Garden Ledger
PrivacyTerms

Effective 15-04-2026

Privacy Policy

This Privacy Policy explains how Garden Ledger processes personal data in accordance with the GDPR.

1. Overview

This Privacy Policy explains how Garden Ledger processes personal data in accordance with the GDPR.

2. Data Controller

The data controller is:

  • driek studio
  • KvK: 96762160
  • VAT: NL005229582B78
  • Contact: hi@driek.studio

3. Data We Collect

3.1 Account Data

  • Name
  • Email address
  • Email verification status
  • Optional profile image
  • Timestamps

3.2 Authentication and Security

  • Session tokens
  • Session expiry
  • IP address
  • User agent

3.3 User Business Data

  • Products, pricing, inventory
  • Customers and schedules
  • Sales and financial records
  • Costs and operational logs
  • Flock and production data

3.4 Billing Data

Handled via Stripe:

  • Customer ID
  • Subscription status
  • Billing metadata
  • Webhook records

We do not store full payment card details.

3.5 AI Feature Data

When AI is used:

  • User input and relevant context are sent to Google Gemini
  • Garden Ledger does not store raw AI input
  • Usage logs (user ID and timestamp) are stored

Google may process and retain data according to its own policies.

3.6 Push Notifications

If enabled:

  • Push endpoint
  • Encryption keys
  • Subscription metadata

4. Purpose of Processing

We process data to:

  • Provide the Service
  • Authenticate users
  • Process payments
  • Enable AI functionality
  • Maintain security

5. Legal Basis

Processing is based on:

  • Contract performance
  • Legal obligations
  • Legitimate interest
  • Consent (AI usage and notifications)

6. Data Sharing

We share data only with necessary processors:

  • Stripe for payments
  • Email provider (Resend) for authentication
  • Google Gemini for AI processing
  • Hosting providers

7. International Transfers

Data may be processed outside the EU.

Appropriate safeguards such as Standard Contractual Clauses are applied where required.

8. Data Retention

We retain data:

  • While your account is active
  • As required by law
  • For security purposes

You may request deletion at any time.

9. Your Rights

You have the right to:

  • Access your data
  • Correct data
  • Delete data
  • Restrict processing
  • Object to processing
  • Data portability

Contact: hi@driek.studio

10. Security

We implement appropriate security measures including:

  • Secure authentication
  • Encrypted communication
  • Access control

11. Cookies

The Service uses essential cookies for authentication and security.

No advertising or tracking cookies are currently in use.

12. Children

The Service is not intended for individuals under 16.

13. Changes

This policy may be updated. Continued use implies acceptance.