π‘οΈ
Privacy Policy
Table of Contents
1. Overview
This Privacy Policy explains how the Farmers Bounty WordPress plugin (“Plugin”, “we”, “our”, or “us”), developed by IT Influentials, LLC, collects, uses, stores, and protects your personal data when you use the Plugin and its associated services.
Farmers Bounty is a WordPress plugin that operates within your self-hosted WordPress installation. Most data is stored locally in your WordPress database. However, certain features require data to be transmitted to third-party services for processing, as detailed in this policy.
βΉοΈThe Plugin follows a local-first, privacy-by-design approach. No analytics, telemetry, crash reporting, advertising, or user-behavior tracking is implemented. You control which third-party services are enabled through the Plugin’s Settings page.
By using the Plugin, you consent to the data practices described in this Privacy Policy. If you do not agree with these practices, please do not use the Plugin.
2. Owner & Data Controller
503 Boulevard PL NE Unit B
Atlanta, GA 30308
Owner contact email: compliance@it-influentials.com
As the Plugin operates within your self-hosted WordPress installation, you (the site owner) are jointly responsible for the data stored in your WordPress database. IT Influentials is responsible for the Plugin code and any data transmitted to third-party services through the Plugin’s functionality.
3. Types of Data Collected
3.1 WordPress Account Data
The Plugin accesses your existing WordPress user account information, including:
- WordPress User ID
- Display name
- User role and capabilities
3.2 Garden & Location Data
Core to the Plugin’s functionality, the following location-related data is collected and stored:
- Garden addresses (street address, city, state, zip code)
- Geographic coordinates (latitude and longitude) β derived from addresses via Google Maps Geocoding API
- USDA Hardiness Zone
- Soil type and conditions
- Weather station ID and configuration
- Multiple garden location profiles with beds and zones
3.3 Garden Management Data
Data you create while managing your garden:
- Plant selections and inventory (species, varieties, planter assignments)
- Seed inventory records with supplier and purchase information
- Planting dates, expected harvest dates, and actual harvest records (weight, quality)
- Calendar events and scheduled tasks
- Succession planting schedules and crop rotation plans
- Watering records (dates, amounts, sources, costs)
- Frost alert records and responses
- Garden layout snapshots and designs
- Purchase lists and shopping items (including prices and suppliers)
- Plant diagnosis records and symptoms
- Pollinator sighting observations
- Season learnings and notes
- Food preservation recipes
- Growing Degree Days (GDD) tracking data
- Community garden data (plots, members, volunteer events, shared assets)
- Farm financial records, CSA subscriptions, and livestock logs
- Equipment maintenance records
- Mood journal entries
- Budget and market sales records
3.4 Photos & Media
Photos and images uploaded through the Plugin, including:
- Plant photos for identification (transmitted to PlantNet, Plant.id, and/or Claude Vision APIs)
- Plant diagnosis photos (transmitted to Plant.id Health or Claude Vision API)
- Pollinator sighting photos (stored locally)
- Garden layout photos (stored locally)
3.5 User Preferences & Settings
Preferences stored as WordPress user metadata and plugin options:
- Chatbot conversation history (fb_chat_history)
- Dismissed UI tips and notifications (fb_dismissed_tips)
- Push notification preferences (fb_notification_preferences)
- User persona selection (fb_persona)
- Integration sync logs (Google Calendar, Todoist, AnyList)
- Pinecone semantic search consent flags (journal, learnings, conversations)
- Tavily domain filtering preferences
3.6 Device & Technical Data
Collected for multi-device synchronization and push notifications:
- Device name (user-provided)
- Browser user agent string
- IP address (for sync device registration)
- Application version
- Push notification endpoint URL
- Push notification authentication keys (p256dh, auth)
3.7 AI Interaction Data
When using the AI chatbot or diagnosis features:
- Chat messages and conversation history
- Garden context provided to AI (location, USDA zone, plant inventory)
- Photos submitted for AI analysis
- AI-generated responses and recommendations
- Web search queries via Tavily (search terms only, no personal data)
3.8 Semantic Search Data (Optional)
When Pinecone semantic search is enabled with your explicit consent:
- Vector embeddings of journal entries (if consented)
- Vector embeddings of season learnings (if consented)
- Vector embeddings of AI conversation history (if consented)
- Embeddings are numerical representations only β original text is not stored in Pinecone
3.9 Cached Weather Data
Weather observations retrieved from Weather Underground Personal Weather Stations:
- Temperature, humidity, dewpoint, wind speed
- Barometric pressure, precipitation rates
- Solar radiation, UV index
- Soil temperature and moisture (if sensors available)
4. How Data Is Collected
Data is collected through the following methods:
4.1 Direct Input
Data you actively provide, such as garden addresses, plant selections, notes, photos, chat messages, journal entries, and calendar events.
