Privacy Policy

Last updated: June 16, 2026

This policy explains what information Garden Macro ("we", "us", the "Service") collects when you sign in and subscribe, why we collect it, and who we share it with. The Service is operated as an independent tool and is hosted at gardenmacro.com. By using the Service you agree to the handling of information described below.

1. Information we collect

Google account information (sign-in)

We use Google Sign-In (OAuth 2.0 / OpenID Connect) so you don't have to create or manage a separate password. When you choose "Continue with Google", Google authenticates you and sends us a limited profile. We request the openid email profile scope and use:

• Your Google account ID — a stable numeric identifier (Google's sub) we use to recognize you on return visits and to link you to your subscription.
• Your email address — used to identify your account, show you who you're signed in as, and pass to Stripe so your receipts go to the right place.

Your Google profile may also include your name and profile picture; we do not store these. Crucially, we never receive, see, or store your Google password — that stays between you and Google. You can review the access you've granted at any time in your Google account permissions.

Payment information (Stripe)

All payments are processed by Stripe, our third-party payment processor. When you subscribe, you're taken to Stripe's secure, hosted checkout to enter your card details. Your full card number and payment credentials are handled by Stripe and are never sent to or stored by us. From Stripe we receive and store only:

• A Stripe customer ID and subscription ID that represent your account.
• Your subscription status (for example: active, trialing, past due, or canceled) and the date your current billing period ends.

Stripe's own handling of your payment data is governed by the Stripe Privacy Policy.

Sign-in token, cookies, and the launcher

To keep you signed in and to verify your subscription, we use a small number of cookies and a signed access token. We don't use cookies for advertising or cross-site tracking.

After you subscribe, the desktop launcher stores a signed access token on your own computer (for example in a local token.txt). This token contains your Google account ID and is presented to our server each time the launcher runs, so we can confirm your subscription is active before fetching and running the macro. It does not contain your password or payment details.

2. How we use your information

• To identify you and keep you signed in across visits.
• To process your subscription and verify, on each launch, that your access is active.
• To deliver the Service — unlocking the app and serving the latest macro build to subscribers.
• To handle billing matters, such as receipts and renewals, through Stripe.
• To keep the Service secure, including preventing fraud and abuse.

We do not sell your personal information, and we do not use it for advertising or profiling.

3. Where your data is stored

The Service runs on Cloudflare. The link between your account and your subscription is kept in Cloudflare Workers KV, a key-value store, as two small records:

• A mapping from your Google account ID to your Stripe customer ID.
• A cached subscription status for that customer (status, billing-period end, and when we last checked it with Stripe).

That's the extent of the personal data we store on our side: an account identifier, an email address, a payment-processor reference, and a subscription status. Cloudflare processes this data on our behalf as a hosting and infrastructure provider.

4. Who we share it with

We share the limited data above only with the service providers that make the Service work:

• Google — for sign-in. See the Google Privacy Policy.
• Stripe — for payment processing and subscription billing. See the Stripe Privacy Policy.
• Cloudflare — for hosting and data storage. See the Cloudflare Privacy Policy.

We may also disclose information if required by law, or to protect the rights, safety, and security of the Service and its users.

5. Data retention

We keep your account-to-subscription record for as long as you have an account with us. If you cancel, we may retain the record while your access winds down and for a reasonable period afterward to handle billing history and prevent abuse. You can ask us to delete your data as described below; note that Stripe retains transaction records independently to meet its own legal and financial obligations.

6. Your choices and rights

• Cancel anytime. Your subscription is month-to-month and can be cancelled whenever you like; access ends at the close of your billing period.
• Switch or disconnect Google. You can sign in with a different account, or revoke our access from your Google account permissions.
• Access or delete your data. Contact us to request a copy of the information we hold about you, or to have it deleted.

Depending on where you live, you may have additional rights over your personal data under laws such as the GDPR or CCPA. We honor those requests where they apply.

7. Security

Sign-in sessions use signed, HttpOnly cookies, and connections to the Service are encrypted in transit (HTTPS). Payment details never touch our servers. No method of storage or transmission is perfectly secure, but we take reasonable measures to protect the limited data we hold.

8. Children

The Service is not directed to children, and we do not knowingly collect personal information from anyone under the age required to hold a Google account in their country. If you believe a child has provided us with personal information, please contact us and we will remove it.

9. Changes to this policy

We may update this policy from time to time. When we do, we'll revise the "Last updated" date at the top of this page. Significant changes may be highlighted within the Service.

10. Contact us

Questions about this policy or your data? Email us at [email protected].