OrchardHQ

What we collect, and why.

OrchardHQ is a personal orchard-management tool. To make it work we have to store the trees you record, the photos you take, and enough about you to log you back in. This page is the long version; the short version is in the box below.

Effective from 20 May 2026. Last updated 20 May 2026.

The short version

Your tree data, photos, and notes are yours. We don't sell them. We don't share them with anyone except the cloud services we need to run the app.
Sign-in uses Google. We never see your Google password.
Everything is hosted in the EU.
You can export everything (GeoJSON, KML, CSV) or delete your account, any time. Mail us and it's done.
We don't run advertising, behavioural profiling, or analytics that follow you off the site.

Who's behind this.

OrchardHQ is operated as an Irish sole trader, based in the west of Ireland. Mail us at hello@orchardhq.app for anything privacy-related — including the GDPR rights listed below. We will identify the named proprietor on request.

We're the data controller for everything you put into the app. Our subprocessors (listed further down) are data processors acting on our instructions.

What we collect.

Account information

Email address — from your Google account when you sign in. Used to identify you on subsequent visits and to contact you about your account.
Display name — from Google, used in the app to label things you create.
Organisation membership — which OrchardHQ organisation(s) you belong to.

Orchard content you create

Tree records — location (latitude / longitude), variety, rootstock, planted date, status, notes, photos.
Observations and actions — what you saw, what you did, when, with optional measurements and photos.
Voice notes — when you record one, the audio is sent to a speech-to-text service to produce a transcript that becomes an observation. The audio file itself is kept so you can play it back.
Plans and management units — orchard layouts, boundaries, variety mixes.
Tasks — scheduled work you've created or accepted from an auto-suggestion.

Diagnostic and operational data

Request logs — server-side logs of API calls (date, route, response code, user id). Used to diagnose problems. Kept for 30 days then rotated out.
Error reports — when something crashes, the stack trace is logged. Kept for 30 days.

What we deliberately don't collect

Marketing analytics, behavioural tracking, third-party cookies, advertising IDs.
Sensitive personal data (health, political opinions, etc.) — the app has no field for it.
Anything from non-account visitors except a server access log entry.

Why we collect it.

The legal bases under GDPR Article 6:

Performing the contract with you (Art. 6(1)(b)) — we need your email, tree records, and so on to deliver the service you signed up for. Without them there's no app.
Our legitimate interests (Art. 6(1)(f)) — keeping access logs to defend the service against abuse, and basic diagnostics to fix bugs.
Your consent (Art. 6(1)(a)) — for the optional voice transcription pipeline. You can decline at the point of recording.

Where it lives — subprocessors.

The cloud services we rely on to run OrchardHQ, grouped by what they do. A full named list of current providers is available on request.

Core hosting + data storage

Your account, tree records, observations, actions, tasks, plans, photos and voice-note audio are all stored in EU-region cloud infrastructure — Google Cloud Platform in Belgium (Cloud Run, Cloud Storage, Firebase Auth, Firebase Hosting) and Supabase in Frankfurt (the Postgres database). Map tiles are served by a third-party map provider over a global CDN; only your current viewport bounds are shared with it.

Optional AI features

Three features rely on third-party AI services:

Speech recognition — when you record a voice note, the audio is sent for transcription.
Image parsing — when you run a diagnosis on a photo, the image is sent for analysis.
Text extraction — the resulting transcript is sent to a language model to extract structured fields (date, severity, fruit type, etc.).

These services are operated by reputable third-party providers and may process your input outside the EU. Where that's the case, transfers happen under Standard Contractual Clauses and the providers' published zero-retention / no-training terms apply where offered. None of these features run automatically — they only fire when you trigger them. If you never record a voice note or run a diagnosis, your data never reaches them.

How long we keep it.

Your account and content — for as long as the account exists, plus up to 30 days in encrypted backups after deletion.
Server logs — 30 days, then rotated out automatically.
Voice-note audio — for as long as the associated observation exists, unless you delete the observation.
Aggregate analytics — non-personal usage counts (e.g. total observations recorded across the platform) kept indefinitely.

Your GDPR rights.

You have the rights given to you by the General Data Protection Regulation. You can exercise any of them by mailing hello@orchardhq.app. We respond within 30 days; usually much sooner.

Access — get a copy of everything we hold about you.
Rectification — correct anything that's wrong.
Erasure — delete your account and everything in it.
Portability — export your data in machine-readable formats. The app supports GeoJSON, KML and CSV export directly from the Export menu.
Restriction and objection — pause processing while we investigate a concern.
Withdraw consent — for anything we process on the basis of consent (e.g. voice transcription).
Complain — to the Irish Data Protection Commission (dataprotection.ie) or your local supervisory authority.

Cookies.

We use a small number of strictly-necessary cookies, all set on our own domain:

Firebase Auth session cookie — keeps you signed in across page loads.
CSRF protection — guards against forged form submissions.

That's it — no third-party tracking cookies, no advertising pixels, no behavioural analytics. Because all our cookies are strictly necessary for the service to function, we don't show a consent banner (the ePrivacy directive exempts strictly-necessary cookies from consent).

Security.

All traffic to OrchardHQ uses HTTPS. Photos and voice notes are served via signed, expiring URLs so they aren't world-readable. Backend access is restricted to maintainers and audited via Google Cloud's IAM logs. We don't store passwords ourselves — sign-in is delegated to Google.

No system is perfectly secure. If you spot a security issue, please mail us at security@orchardhq.app instead of disclosing publicly — we'll respond promptly.

Children.

OrchardHQ is not aimed at children. We don't knowingly collect data from anyone under 16. If you believe a child has registered, mail us and we'll delete the account.

Changes to this policy.

We'll update this page when anything material changes — adding a subprocessor, changing where data is stored, broadening what we collect. Material changes are notified to your registered email at least 14 days before they take effect. Minor wording fixes don't get a notification.