Privacy Policy

Verdica — AI Plant Intelligence Platform
Cat Barn LLC · Boise, Idaho
Last Updated: July 2, 2026 · Effective: July 2, 2026
Privacy Summary: We collect minimal data. We do NOT use analytics or advertising trackers. We use one httpOnly session cookie for authentication and a device/browser fingerprint (browser and hardware characteristics, including canvas and WebGL rendering) used solely to detect automated or abusive access and bind your session; never for advertising, analytics, cross-site tracking, or profiling, and never sold or shared. Your substance/drug names, dosages, and health notes are stored only on your device and are never sent to or stored on our servers. Other content you save on our servers (garden notes, chat messages) is encrypted with AES-256-GCM. We never sell your data.
Table of Contents
  1. Introduction
  2. Data We Collect
  3. Data We Do NOT Collect
  4. How We Use Your Data
  5. Third-Party Services
  6. Data Encryption
  7. Data Retention
  8. Your Rights (GDPR)
  9. Your Rights (CCPA/CPRA)
  10. Health Data (GDPR Art. 9)
  11. Children's Privacy
  12. International Transfers
  13. Data Breach Notification
  14. Changes to This Policy
  15. Contact

1. Introduction

This Privacy Policy explains how Cat Barn LLC ("Company," "we," "us," "our"), an Idaho limited liability company, collects, uses, stores, and protects your personal information when you use the Verdica application ("App").

By using the App, you consent to the collection and use of information as described in this Privacy Policy. This Policy should be read alongside our Terms of Service.

Data Controller: Cat Barn LLC, Boise, Idaho, United States. Contact: [email protected].

EU/EEA Users: Verdica is operated from the United States, offered in English with U.S.-dollar pricing, and is not marketed, advertised, or specifically directed to users in the European Union or the EEA. If you are an EU/EEA resident with a privacy question, you may contact [email protected].

2. Data We Collect

2.1 Account Data (from Google OAuth)

DataSourceEncryptedPurpose
Email addressGoogle OAuth 2.0NoAccount identification, communications
Display nameGoogle OAuth 2.0NoUI personalization
Google subject IDGoogle OAuth 2.0NoAuthentication token binding

2.2 User-Generated Data

DataEncryptedSharedRetention
Substance/drug namesOn-device only — never sent to or stored on our serversNever (stored only on your device)Until you delete on your device
Substance dosage, frequency, notesOn-device only — never sent to or stored on our serversNever (stored only on your device)Until you delete on your device
Garden plant nicknames✓ AES-256-GCMNeverUntil you delete
Light Scout spot names✓ AES-256-GCMNeverUntil you delete
Light Scout lux readingsNo (numeric only)NeverUntil you delete
Chat messages (AI Garden Chat)✓ AES-256-GCM (at rest)Google Gemini API (decrypted for processing; see §5)Until account deletion
Scan feedback notes✓ AES-256-GCMNeverUntil account deletion
Scan history (species IDs, identification results)NoNeverUntil account deletion
Bug reports / feedbackNo (admin-readable)Never3 years or on request

2.3 Data Sent to Third Parties During a Scan

DataSent ToOur Retention
Scan photographsPlant.id, Google Gemini (cloud identification only)Retained for your scan history; deleted on account deletion
GPS coordinates (optional, user-controlled)Plant.id (if enabled)Stored with the scan when location is granted (see §2.4)
Purchase tokensGoogle Play BillingNot retained

2.4 Approximate Location (stored with a scan, only if you grant it)

If you grant the App location permission when you take a scan, the approximate location (latitude and longitude) of that scan is stored alongside the scan record so we can provide location-aware features such as the foraging map and regional frost and weather context. This is optional: if you deny or revoke location permission, no coordinates are captured or stored, and the App continues to work for identification. Stored scan coordinates are retained with the scan until you delete the scan or your account.

2.5 Crash and Diagnostic Reports

The App can submit crash and diagnostic reports to us to help us find and fix bugs. These reports are limited to technical error information — an error message, the error type, the source location and line number, a stack trace, the in-app screen (URL fragment), and a timestamp. They are not intended to contain your substance/drug names, garden notes, or chat content, and we do not collect those intentionally; however, because an error message can occasionally include surrounding text, please avoid entering sensitive personal data into free-text fields. We use crash and diagnostic reports solely to diagnose and fix problems, not for advertising, profiling, or analytics.

