Version 1.1 — Effective date: 2026-03-30 — Controller: Just Gardening, Officer UG (haftungsbeschrΓ€nkt)
Data controller: Just Gardening, Officer UG (haftungsbeschrΓ€nkt) (“JGO”, “we”, “us”).
For data-protection enquiries contact: [email protected]
No Data Protection Officer is mandatory for JGO at the current processing scale under Art. 37 GDPR. If we reach the threshold requiring a DPO this notice will be updated.
| Data category | Purpose | Legal basis (Art. 6) | Retention |
|---|---|---|---|
| Username, password hash, recovery phrase hash | Account authentication | Art. 6(1)(b) β performance of contract | Until account deletion |
| Encrypted grow records (plants, logs, sensor data, notes, photos) | Core service β grow tracking | Art. 6(1)(b) β performance of contract | Until account deletion |
| Recovery email address (optional, encrypted at rest) | Account recovery only | Art. 6(1)(a) β consent (opt-in) | Until removed or account deletion |
| IP address, HTTP request path, response status | Security monitoring, abuse prevention | Art. 6(1)(f) β legitimate interest | 90 days, then deleted |
| Anonymised federated-learning gradients (no raw data) | Improving grow recommendations (opt-in) | Art. 6(1)(a) β consent (opt-in) | Until FL round is aggregated or account deletion |
| Consent log (timestamp, policy version, IP) | Demonstrating compliance with Art. 7 | Art. 6(1)(c) β legal obligation | 3 years after account deletion |
| X25519 / Ed25519 public keys and signature (non-secret key material) | Collaborator ECDH key exchange β allows other users to share encrypted data with you | Art. 6(1)(b) β performance of contract | Until account deletion |
| Key-rotation audit log (event type, IP, timestamp) | Immutable security audit trail of password changes, account recovery, and key migrations | Art. 6(1)(b) β contract; Art. 6(1)(c) β legal obligation (Art. 32 security documentation) | Indefinitely; user ID nullified on account deletion |
| Security event records (detected IP, event type, severity, metadata) | DDoS, brute-force, and recon detection; operator alerting; incident investigation | Art. 6(1)(f) β legitimate interest (protecting the service and its users) | Indefinitely; user ID nullified on account deletion |
| Account deletion record (SHA-256 hash of username β no plaintext PII) | Proof that erasure requests were fulfilled (Art. 17); record of inactivity-triggered deletions | Art. 6(1)(c) β legal obligation (Art. 17(3)(e) β establishment/exercise/defence of legal claims) | Indefinitely; contains no PII |
| Last login timestamp | Inactivity monitoring; automated account deletion at 24 months of inactivity (Art. 5 storage limitation) | Art. 6(1)(f) β legitimate interest (data minimisation) | Until account deletion |
| User settings (electricity cost per kWh, light hours per day) | Calculating energy cost and g/watt efficiency in archived grows | Art. 6(1)(b) β performance of contract | Until account deletion |
We have assessed that cannabis cultivation data as processed by JGO does not constitute special-category data under Art. 9 GDPR in the context of personal grow tracking. All data is end-to-end encrypted; the server never holds plaintext. If you use JGO as an Anbauvereinigung (club) administrator, heightened measures apply β contact us for the club DPA addendum.
| Processor | Role | Location | Safeguard |
|---|---|---|---|
| Hetzner Online GmbH | Infrastructure hosting | EU (Germany/Finland) | DPA signed; EU transfer β no adequacy issue |
| Plausible Analytics | Aggregated site analytics (no cookies, no PII) | EU (Estonia) | DPA signed; no user-level data collected |
| SMTP provider (transactional) | Recovery email delivery only | EU | DPA signed |
We do not sell, rent, or share personal data with third parties for marketing purposes.
All primary infrastructure is located in the EU. No personal data is routinely transferred to third countries. If any sub-processor without an EU adequacy decision is used, we will implement 2021 Standard Contractual Clauses (SCCs) and update this notice.
You can exercise all of the following rights directly from your Account Settings page. No email or form submission required.
| Right | GDPR article | How to exercise |
|---|---|---|
| Access β receive a copy of your data | Art. 15 | Account β Export my data (JSON download) |
| Rectification β correct inaccurate data | Art. 16 | Edit any record in the app directly |
| Erasure (“right to be forgotten”) | Art. 17 | Account β Delete my account (immediate, irreversible) |
| Restriction β suspend processing while a dispute is active | Art. 18 | Account β Restrict processing |
| Portability β structured, machine-readable export | Art. 20 | Account β Export my data (JSON, same as Art. 15) |
| Objection to legitimate-interest processing | Art. 21 | Account β Object to processing |
| Withdraw consent (FL, recovery email) | Art. 7(3) | Account β Federated Learning opt-out / remove recovery email |
Requests are fulfilled immediately for self-service actions. For complex requests contact [email protected]; we will respond within 30 days (Art. 12(3)).
JGO applies end-to-end encryption as its primary technical measure:
Because all stored data is ciphertext, a server-side breach would not expose your grow records. This significantly limits the severity of any data breach under Art. 33/34 GDPR.
We have automated monitoring for anomalous access patterns. In the event of a breach:
| Cookie / tracker | Type | Purpose | Consent required? |
|---|---|---|---|
Session cookie (session) |
Strictly necessary | Authentication β keeps you logged in for 15 minutes | No β strictly necessary |
Remember-me cookie (remember_token) |
Strictly necessary | Extended login session (30 days) | No β strictly necessary |
| Plausible Analytics | Analytics (cookieless) | Aggregated page view counts; no personal data | No β cookieless, no PII |
No marketing, advertising, or profiling cookies are used.
| Data | Required for contract? | Consequence of not providing |
|---|---|---|
| Username and password | Yes β contractual requirement | Account cannot be created; the service cannot be provided |
| Encrypted grow records | Not mandatory β user-generated content | The service functions without any grow records; you choose what to track |
| Recovery email address | No β strictly optional (consent-based) | No recovery option if you lose your password; grow data cannot be recovered |
| Federated learning gradients | No β opt-in only | Your usage does not contribute to model improvement; no impact on service access |
No automated decision-making or profiling with legal or similarly significant effects takes place (Art. 22 GDPR).
You have the right to lodge a complaint with the supervisory authority. As JGO is established in Bavaria, the competent authority is:
Bayerisches Landesamt fΓΌr Datenschutzaufsicht (BayLDA)
Promenade 18, 91522 Ansbach, Germany
www.lda.bayern.de
Material changes will be notified via the app interface before they take effect. The version number and effective date at the top of this page will be updated on each change. Continued use after a notified change constitutes re-acceptance.
Just Gardening, Officer — Privacy Notice v1.1 — Last updated 2026-03-30