Privacy Policy

1. Information We Collect

When you use Loco Lite, we collect the following information:

• Account Data: Your name, email address, and profile picture provided through Google OAuth sign-in.
• User Content: Photos you upload for plant diagnostics, text you enter for course generation, and chat messages sent to the AI mentor.
• Usage Data: Service usage statistics (e.g., number of analyses performed, courses generated) for quota management and service improvement.
• Device Data: Browser type, device type, and screen resolution for responsive design optimization. We do not collect device identifiers.
• Payment Data: Payment processing is handled entirely by Stripe. We never store credit card numbers, CVVs, or full payment credentials on our servers.

2. How We Use Your Information

• To provide, operate, and improve the Loco Lite service.
• To process your plant diagnostic requests using AI analysis.
• To generate personalized cultivation courses and AI mentoring responses.
• To manage your account and subscription tier.
• To communicate important service updates and security notices.
• To prevent fraud and enforce our Terms of Service.

3. AI Processing & Third-Party Services

Loco Lite uses Google Gemini AI models to process your plant photos, generate courses, and provide chat responses. When you submit content for analysis, it is sent to Google's AI services for processing. Google's use of this data is governed by their own Privacy Policy.

Payment processing is handled by Stripe, subject to Stripe's Privacy Policy.

4. Data Retention

• Account data is retained for the duration of your account.
• Diagnostic results and courses are retained until you delete them or close your account.
• Uploaded images are processed in real-time and are not stored permanently on our servers after analysis is complete.
• Chat history is retained to provide context for follow-up conversations.
• Upon account deletion, all personal data is permanently removed within 30 days.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data transmitted between your device and our servers is encrypted using TLS/HTTPS.
• Authentication tokens are cryptographically signed (JWT) and expire automatically.
• Database connections are encrypted and access is restricted to authorized services only.
• We regularly update our systems and dependencies to address security vulnerabilities.

6. We Do Not Sell Your Data

We never sell, rent, or trade your personal information to third parties. Your data is used solely to provide and improve the Loco Lite service. We do not share your data with advertisers or data brokers.

7. Cookies & Local Storage

Loco Lite uses browser local storage to store your authentication token for session persistence. We do not use tracking cookies or third-party analytics trackers. No advertising cookies are used.

8. Age Requirement

Loco Lite is intended for users aged 18 and older. By creating an account, you confirm that you are at least 18 years of age. We do not knowingly collect information from individuals under 18. If we become aware that a user is under 18, we will promptly delete their account and all associated data.

9. Your Rights

You have the right to:

• Access your personal data at any time through your account dashboard.
• Request deletion of your account and all associated data.
• Export your data in a portable format.
• Withdraw consent for data processing at any time by closing your account.
• Lodge a complaint regarding our data practices.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by prominently posting a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or your data, please contact us at privacy@locolite.app.