3. Data We Do NOT Collect

Verdica does not use any tracking, analytics, or advertising technologies.
  • ✗ No analytics — No Google Analytics, Firebase Analytics, Mixpanel, or any usage tracking
  • ✗ No advertising SDKs — No ads, no ad networks, no ad identifiers
  • ✗ No third-party crash/analytics SDKs — No Sentry, Crashlytics, or Bugsnag. We do operate our own first-party crash and diagnostic reporting to fix bugs; what it contains and how it is used is described in §2.5.
  • ✓ Anti-bot protection — A device/browser fingerprint (browser and hardware characteristics, including canvas and WebGL rendering) is generated and used solely to detect automated or abusive access and bind your session; never for advertising, analytics, cross-site tracking, or profiling, and never sold or shared. No IMEI, advertising IDs, or hardware serial numbers are collected.
  • ✓ Minimal cookies — One httpOnly, Secure session cookie for authentication only. SameSite policy is set to the most restrictive value supported by each access context (Strict for web sessions, adjusted for cross-origin authentication where required by the Android app). No tracking, analytics, or third-party cookies.
  • ✓ Request integrity verification — API requests may include a cryptographic signature derived from the request payload and a server-side secret to verify request authenticity and prevent tampering. No personal data or device identifiers are included in this signature.
  • ✗ No background or persistent location tracking — We never track your location in the background or continuously. Location is used only at the moment you take a scan, and only if you grant permission; when granted, the scan's approximate coordinates are stored with that scan as described in §2.4.
  • ✗ No data sales — We do not sell, rent, lease, or trade your personal data to anyone
  • ✗ No behavioral profiling — We do not build user profiles for marketing or advertising

4. How We Use Your Data

We use your data solely for the following purposes:

PurposeLegal Basis (GDPR)Data Used
Provide the App's core featuresPerformance of contract (Art. 6(1)(b))Account data, scan data, garden data
Authenticate your identityPerformance of contract (Art. 6(1)(b))Google OAuth tokens
Process your one-time app purchase and any Leaf credit (token) purchasesPerformance of contract (Art. 6(1)(b))Google Play purchase tokens
Display herb-drug interaction educational referencesExplicit consent (Art. 9(2)(a))Substance names (stored only on your device)
Provide AI Garden Chat responsesPerformance of contract (Art. 6(1)(b))Chat messages (sent to Gemini API)
Respond to support requestsLegitimate interest (Art. 6(1)(f))Email, bug reports
Legal compliance (waiver proof, identity verification)Legal obligation (Art. 6(1)(c)); Art. 17(3)(e)Email address, IP address, acceptance timestamp, content hash

5. Third-Party Services

The App integrates with the following third-party services. Your saved substance/drug list is stored only on your device and is never transmitted to us or any third party. NOTE: text you type into AI Garden Chat is processed by Google Gemini — do not enter substance, drug, or health details into chat.

ServiceProviderData SharedTheir RetentionTheir Privacy Policy
Plant.idKindwise s.r.o. (Czech Republic)Scan photos, optional GPS~30 daysLink
Google Gemini APIGoogle LLC (USA)AI chat messages and plant context; and scan photos (cloud identification)Up to 30 daysLink
Google Vertex AI (imagen)Google LLC (USA)Garden Designer yard, calibration, and render photos (used to generate your garden visualization)Up to 30 daysLink
Google OAuth 2.0Google LLC (USA)Authentication tokensPer Google termsLink
Google Play BillingGoogle LLC (USA)Purchase tokens onlyPer Google termsLink
OpenWeatherMapOpenWeather Ltd (UK)Approximate location coordinates, only for weather and frost contextPer OpenWeather termsLink
Cloudflare CDN / WAFCloudflare, Inc. (USA)Network traffic transits Cloudflare for TLS termination, CDN delivery, and DDoS/WAF protection (no application content is shared for any other purpose)Per Cloudflare termsLink
Proprietary Vision AI (self-hosted)Cat Barn LLC (self-hosted)Scan photos (stays on our server)Not retainedThis policy

We do not control the data practices of third-party providers. We encourage you to review their privacy policies.

6. Data Encryption & Security

6.1 Encryption at Rest

  • Field-level encryption: 10 sensitive fields across 6 database tables are encrypted with AES-256-GCM (authenticated encryption with associated data). Each field uses a unique initialization vector.
  • Whole-database encryption: Our database files are encrypted at rest with SQLCipher (AES-256) whole-database encryption, which covers the database contents on disk. Sensitive fields additionally carry the per-user AES-256-GCM field-encryption layer described above.
  • Photo encryption: Uploaded photos stored on our server are encrypted on a per-file basis with AES-256-GCM.
  • Encrypted backups: Database backups are encrypted.
  • Secure deletion: The database is configured to overwrite the on-disk space of deleted content (secure-delete enabled) to reduce the risk of recovering removed data.
  • Server-encrypted fields include: garden nicknames, Light Scout spot names, chat messages, and scan feedback. (Your substance/drug names, dosages, frequencies, and notes are never sent to our servers — they are stored only on your device, so no server-side encryption applies to them.)

