PlantFrame Privacy Policy

Version: 1.2 | Last updated: 26 May 2026

1. Overview

This Privacy Policy explains how PlantFrame (PlantFrame, we, us or our) collects, holds, uses, discloses and protects personal information in connection with PlantFrame. PlantFrame is workflow and project management software for garden designers, landscape designers, horticultural designers, landscape professionals and design studios. PlantFrame may be used by studio owners, team members, invited clients, beta testers, waitlist members, suppliers or other people who interact with the website, app, web clipper, client portal or support channels. This Privacy Policy applies to the PlantFrame website, web application, progressive web app, client portal, beta programme, Chrome Web Clipper or other browser extension, waitlist, marketing pages, support services, emails, documents, templates, AI-assisted tools, concept visual tools and related services. It does not apply to third-party websites, supplier websites, external tools, payment processors, app platforms, browser stores or services that PlantFrame does not own or control.

2. Who we are and how to contact us Operator:

Sharon Waters trading as PlantFrame

ABN: 64 862 859 546

Privacy contact: support@plantframe.app

Website: earlyaccess.plantframe.app

Postal address: PO Box 6064 Brown Hill Victoria 3350

3. Age restriction

PlantFrame is intended for users aged 18 years and over. We do not knowingly permit children to create PlantFrame accounts. If we become aware that a person under 18 has provided personal information directly to PlantFrame without appropriate authority, we will take reasonable steps to delete or de-identify that information, unless retention is required or permitted by law. PlantFrame users should not upload personal information about children unless it is genuinely required for a project, they have lawful authority to do so, and they understand the privacy sensitivity of that information.

4. When PlantFrame acts as controller, processor or service provider

4.1 PlantFrame as controller

PlantFrame generally acts as the controller or business responsible for personal information we process for our own business purposes, including account administration, beta access, billing, security, support, analytics, product development, marketing, legal compliance and service communications.

4.2 PlantFrame as processor or service provider

Where a designer, studio or workspace owner enters personal information about their own clients, projects, team members, suppliers or collaborators into PlantFrame, that designer or studio may be the primary controller or responsible business for that information. In those cases, PlantFrame processes that information to provide the service to the designer or studio, subject to our Terms, this Privacy Policy and applicable law.

If you are an invited client or another person interacting with PlantFrame through a designer, you may need to contact that designer directly to exercise privacy rights relating to project records, client files, approvals, notes, shared documents or communications controlled by that designer.

5. Personal information we collect

Account and profile information - Name, email address, business or studio name, role, profile image, account settings, authentication details, workspace membership, permissions and subscription plan.

Client and project information - Client names, contact details, project addresses or general locations, project briefs, site notes, measurements, sketches, photographs, garden zones, plant palettes, supplier and material selections, documents, comments, approvals and project communications.

Waitlist, beta and marketing information - Waitlist sign-up details, beta application responses, survey responses, feedback, email engagement, early-access status, founding member interest and marketing preferences.

Communications and support information - Emails, support requests, in-app messages, bug reports, screenshots, screen recordings, diagnostic context and feedback submitted to PlantFrame.

Usage, device and technical information - IP address, device identifiers, browser type, operating system, approximate location, pages or features used, log-in activity, app events, storage usage, upload activity, error logs, performance data and security logs.

Payment and billing information - Billing contact details, billing address, plan status, subscription records, renewal status, transaction references, payment failure notices and payment method metadata. Full card details are processed by third-party payment providers such as Stripe and are not intended to be stored directly by PlantFrame.

Web clipper and integration information - External URLs, supplier product information, material details, plant information, thumbnail URLs, page metadata, selected project destination, import status and related browser-extension diagnostic information.

AI and concept visual information - Prompts, uploaded images, project context, brief information, generated outputs, concept visual requests, image edits, plant identification inputs and outputs, AI usage counters and credit usage.

6. How we collect personal information

  • directly from you when you join the waitlist, apply for beta access, create an account, subscribe, contact support, respond to surveys or use PlantFrame;

  • from workspace owners, designers or team members who invite users, create client records, upload project information or share client portal content;

  • from files, photos, notes, documents, prompts, comments, approvals, selections and other content uploaded, generated or imported through PlantFrame;

  • from the Chrome Web Clipper or other integrations you choose to use;

  • automatically through cookies, analytics tools, app logs, device information and security systems;

  • from third-party providers where necessary to operate PlantFrame, including authentication, hosting, payment, email, analytics, support, AI, plant-data, image, browser-extension or integration providers.

