Privacy Policy

GROW (the "app") is operated by The Visionary Platform LTD ("we", "us", "our"), a company registered in England & Wales (company no. 17198186), registered office 167-169 Great Portland Street, 5th Floor, London, W1W 5PF, United Kingdom. We are the data controller for the personal data described here. ICO registration: [ICO reference — add once registered].

1. What personal data we collect

Category	Examples
Account	Name, email address, password (stored only as a secure hash), profile photo (optional).
Garden & usage	Details you add about your garden — growing areas, plants, beds, notes, tasks, harvests — and how you use the app.
Photos you upload	Pictures of plants, soil, gardens, rooms or produce you choose to scan or add.
Approximate location	Coordinates / place name you provide or allow, used for local weather and seasonal guidance. You can use the app without precise location.
Device & technical	Device type, app version, and (if you enable notifications) a push-notification token.
Communications	Emails and messages you send us (e.g. support@grow-app.co.uk) and your waitlist sign-up email.
Marketplace	Listings you create and basic contact info you choose to share with other users.

We do not intentionally collect special-category data (e.g. health, ethnicity). Please don't include such information in photos or notes.

2. How we use your data

• To provide the app — your account, digital garden, care guidance and history.
• To run AI features you ask for (plant/soil/garden/room scans, Sprout, Garden Studio) — see section 4.
• To send service emails (welcome, password reset, important notices) and, if you opt in, the waitlist/launch email.
• To provide local weather and seasonal advice using your approximate location.
• To keep the app safe and secure, prevent abuse, and fix problems.
• To improve GROW (in aggregated or de-identified form where possible).
• To comply with our legal obligations.

3. Legal bases (UK GDPR)

• Contract — to provide the app and features you sign up for.
• Consent — for optional things like precise location, push notifications and marketing/waitlist emails. You can withdraw consent at any time.
• Legitimate interests — to keep the service secure, prevent fraud/abuse, and improve GROW, balanced against your rights.
• Legal obligation — where the law requires us to retain or disclose information.

4. AI features

Some features send your input — for example a photo you scan, or text you ask Sprout — to trusted third-party AI providers (currently Google, via the Gemini API) to generate a result such as a plant identification, soil reading, care suggestion or a redesigned garden image.

• We send only what's needed to produce the result you requested.
• AI output can be inaccurate or incomplete — it is guidance, not professional horticultural, financial, structural or safety advice. Always use your own judgement.
• We ask providers not to use your content to train their general models where that option is available, but you should review the relevant provider's terms.

5. Who we share data with

We never sell your personal data. We share it only with service providers ("processors") who help us run GROW, under contract and only as needed:

Provider	Purpose
Google (Gemini API)	AI plant/soil/garden analysis & image generation
Resend	Sending transactional & waitlist emails
Cloudflare	Website hosting, DNS, security, email routing and image/file storage (R2)
Cloud hosting & storage providers	Running our servers, database and image storage

We may also disclose data if required by law, to protect our rights or users' safety, or in connection with a business sale/reorganisation (with appropriate protections).

6. Marketplace

GROW's marketplace simply connects gardeners. When you create a listing, the details and any contact information you choose to share become visible to other users so they can reach you. Buyers and sellers deal directly with each other — GROW is not a party to any transaction and does not process payments. Please share only what you're comfortable making visible to others.

7. International transfers

Some providers (e.g. Google, Resend, Cloudflare) operate outside the UK, including in the USA. Where data is transferred outside the UK/EEA, we rely on appropriate safeguards such as UK International Data Transfer Agreements / EU Standard Contractual Clauses or an adequacy decision.

8. How long we keep your data

We keep your data while your account is active and as needed to provide the service. If you delete your account, we delete or anonymise your personal data within a reasonable period, except where we must keep certain records to meet legal obligations or resolve disputes. Aggregated/de-identified data may be kept indefinitely.

9. Your rights

Under UK/EU data protection law you have the right to: access your data; correct it; delete it; restrict or object to processing; data portability; and withdraw consent. To exercise any of these, email support@grow-app.co.uk. You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

10. Children

GROW is intended for users aged 16 and over. We don't knowingly collect data from children under 16. If you believe a child has provided us data, contact us and we'll delete it.

11. Security

We use industry-standard measures to protect your data — encryption in transit, hashed passwords, access controls and reputable infrastructure providers. No system is perfectly secure, but we work to keep your information safe and will notify you and the ICO of a serious breach where legally required.

12. Cookies

Our website uses only essential cookies needed to function. See our Cookie Policy for details.

13. Changes to this policy

We may update this policy from time to time. We'll change the "Last updated" date above and, for significant changes, notify you in the app or by email.

14. Contact us

Questions or requests about your data? Email support@grow-app.co.uk or write to The Visionary Platform LTD, 167-169 Great Portland Street, 5th Floor, London, W1W 5PF, United Kingdom.