6.2 Encryption in Transit

  • All data transmitted between your device and our servers is encrypted via TLS 1.3 (HTTPS). TLS 1.3 is terminated at our CDN edge (Cloudflare) fronting a private origin tunnel.

6.3 Access Controls

  • Server access is restricted to the application owner only (no employee access)
  • Database credentials are environment-variable injected, not stored in code
  • Application containers run as non-root user with read-only filesystem where possible

7. Data Retention

Data CategoryRetention PeriodDeletion Method
Account data (email, name)Until account deletionPersonal fields cleared and the account row deactivated as an anonymized tombstone (which holds no personal data); a plaintext copy of your email is retained for 7 years in the legal-hold acceptance records below
User-generated content (gardens, scans, chat)Until account deletionThe encrypted records are permanently and irreversibly deleted (hard delete)
Substance/drug dataUntil you delete it on your device (stored only on your device)The records are permanently and irreversibly deleted from your device (hard delete)
Scan photographsRetained for scan history display; deleted on account deletionAccount lifetime
Legal agreement acceptance records (Terms of Service, Privacy Policy, Health Disclaimer, and age affirmation)7 years from account deletion date (legal hold)Email address, agreement version, cryptographic proof of signed text, IP, and user agent retained under GDPR Art. 17(3)(e) for defence of legal claims
Bug reports / feedback3 years or until request for deletionDeletion on request or scheduled purge

Legal Hold — Agreement Records: Upon account deletion, we retain the following data from each legal agreement you accepted (Terms of Service, Privacy Policy, Health Disclaimer) and your age affirmation (that you confirmed you are 13+) for seven (7) years from the date of account deletion, pursuant to GDPR Article 17(3)(e) (establishment, exercise, or defence of legal claims):

  • Your email address
  • An HMAC-SHA256 cryptographic hash of your email address (lookup key)
  • Acceptance timestamp
  • Your IP address at the time of acceptance
  • Your user agent (browser/device identifier) at the time of acceptance
  • The waiver type and version identifier
  • A SHA-256 hash of the exact agreement text you accepted (cryptographic proof of what you signed)

This data is stored in an append-only audit log and is used solely for the purpose of proving your consent to these agreements in legal proceedings. It is never used for marketing, profiling, or any other purpose. The legal basis for this retention is compliance with a legal obligation (GDPR Art. 6(1)(c)) and the defence of legal claims exception to the right of erasure (GDPR Art. 17(3)(e)).

Why seven (7) years. The App is intended for users 13 years of age and older. Under Idaho Code §5-230, a minor's limitations clock is tolled during minority (subject to a six-year cap), so a personal-injury claim with a two-year limitations period (Idaho Code §5-219) brought by a user who was 13 at the time can be asserted up to approximately seven years after the event. Retaining proof of your acceptance for seven years is therefore necessary and proportionate to the establishment, exercise, or defence of legal claims (GDPR Art. 5(1)(e) and Art. 17(3)(e)), and reflects the corresponding US litigation-hold basis.

8. Your Rights Under GDPR (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation:

RightDescriptionHow to Exercise
Access (Art. 15)Request a copy of all personal data we hold about youEmail [email protected]
Rectification (Art. 16)Correct inaccurate personal dataEdit in-app or email us
Erasure (Art. 17)Delete all your personal dataIn-app: Profile → Delete Account
Portability (Art. 20)Request a machine-readable copy of your personal dataEmail [email protected]; we will provide it within 30 days of a verified request
Restriction (Art. 18)Restrict processing of your dataEmail [email protected]
Object (Art. 21)Object to processing based on legitimate interestEmail [email protected]
Withdraw consent (Art. 7(3))Withdraw consent for health data processing at any timeDelete substance entries in-app

We will respond to all GDPR requests within thirty (30) days. You also have the right to lodge a complaint with your local data protection authority.

9. Your Rights Under CCPA/CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act (as amended by the California Privacy Rights Act) provides you with the following rights:

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request deletion of your personal information.
  • Right to Opt-Out of Sale: We do NOT sell your personal information. We do not share personal information for cross-context behavioral advertising. Therefore, no opt-out is required.
  • Right to Correct: You may request correction of inaccurate personal information (CPRA addition).
  • Right to Limit Use of Sensitive Personal Information: Your substance/drug names are stored only on your device and used solely for displaying interaction references. We do not use sensitive PI for purposes beyond providing the service.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
Do Not Sell or Share: Cat Barn LLC does NOT sell, share, or trade your personal information to any third party for monetary or other valuable consideration. Period.