7. User responsibility for client and third-party information

Designers, studios and workspace owners are responsible for ensuring they have the necessary authority, consent, privacy notice or lawful basis to enter, upload, import, store, share or process personal information about their clients, staff, contractors, suppliers and project stakeholders in PlantFrame.

Users should avoid uploading highly sensitive information unless it is necessary for the project and they have the appropriate authority. This includes health information, financial account details, identity documents, children’s information, security-sensitive information, legal material, confidential client information and information that would create unnecessary privacy risk if exposed.

8. How we use personal information

  • provide, operate, maintain and secure PlantFrame;

  • create and manage accounts, workspaces, client portals, permissions and invitations;

  • support project workflows, onsite capture, plant palettes, materials, suppliers, documents, approvals, concept visuals and client-facing outputs;

  • process subscriptions, billing, plan limits, storage limits, AI assists and concept credits;

  • send account, security, billing, support and service-related communications;

  • manage beta access, beta feedback, onboarding, testing tasks and founding member offers;

  • provide customer support, investigate bugs and troubleshoot technical issues;

  • monitor, analyse and improve features, usability, reliability, safety and performance;

  • detect, prevent and investigate spam, fraud, abuse, unauthorised access, cross-workspace access issues, security incidents and prohibited activity;

  • enforce our Terms, Beta Tester Agreement and other policies;

  • send marketing communications where permitted and respect unsubscribe preferences;

  • comply with legal, accounting, tax, regulatory and security obligations.

9. Product improvement, analytics and diagnostic tools

PlantFrame may use analytics, diagnostic and performance tools to understand how users interact with the website, app, client portal, web clipper and beta features. These tools may help identify errors, usability issues, slow pages, broken flows, device problems and support needs.

If PlantFrame uses session replay, heat mapping, screen recording or behavioural analytics tools, PlantFrame should disclose the relevant provider, ensure appropriate safeguards are configured, and avoid recording unnecessary sensitive content where reasonably practical. This section should be updated before publication if such tools are enabled.

10. AI features, concept visuals and automated features

PlantFrame may include AI-assisted writing, project summaries, prompts, plant identification, classification, image editing, concept visual generation and other automated or AI-supported features. When you use

those features, relevant prompts, uploaded images, project information and outputs may be processed by PlantFrame and/or third-party AI service providers to provide the feature.

PlantFrame does not intend to use AI features to make automated decisions that produce legal or similarly significant effects about individuals. AI and concept visual outputs should be reviewed by the user before being relied on or shared with clients.

Before publication, confirm the current AI providers, whether inputs or outputs may be retained by providers, whether they are used for model training, and whether any additional opt-out or disclosure wording is required.

11. Marketing, advertising and testimonials

If you join the waitlist, apply for beta access, download a resource, create an account or otherwise consent to marketing, we may send you PlantFrame updates, beta access information, product news, launch information, founding member offers and related communications.

You can unsubscribe using the link in marketing emails or by contacting us. Service-related communications, such as security notices, billing notices, account notices, legal notices and support messages, are not marketing and may still be sent.

PlantFrame will not use your project content, client content, studio workspace, screenshots, documents, client names, client images, testimonials, quotes, case studies or studio branding in public marketing without your prior consent, unless the information has already been lawfully made public by you or with your authority.

PlantFrame may use website and email engagement information to measure marketing effectiveness. If targeted advertising pixels or interest-based advertising are used, update this Privacy Policy and any cookie notice accordingly before publication.

12. Cookies and tracking technologies

PlantFrame may use cookies, pixels, local storage and similar technologies to operate the website and app, remember preferences, authenticate users, maintain sessions, improve performance, understand usage, measure marketing effectiveness and protect the service.

Depending on the tools used and the locations of users, PlantFrame may need a separate Cookie Policy, cookie banner or consent management process. Before publication, confirm whether PlantFrame uses analytics, advertising pixels, session replay, heat mapping, social media pixels or other tracking tools.

