Back to Living Yard

Privacy Policy

Last updated: January 23, 2026

Introduction

Living Yard ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at livingyardapp.com (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies, please do not use the Service.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address - Used for authentication, account recovery, and important service updates
  • Password - Stored securely using industry-standard hashing (never stored in plain text)

Location Information

To provide personalized native plant and wildlife recommendations, we collect:

  • ZIP code - Used to determine your USDA hardiness zone
  • State - Used to show plants native to your region
  • Hardiness zone - Used to filter plants suitable for your climate

What we don't collect: We do not collect precise GPS coordinates, street addresses, or use IP-based geolocation. Your location data is general (regional level) and is only used to improve your gardening recommendations.

Garden and Observation Data

When you use the Service, we store:

  • Garden plants - Plants you add to your virtual garden
  • Wildlife observations - Species you've observed, dates, and notes
  • Photos - Images you upload for species identification or observation records
  • Journey progress - Your achievements and milestones

How We Use Your Information

We use the information we collect to:

  • Provide and maintain the Service
  • Personalize your experience with region-specific plant recommendations
  • Show ecological impact data (species supported by your garden)
  • Track your progress through the journey/milestone system
  • Send important service updates and security notices
  • Respond to your support requests
  • Improve the Service based on usage patterns (aggregated, anonymized data only)

Third-Party Services

We use the following third-party services to provide the Service:

Supabase

Database hosting, user authentication, and file storage. Your data is stored securely on Supabase's infrastructure.

Supabase Privacy Policy →

iNaturalist API

AI-powered species identification from photos. When you upload a photo for identification, it is sent to iNaturalist's Computer Vision API. Photos are processed for identification only and are not stored by iNaturalist.

iNaturalist Privacy Policy →

Zippopotam.us

ZIP code lookup service for determining your location. Only the ZIP code you enter is sent to this service; no personal information is transmitted.

Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit - All data is transmitted over HTTPS/TLS
  • Encryption at rest - Database and file storage are encrypted
  • Row Level Security (RLS) - Database policies ensure you can only access your own data
  • Authentication - Secure session management with automatic expiration
  • Input validation - All user inputs are validated and sanitized
  • Password hashing - Passwords are hashed using bcrypt (never stored in plain text)

Data Retention

We retain your data for as long as your account is active. When you delete your account:

  • All your personal data is permanently deleted
  • Your garden plants, observations, and photos are removed
  • Your location data is deleted
  • Deletion is automatic and irreversible (via database cascade)

We may retain anonymized, aggregated data for analytics purposes (e.g., "X users in zone 5 added coneflowers in June") that cannot be linked back to individual users.

Your Rights

You have the following rights regarding your data:

  • Access - View all data we have about you via your profile and dashboard
  • Correction - Update your location, observations, and garden data at any time
  • Deletion - Delete your account and all associated data
  • Export - Contact us to request a copy of your data
  • Opt-out - You can stop using the Service at any time

Cookies and Local Storage

We use minimal cookies and browser storage:

  • Authentication cookies - Essential for keeping you logged in
  • Local storage - Stores preferences like completed onboarding status

We do not use tracking cookies, advertising cookies, or third-party analytics that follow you across websites.

Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date at the top
  • Sending an email notification for significant changes (optional)

We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have questions about this Privacy Policy or your data, please contact us:

Email: privacy@livingyardapp.com

GitHub: Open an issue

← Back to Living YardTerms of Service →