To exercise your rights, contact [email protected]. We will verify your identity and respond within forty-five (45) days.

10. Health Data & Special Category Data (GDPR Article 9)

Important: If you use the herb-drug interaction educational reference feature, the substance/drug names you enter are classified as special category data (health data) under GDPR Article 9.

We process this data only with your explicit consent (GDPR Art. 9(2)(a)), which you provide through the one-time onboarding acceptance together with the in-app confirmation shown at the point you first enter substance data. You may withdraw consent at any time by deleting your substance entries within the App.

Your substance and drug names are:

  • Stored only on your device (the app's private, OS-sandboxed local storage) — they are never sent to or stored on our servers
  • Never shared with us or any third-party service (including Plant.id, Google Gemini, or Google Play). NOTE: text you type into AI Garden Chat is processed by Google Gemini — do not enter substance, drug, or health details into chat
  • Never used for advertising, profiling, or any purpose other than displaying interaction educational references to you on your device
  • Permanently and irreversibly deleted from your device when you delete them (hard delete)

HIPAA Disclaimer: Cat Barn LLC is not a HIPAA-covered entity. The App is not a medical device or health service. Substance data is collected for educational reference purposes only.

11. Children's Privacy

The App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA).

If we discover that a child under 13 has created an account, we will promptly delete the account and its personal data, subject to the same limited legal-hold retention and anonymized account tombstone described in §7 (the acceptance-proof records kept for defence of legal claims, and the deactivated account row that holds no personal data). If you believe a child under 13 has provided us with personal information, please contact [email protected].

12. International Data Transfers

Our servers are located in the United States. If you access the App from the European Union, European Economic Area, or other regions with data protection laws, your data will be transferred to and processed in the United States.

For EU/EEA users, this transfer is based on the EU-US Data Privacy Framework:

  • EU-US Data Privacy Framework — The European Commission has determined that the United States ensures an adequate level of protection for personal data transferred from the EU to organizations participating in the EU-US Data Privacy Framework (Commission Implementing Decision (EU) 2023/1795 of 10 July 2023). We rely on self-certification under, and adherence to the principles of, the EU-US Data Privacy Framework as the basis for these transfers.
  • Standard Contractual Clauses — Where and to the extent the Data Privacy Framework does not apply, we rely on the European Commission's Standard Contractual Clauses, together with any supplementary measures appropriate to the transfer, as an alternative transfer mechanism.

Scan photos sent to Plant.id are processed by Kindwise s.r.o. in the Czech Republic (EU), subject to GDPR directly.

13. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms:

  • We will notify affected users via email within 72 hours of becoming aware of the breach (GDPR Art. 33)
  • We will notify the relevant data protection authority within 72 hours
  • We will notify the FTC as required under the Health Breach Notification Rule (16 CFR Part 318) if health data is involved
  • We will notify the Idaho Attorney General as required under Idaho Code §28-51-105

Our internal breach response procedures are documented and tested.

Liability Limitation for Security Incidents: Cat Barn LLC implements industry-standard security measures including AES-256-GCM field encryption, SQLCipher whole-database encryption, per-file AES-256-GCM photo encryption, encrypted backups, TLS 1.3, and non-root containerized deployment. Despite these measures, no system is immune to unauthorized access. To the maximum extent permitted by law, Cat Barn LLC shall not be liable for damages arising from unauthorized access to, alteration of, or destruction of your data by third parties (hackers, state actors, or other malicious agents) where we have implemented reasonable security measures. This limitation does not apply where the breach resulted from Cat Barn LLC's gross negligence or willful misconduct. See our Terms of Service §15 for complete limitation of liability.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

  • A prominent in-app notification requiring acknowledgment
  • Email to your registered Google account address
  • At least thirty (30) days before the changes take effect

Your continued use of the App after the effective date constitutes acceptance of the updated Privacy Policy. If you do not agree, you must stop using the App and delete your account.

15. Contact

For privacy inquiries, data requests, or complaints (response within 30 days for GDPR, 45 days for CCPA):

Cat Barn LLC
Email: [email protected]
Boise, Idaho, United States

EU residents may also contact their local data protection authority.

© 2026 Cat Barn LLC. All rights reserved.

Terms of Service · Health Disclaimer · Account Deletion ·