13. How we disclose personal information

  • hosting, infrastructure, database, storage and application providers;

  • authentication, security, monitoring, logging and error-reporting providers;

  • payment processors and billing platforms;

  • email delivery, waitlist, marketing and customer communication platforms;

  • analytics, performance, diagnostic and support tools;

  • AI, image-generation, plant-identification and automation providers;

  • plant data, supplier data, image, template, Canva-related or document workflow providers;

  • browser-extension platforms, including the Chrome Web Store, where relevant;

  • professional advisers, including lawyers, accountants, bookkeepers, insurers and technical consultants;

  • regulators, courts, law enforcement, payment providers or authorities where required or permitted by law;

  • potential acquirers, investors, financiers or advisers in connection with a sale, merger, restructuring, financing or transfer of PlantFrame.

Current or proposed third-party providers may include Base44, Stripe, MailerLite, Resend or another email provider, Canva, Flora API, Pl@ntNET, OpenAI or another AI provider, Google Chrome Web Store, domain/DNS providers, analytics tools and support tools.

14. Integrations and third-party services

If you connect, use or rely on third-party services through PlantFrame, those services may collect, use or disclose information under their own terms and privacy policies. This may include payment processors, Canva, supplier websites, plant-data providers, browser extension platforms, AI providers, analytics services and email providers.

PlantFrame is not responsible for the privacy practices of third-party services that it does not own or control. Users are responsible for reviewing third-party terms where applicable.

15. Overseas disclosure and storage

Some personal information may be stored or processed outside Australia, including in countries where PlantFrame, its hosting providers, AI providers, email providers, payment processors, analytics providers or other service providers operate. These countries may include the United States and other jurisdictions depending on the provider.

Where personal information is disclosed overseas, PlantFrame will take reasonable steps to protect personal information in accordance with applicable privacy obligations.

16. Data retention

We retain personal information for as long as reasonably necessary to provide PlantFrame, maintain accounts, support users, operate the beta programme, comply with legal and accounting obligations, resolve disputes, maintain security, prevent fraud, enforce agreements and improve the platform.

Retention periods may vary depending on the type of information, account status, subscription status, backup cycles, legal requirements, workspace ownership, technical constraints and legitimate business needs. Where deletion is requested, we will take reasonable steps to delete or de-identify personal information unless retention is required or permitted by law or is reasonably necessary for backups, compliance, dispute resolution, security or legitimate business purposes.

17. Security

We take reasonable technical and organisational steps to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure. These steps may include access controls, authentication, workspace permissions, role-based access, storage limits, monitoring, logging, administrative safeguards and service-provider controls.

No online platform can guarantee absolute security. Users are responsible for maintaining the confidentiality of their account details, using appropriate device security, inviting only authorised users, removing access when it is no longer required, and keeping independent backups of important project, client and business records.

18. Data breach response

If we become aware of a suspected or actual data breach, we will take reasonable steps to contain, assess, investigate and respond to the issue. Where required by law, we will notify affected individuals and relevant regulators, including under the Notifiable Data Breaches scheme if it applies.

Users must promptly notify PlantFrame if they suspect unauthorised access, cross-workspace visibility, client portal access errors, data exposure, lost credentials, account compromise or other security issues.

19. Access, correction, deletion and other rights

You may contact PlantFrame to request access to, correction of, deletion of, or restriction of certain personal information we hold about you, subject to applicable law, technical constraints, workspace owner permissions, identity verification, legal retention obligations and the role PlantFrame plays in relation to that information.

Where information is controlled by a designer, studio or workspace owner, we may direct the request to that designer or require their involvement before taking action. We may need to verify your identity and authority before responding.

20. Data export and account closure

PlantFrame may provide tools or processes to export or delete account, project or workspace data. The availability, format and timing of export or deletion may depend on plan status, beta status, technical limitations, backup cycles, legal retention requirements and workspace ownership.

During beta, export and migration tools may be limited, incomplete or unavailable. Beta testers should keep independent backups of important records outside PlantFrame.

21. Complaints

If you have a privacy question, request or complaint, contact PlantFrame at support@plantframe.app. We will aim to respond within a reasonable period.

If you are not satisfied with our response, you may be able to contact the Office of the Australian Information Commissioner or another privacy regulator that applies to your location.

22. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date. Where changes are material, we may provide additional notice by email, in-app notice, website notice or another reasonable method. Continued use of PlantFrame after an updated Privacy Policy is published indicates acknowledgement of the updated policy, where permitted by law.

© 2026 PlantFrame. All rights reserved.