 30 days.

---

© 2026 Cloche. All rights reserved. · Terms of Service · hello@clochegarden.com