4.2 Automatic Collection
- WordPress User ID β automatically identified from your WordPress session
- Weather data β automatically fetched from configured weather stations on a scheduled basis
- Device information β collected during sync device registration and push notification setup
- Geographic coordinates β automatically derived from addresses via geocoding
4.3 Third-Party APIs
Data received from external services, including plant database information, weather observations, AI-generated responses, plant identification results, and web search results.
4.4 CSV & Data Import
Data you import via CSV files, HuggingFace datasets, or other import mechanisms.
4.5 Desktop App Sync
When the Farmers Bounty macOS Desktop App is connected via the REST API, garden data is exchanged bi-directionally using WordPress Application Passwords over HTTPS.
4.6 Local Storage
The Plugin uses browser localStorage to persist UI preferences such as admin menu expand/collapse state. No personal data is stored in localStorage. For full details, see our Cookie Policy.
5. Purposes of Processing
Your data is processed for the following purposes:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Garden management | Plant data, calendar events, harvest records, garden locations | Performance of contract |
| Weather-based recommendations | Location coordinates, weather data, plant inventory | Performance of contract |
| AI gardening assistance | Chat messages, garden context, photos | Consent (user-initiated) |
| Plant identification & diagnosis | Photos, plant symptoms | Consent (user-initiated) |
| Address geocoding | Garden addresses | Performance of contract |
| Calendar & task synchronization | Garden tasks, calendar events | Consent (user-configured) |
| Push notifications | Device endpoints, notification keys | Consent (user opt-in) |
| Multi-device sync | Device info, user agent, IP address | Consent (user-configured) |
| Desktop app sync | Full garden data, Application Password credentials | Consent (user-configured) |
| Semantic search | Text embeddings of consented content | Consent (explicit per category) |
| Web-based knowledge search | Search queries only | Consent (user-initiated) |
| Shopping list sharing | Purchase list items, email address | Consent (user-initiated) |
| Data export | All user garden data | User request (data portability) |
6. Third-Party Data Sharing
Your data may be transmitted to the following third-party services when you use the corresponding Plugin features. Data is only shared when you actively use a feature that requires it or when you have explicitly enabled an integration.
βΉοΈThe Plugin does not sell your personal data. No analytics, advertising, or user-tracking data is ever transmitted. Data is shared with third parties only as necessary to provide the features you choose to use.
