Privacy Policy for Plantix

Last Updated: 1 October 2025


This Privacy Policy explains how Plantix, operated by PEAT GmbH (Berlin, Germany), collects, uses, and protects your personal data when you use our App, Website, Community, and related services (together, the “Services”). We are committed to safeguarding your privacy in line with the General Data Protection Regulation (GDPR) and other international data protection laws.


1. Controller Information

The Controller responsible for your personal data is PEAT GmbH, located at Rosenthaler Str. 13 10119 Berlin, Germany. You can contact us by email at privacy@plantix.net.


Data Protection Officer (DPO):
Dennis R. Jlussi
paxaru Rechtsanwaltsgesellschaft mbH
Berliner Allee 13
30175 Hannover
E-Mail: datenschutz@paxaru.com

2. Information We Collect

You can use many features of Plantix without creating an account. If you decide to register, the data we collect depends on the method you choose. For example, if you create an account with an email and password, we collect that information. If you use a Single Sign-On option such as Google or Facebook, or register with a phone number, we collect only the information needed to authenticate you.


When you participate in the Community, the content you choose to share publicly such as posts, comments, and your display name will be visible to other users. Plant diagnosis images are not treated as public content. They are used only for diagnostic purposes and are anonymised before being processed.


We also automatically collect information about your device and how you use our Services. This may include details such as your operating system, browser type, language preferences, approximate location (if enabled), app performance, clickstream data, and crash reports. Where possible, this information is anonymised or pseudonymised in line with GDPR Art. 5 principles of data minimisation and purpose limitation.


If you participate in surveys or research activities, we may process your responses and feedback. Any audio input you provide is converted into text locally on your device, and no audio recordings are stored.

3. How We Use Information

We use your personal data to provide and maintain our Services, to personalise your experience, and to ensure functionality. We also use it to analyse performance and improve our features, to communicate with you about updates and support, and to comply with legal obligations where required.

4. Legal Bases for Processing

As explained in Clause 2 (“What Data We Collect”), certain information such as your username and any posts or comments you make in the Community is shared publicly by default. Apart from this Community content, we do not sell your personal data and only share it in limited circumstances.

  1. Service providers: We may share information with trusted third parties who help us provide, maintain, or improve the Services, such as hosting providers, analytics partners, and security vendors. These providers are bound by contractual obligations to process data only on our instructions and with appropriate safeguards.
  2. Within our group: Your information may be shared with other companies within the Plantix/PEAT group, but only where necessary and subject to this Privacy Policy.
  3. For legal reasons: We may disclose information if we believe it is necessary to comply with a legal obligation, enforce our Terms of Service, protect the safety of our users, or defend our rights.
  4. Business transfers: If Plantix is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to standard safeguards and notification.
  5. Aggregated or anonymised data: We may share aggregated or anonymised information that cannot reasonably be used to identify you, for example to demonstrate trends or research results.

6. Third-Party Services

  1. We work with carefully selected third-party service providers to help us operate, secure, and improve Plantix. These may include providers of analytics, cloud hosting, crash reporting, and other technical support services. Each of these providers processes personal data in line with their own privacy policies and applicable data protection laws.
  2. We only share information with such providers where it is necessary for them to deliver their services to us, and we ensure appropriate contractual and technical safeguards are in place. A full list of the third-party providers we currently use can be provided upon request by contacting us at privacy@plantix.net.

7. Cookies and Tracking Technologies

When you visit the Plantix Website, we may use cookies or similar technologies to help the site function, understand usage, and improve performance. We do not use cookies for advertising. You can manage or disable cookies through your browser settings, but please note that some features of the Website may not work properly if cookies are disabled.

8. Data Retention

We retain your personal data only for as long as it is necessary. If you delete your account, your account data will be removed except where we are required to retain it for legal defence, for example for up to three years. Analytics and crash data are either anonymised or deleted after a maximum of twenty-six months. Survey and research data are anonymised whenever possible and kept only as long as needed for research purposes.

9. Your Rights

You have the right to access the personal data we hold about you, to request corrections, and to ask us to delete it. You may also request restrictions on processing, object to certain uses, or ask us to transfer your data to another provider. Where processing is based on your consent, you may withdraw that consent at any time. To exercise these rights, you can contact us at privacy@plantix.net.

10. International Transfers

Some of our service providers are located outside the European Economic Area. If we transfer your personal data to these providers, we take steps to ensure an adequate level of protection, such as relying on adequacy decisions by the European Commission or Standard Contractual Clauses. You may contact us if you would like further information about these safeguards.

11. Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, loss, or disclosure. These include encryption, access controls, regular audits, and secure storage. While we make every effort to safeguard your data, no method of transmission or storage is completely secure.

12. Plantix Marketplace

If you choose to use Plantix Dukaan or interact with the Open Network for Digital Commerce (ONDC) through our Services, please note that these platforms are subject to their own terms and privacy policies. While certain account or transaction information may be shared to enable your use of these services, the handling of your personal data within Plantix Dukaan or ONDC is governed by their respective policies.


Please also note that ONDC may have its own separate return policy, and other applicable terms, which apply in addition to this Privacy Policy. We encourage you to review those policies carefully before using their services.

13. Changes

We may update this Privacy Policy from time to time. The most recent version will always be available at https://plantix.net/en/imprint/privacy-policy/. If we make significant changes, we will notify you by email (if available) or through a prominent notice in the App, Website, or Community. By continuing to use Plantix after updates, you agree to the revised policy.

14. Regional Supplements

India

If you are located in India, the following additional terms apply:

  1. Grievance Officer: In compliance with the Digital Personal Data Protection Act, 2023, we have appointed a Grievance Officer. You can contact them at legal@plantix.net. Complaints will be acknowledged and resolved within the timelines prescribed by law.
  2. Children’s Data: Our Services are not directed to children under 18. Where data of minors is processed, it requires the verifiable consent of a parent or guardian.
  3. Legal Basis: In India, we process personal data based on your consent or deemed consent, in accordance with the DPDPA.
  4. International Transfers: Where personal data is transferred outside India, such transfers are made in compliance with any government notifications regarding permitted jurisdictions.
  5. Retention: Your personal data will be deleted once the purpose for which it was collected is fulfilled, unless retention is required by Indian law.
  6. Rights: In addition to the rights listed in Clause 9, you may also nominate another individual to exercise your rights on your behalf, as permitted under the DPDPA.