🥬Veggie Exchange

Privacy Policy

Last updated: June 4, 2026

Veggie Exchange is a hobby community for gardeners. We keep the data we collect to the minimum needed to run the service, and we don’t sell it to anyone.

What we collect

Account

When you sign up, we store your email address and (depending on the sign-in method) your name and avatar provided by Apple, Google, or your email signup.

Profile

Your display name, handle, bio, photos you upload, and the optional location text you provide. These are visible to other signed-in users.

Activity

Posts you create, comments, reactions, and the gardeners or farms you follow.

Photos

We re-encode every photo on upload, which strips EXIF metadata — including GPS coordinates, the camera model, and any timestamps your phone embedded. The image we store and display does not contain that data.

Authentication

We use Supabase Auth to keep you signed in. A session cookie is stored on your device. We do not see your password if you sign in with Apple or Google.

Email

We send transactional and (where you’ve opted in) broadcast emails through Resend. Every broadcast email includes a one-click unsubscribe link.

Analytics

We use Vercel Analytics to count anonymous page views. We do not set third-party advertising or tracking cookies.

Cookies

Details are on our Cookie Policy.

Third parties

Veggie Exchange relies on a small number of providers to run the service:

  • Supabase — database, authentication, file storage
  • Vercel — web hosting, anonymous analytics
  • Resend — email delivery
  • Apple & Google — OAuth sign-in (only when you choose them)

Your use of these providers is also subject to their own privacy policies.

Children

Veggie Exchange is not for children under 13. We don’t knowingly collect data from anyone under 13. If you believe a child has created an account, please email us and we’ll remove it.

Your rights

You can, at any time:

  • View and edit your profile from your profile page.
  • Unsubscribe from broadcast emails using the link in any email.
  • Delete your account, posts, and personal plant records from Account Settings.

After deletion, copies may persist briefly in backups before being purged.

Security

We use industry-standard practices (TLS in transit, encryption at rest via our hosting providers). No system is perfectly secure; if you discover a vulnerability, please email us before disclosing it publicly.

Changes

We may update this policy from time to time. Material changes will be highlighted; the “Last updated” date at the top tells you when.

Contact

Questions about privacy? Email support@veggie-exchange.com.