6.1 AI Services β Anthropic (Claude API)
- Data shared: Chat messages, garden context (location, USDA zone, plant inventory), photos for diagnosis
- Purpose: AI-powered gardening advice and plant diagnosis
- When: When you use the AI Assistant or Diagnostics features
- Privacy policy: https://www.anthropic.com/privacy
6.2 Weather Services β The Weather Company (IBM)
- Data shared: Weather station ID, API key
- Purpose: Retrieve hyperlocal weather observations and forecasts
- When: Automatically on a scheduled basis (every 15 minutes when active)
6.3 Plant APIs β Perenual, Trefle, GBIF
- Data shared: Plant search queries, API keys
- Purpose: Retrieve plant species data and cultivation information
- When: When you search for or add plants to your garden
6.4 Plant Identification β PlantNet (CIRAD) & Plant.id (Kindwise)
- Data shared: Plant photos
- Purpose: Visual plant species identification and health diagnosis
- When: When you use the Plant ID or Diagnostics features
- Privacy policy: https://plantnet.org/en/privacy-policy/
6.5 Semantic Search β Pinecone & OpenAI
- Data shared: Vector embeddings of consented content (journal, learnings, conversations)
- Purpose: Semantic search to improve AI context and relevance
- When: When enabled in Settings with explicit per-category consent
- Note: Original text is not stored in Pinecone β only numerical vector representations
6.6 Web Search β Tavily
- Data shared: Search queries only (no garden data or personal information)
- Purpose: Real-time web search for gardening knowledge
- When: When AI Assistant uses web search to answer your questions
6.7 Google Services
- Google Maps Geocoding: Garden addresses sent for coordinate conversion
- Google Calendar: Garden tasks and events synced when integration is configured
- Privacy policy: https://policies.google.com/privacy
6.8 Task Management β Todoist (Doist Inc.)
- Data shared: Garden tasks and to-do items
- When: When Todoist integration is configured and sync is triggered
6.9 Shopping List β AnyList Integration
- Data shared: Purchase list items via email (wp_mail)
- When: When you share a shopping list to AnyList
6.10 Embeddings β OpenAI (or compatible)
- Data shared: Text content for vectorization (knowledge base content)
- When: When knowledge base content is indexed or searched
6.11 Data Import β HuggingFace
- Data shared: Dataset download requests only (no user data uploaded)
- Purpose: Import curated public gardening datasets
- When: When importing plant data from HuggingFace datasets (admin only)
6.12 Desktop App β WordPress REST API Sync
- Data shared: Full garden data (plants, harvests, seeds, events, journal, locations, layouts)
- Purpose: Bi-directional sync with Farmers Bounty macOS desktop application
- When: When the desktop app is connected and sync is triggered
- Authentication: WordPress Application Passwords over HTTPS (required)
6.13 Smart Devices β Thermacell IoT
- Data shared: Device authentication, control commands, runtime queries
- Purpose: Smart mosquito repellent device management
- When: When Thermacell integration is configured
7. Data Storage & Retention
7.1 Local Storage
The majority of your data is stored locally in your WordPress database in the following custom tables:
wp_fb_user_gardensβ Garden locations and settingswp_fb_user_plantsβ Your garden plantswp_fb_calendar_eventsβ Scheduled tasks and eventswp_fb_harvestsβ Harvest recordswp_fb_season_learningsβ Seasonal noteswp_fb_watering_recordsβ Watering logswp_fb_pollinator_sightingsβ Pollinator observationswp_fb_weather_cacheβ Cached weather datawp_fb_push_subscriptionsβ Push notification subscriptionswp_fb_sync_devicesβ Registered sync devices- And additional tables for plant diagnoses, layouts, purchase lists, frost alerts, succession plantings, preservation recipes, community gardens, farm financials, equipment, mood journals, and market sales
7.2 Caching & Retention Periods
| Data Type | Retention Period |
|---|---|
| Weather observations (current) | 15 minutes (cache refresh) |
| Weather observations (historical) | 24 hours (cache refresh) |
| Plant API data cache | 24 hours (cache refresh) |
| Garden management data | Until user deletes or uninstalls Plugin |
| Chat history | Until user clears or uninstalls Plugin |
| User preferences | Until user changes or uninstalls Plugin |
| Pinecone vector embeddings | Until deleted via Settings or Pinecone index deletion |
| Desktop app synced data | Governed by desktop app retention policy |
| localStorage (UI state) | Until browser data is cleared |
7.3 Data on Uninstall
When the Plugin is uninstalled:
- If you have opted to delete data on uninstall (via Settings), all custom database tables, plugin options, transients, scheduled cron events, and user metadata are permanently removed
