Privacy Policy for Potter

Last Updated: November 22, 2025

Introduction

Welcome to Potter, a plant tracking application developed by Mirek Sawicz ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Potter (the "App"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

Information We Collect

Personal Information

We collect personal information that you voluntarily provide to us when you register on the App, express an interest in obtaining information about us or our products and services, or otherwise contact us.

The personal information we collect may include:

• Name and Email Address: Collected when you sign in using Google Sign-In or Sign in with Apple
• Profile Photo: Optional profile picture from your Google or Apple account
• User ID: Unique identifier assigned to your account

User-Generated Content

• Plant Information: Names, notes, and descriptions you provide for your plants
• Watering Logs: Records of when you water your plants
• Photos: Images you capture or select from your photo library for plant identification. These photos are stored locally on your device and associated with your plant records to display when you view your plants
• AI Identification Results: Plant identification data generated from your photos

Photos and Camera Access

With your permission, we access:

• Camera: To take photos of your plants for identification
• Photo Library: To select existing photos of your plants for identification

Photo Storage: Photos you capture or select are stored locally on your device as part of your plant records. These photos remain on your device so you can view them whenever you access your plant collection.

AI Processing: When you use AI identification, photos are sent to third-party AI services (Google Gemini, OpenAI, or Anthropic Claude) for processing. These images are processed solely for plant identification purposes and are not permanently stored by the AI providers beyond the immediate processing period.

Purchase Information

• In-App Purchase History: Records of credit purchases you make through Apple's In-App Purchase system
• Credit Balance: Current number of AI identification credits in your account
• Transaction IDs: Apple-provided transaction identifiers for purchase verification

Device and Usage Information

• Device Information: Device type, operating system version
• Local Storage: SQLite database stored on your device containing your plant data and watering logs
• Notification Preferences: Settings for watering reminder notifications
• API Keys: If you choose to provide your own OpenAI or Anthropic API keys (stored securely on your device)

How We Use Your Information

We use the information we collect to:

1. Provide and Maintain Services

• Create and manage your account
• Enable authentication via Google or Apple
• Store and sync your plant data
• Process plant identification requests
• Manage your credit balance and purchases
• Send watering reminder notifications (if enabled)

2. Improve Our Services

• Understand how users interact with the App
• Develop new features and functionality
• Diagnose and fix technical issues

3. Comply with Legal Obligations

• Respond to legal requests and prevent harm
• Enforce our Terms of Service
• Verify in-app purchases with Apple

Third-Party Services

Authentication Services

We use third-party authentication services to enable secure sign-in:

• Google Sign-In: Provided by Google LLC. Google Privacy Policy
• Sign in with Apple: Provided by Apple Inc. Apple Privacy Policy

Cloud Services

• Firebase (Google): For authentication, cloud storage (Firestore), and cloud functions
  • Firebase Authentication: Manages user accounts
  • Cloud Firestore: Stores user data and purchase records
  • Cloud Functions: Verifies in-app purchases
  • Firebase Privacy Policy

AI Services

When you use AI plant identification, your photos are sent to:

• Google Gemini: For Gemini-based plant identification (primary AI provider when purchasing credits through the app). Google Privacy Policy
• OpenAI: For GPT-based plant identification (if using your own API key). OpenAI Privacy Policy
• Anthropic Claude: For Claude-based plant identification (if using your own API key). Anthropic Privacy Policy

Important: While your photos are stored locally on your device as part of your plant records, images sent to AI providers for identification are:

• Processed in real-time for plant identification
• Not permanently stored by Google, OpenAI, or Anthropic
• Not used to train AI models (per our API agreements)
• Deleted by the AI providers after processing is complete

Payment Processing

• Apple In-App Purchase: All purchases are processed through Apple's secure payment system. We do not collect or store your credit card information. Apple Payments Privacy

Data Storage and Security

Local Storage

• Plant data, watering logs, photos, and preferences are stored locally on your device using SQLite
• API keys (if provided) are encrypted using iOS Keychain via flutter_secure_storage
• Local data persists until you delete the app or use the "Delete Account" feature

Cloud Storage

• User profiles and purchase records are stored in Firebase Firestore
• Data is encrypted in transit (HTTPS/TLS) and at rest
• Data is stored in Google Cloud Platform data centers

Security Measures

We implement appropriate technical and organizational security measures to protect your personal information:

• End-to-end encryption for data transmission
• Secure authentication using OAuth 2.0
• iOS Keychain for sensitive credential storage
• Server-side purchase verification to prevent fraud
• Regular security updates and monitoring

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

Your Data Rights

Access and Portability

You have the right to:

• Access your personal data stored in the App
• Export your plant data and watering logs
• Request a copy of your data in a machine-readable format

To exercise these rights, contact us at support@potterapp.com.

Correction and Update

You can update your profile information directly in the App's Settings page.

Deletion (Right to be Forgotten)

You have the right to delete your account and all associated data:

In-App Deletion:

1. Go to Settings → Account
2. Tap "Delete Account"
3. Confirm deletion

This will permanently delete:

• Your user account from Firebase Authentication
• All cloud data from Firebase Firestore (profile, purchases)
• All local data from your device (plants, photos, watering logs, preferences)

Email Request: You may also request account deletion by emailing support@potterapp.com with the subject "Account Deletion Request."

Deletion Timeframe: Account deletion is immediate and irreversible. Backup copies in our systems will be deleted within 30 days.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or shared (we do not sell your data)
• Right to delete personal information
• Right to non-discrimination for exercising your rights

To exercise your CCPA rights, contact us at support@potterapp.com.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access your data
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Legal basis for processing:

• Consent: For optional features like AI identification and notifications
• Contract: To provide the core services you've signed up for
• Legitimate Interest: To improve and secure our services

To exercise your GDPR rights, contact us at support@potterapp.com.

Data Retention

• Account Data: Retained while your account is active
• Purchase Records: Retained for 7 years for tax and legal compliance
• Plant Data: Retained until you delete individual plants or your account
• Photos: Stored locally on your device and retained until you delete the associated plant or your account
• Watering Logs: Retained until you delete them or your account
• AI Identification Images: Sent to AI providers for processing only; not permanently stored by the AI providers
• Deleted Account Data: Backup copies removed within 30 days of deletion

Children's Privacy

Potter is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@potterapp.com, and we will delete such information from our systems.

International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using the App, you consent to the transfer of your information to the United States and other countries where our service providers operate.

For EEA users, we ensure appropriate safeguards are in place for international data transfers, including:

• EU Standard Contractual Clauses with our service providers
• Processing by providers certified under the EU-U.S. Data Privacy Framework (where applicable)

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (if we have your email)

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: support@potterapp.com

Website: https://potterapp.com

Response Time: We will respond to your inquiry within 30 days.

Consent

By using the Potter app, you consent to our Privacy Policy and agree to its terms.