- If you have opted to keep data, it remains in your database for potential future reinstallation
- Data that has already been transmitted to third-party services is subject to those services’ own retention policies
- Pinecone vector data persists until deleted via the Plugin’s Settings page or until you delete your Pinecone index
8. Data Security
We implement reasonable security measures to protect your data:
- API keys are stored using an encrypted credential store within WordPress
- All form submissions use WordPress nonces to prevent CSRF attacks
- User input is sanitized and validated before storage
- Database queries use prepared statements to prevent SQL injection
- Output is escaped to prevent XSS attacks
- REST API endpoints require authentication (WordPress Application Passwords)
- Admin pages require appropriate WordPress capabilities (edit_posts or manage_options)
- API call rate limiting (e.g., 100 AI requests per hour per user)
- All network API calls use HTTPS encryption in transit
- Desktop app sync enforces HTTPS β connections over HTTP are rejected
- No telemetry, analytics, or crash reporting services that could leak data
However, no method of electronic storage or transmission is 100% secure. We cannot guarantee the absolute security of your data, particularly data transmitted to third-party services over the internet.
9. Your Data Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
9.1 Access & Portability
You can export all your data at any time using the Data Export feature (found in the Tools & Data menu). Exports are available in JSON and CSV formats and include all garden data categories.
9.2 Correction
You can update or correct any data within the Plugin at any time through the respective management pages.
9.3 Deletion
You can delete individual records through the Plugin’s management interfaces. To delete all data, you can uninstall the Plugin with the “Delete data on uninstall” option enabled in Settings. For Pinecone vectors, use the “Delete All Vector Data” button in Settings.
9.4 Restriction
You can restrict data processing by:
- Not configuring optional integrations (Google Calendar, Todoist, AnyList, Thermacell)
- Not using AI features (chatbot, diagnosis, Plant ID)
- Not enabling push notifications
- Not enabling multi-device sync
- Not enabling Pinecone semantic search
- Revoking consent for individual Pinecone data categories (journal, learnings, conversations)
- Not connecting the desktop app via REST API
9.5 California Residents (CCPA)
If you are a California resident, you have the right to:
- Know what personal data is being collected
- Know whether your personal data is sold or disclosed, and to whom
- Say no to the sale of personal data (we do not sell personal data)
- Request deletion of personal data
- Not be discriminated against for exercising your privacy rights
9.6 European Users (GDPR)
If you are in the European Union, you additionally have the right to:
- Withdraw consent at any time
- Object to data processing based on legitimate interest
- Lodge a complaint with a supervisory authority
To exercise any of these rights, please contact us at: compliance@it-influentials.com
10. Children’s Privacy
The Plugin is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at compliance@it-influentials.com so we can take appropriate action.
11. International Data Transfers
Your data is stored locally in your WordPress database on your hosting server. However, when data is transmitted to third-party API services, it may be transferred to and processed in countries other than your own, including the United States. These transfers are necessary to provide the Plugin’s functionality.
Where data is transferred internationally, we rely on the third-party providers’ own safeguards and compliance measures. For European users, we note that the United States does not have an adequacy decision from the European Commission; transfers are based on the necessity of the transfer for the performance of the contract and/or your explicit consent when using optional features.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of significant changes by updating the “Last Updated” date at the top of this policy and, where appropriate, providing additional notice within the Plugin.
Your continued use of the Plugin after changes are posted constitutes your acceptance of the revised Privacy Policy.
13. Contact Information
If you have any questions about this Privacy Policy, wish to exercise your data rights, or have concerns about your privacy, please contact:
503 Boulevard PL NE Unit B
Atlanta, GA 30308
Website: https://it-influentials.com
Email: compliance@it-influentials.com