Privacy Policy

Last updated: March 28, 2026 — Juno Grow Inc.

Juno Grow Inc. (“Juno Grow,” “we,” “us,” or “our”) operates the Juno Grow greenhouse intelligence platform (the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.

We are committed to compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

1. Information We Collect

Account Information

When you register or are invited to use the Service, we collect your name, email address, user role, and farm association. We also record login timestamps and device identifiers for security purposes.

Farm Data

The Service collects environmental sensor data (moisture, conductivity, temperature, humidity, CO2, VPD, DLI), crop configurations, pest detection imagery, yield records, spray logs, water analysis reports, and other operational data transmitted by your greenhouse equipment and entered by your team.

AI Interaction Data

When you use AI features (chat, voice, pest scanning), we process your messages, voice audio, and uploaded images to generate recommendations. Voice audio is processed transiently and is not stored — only text transcripts are retained. AI interactions are processed by third-party AI services in inference-only mode.

Usage and Activity Data

We automatically collect detailed information about how you interact with the Service, including: pages and tabs visited, features used, buttons clicked, crop and sensor selections, session start and end times, session duration, heartbeat signals, tab focus and blur events, IP addresses, browser type, device information, and general navigation patterns. We also collect performance and request metadata through Cloudflare Web Analytics. This data helps us understand how the Service is being used, monitor performance, and improve features.

Cookies, Tokens, and Analytics

The Service uses essential cookies and authentication tokens to maintain your session and secure your account. These are required for the Service to function and cannot be disabled.

We also collect usage analytics data to understand how the Service is used and to improve its features. This includes tracking page views, feature interactions, tab switches, session duration, and general navigation patterns. This data is collected through our own first-party analytics and through Cloudflare Web Analytics, which processes performance and request metadata. We do not use advertising cookies or third-party advertising trackers.

2. How We Use Your Information

We use your information to:

Provide, maintain, and improve the Service
Deliver AI-powered growing recommendations, alerts, and reports
Detect and identify pest and disease issues from uploaded images
Process voice interactions for hands-free consultation
Send transactional emails (alerts, invitations, verification codes)
Monitor system health, performance, and security
Analyze usage patterns to improve features and user experience
Respond to your requests and provide customer support

    We do not train AI models on your data. All AI features use third-party services in inference-only mode. Your Farm Data, images, chat transcripts, and voice recordings are never used to train, fine-tune, or improve any AI model.

2A. Legal Basis for Processing (GDPR)

For users in the EU/EEA or United Kingdom, we process your data under the following legal bases:

Processing Activity	Legal Basis
Account creation and authentication	Contract performance (Art. 6(1)(b))
Sensor data collection, AI recommendations, alerts, and reports	Contract performance (Art. 6(1)(b))
Pest detection and image analysis	Contract performance (Art. 6(1)(b))
Voice interaction processing	Contract performance (Art. 6(1)(b))
Transactional emails (alerts, verification)	Contract performance (Art. 6(1)(b))
Usage analytics and product improvement	Legitimate interest (Art. 6(1)(f))
Security monitoring and fraud prevention	Legitimate interest (Art. 6(1)(f))
Creation of Anonymized Data for industry insights	Legitimate interest (Art. 6(1)(f)), subject to opt-out

3. Anonymized Data and Industry Insights

We may create Anonymized Data from Farm Data by irreversibly removing all identifying information, including farm name, business name, owner identity, location, and any other information that could reasonably identify you, your farm, or any individual.

Anonymized Data may be used for:

Agricultural industry benchmarking and trend analysis
Aggregated research reports and datasets for seed companies, fertilizer manufacturers, crop insurance providers, agricultural researchers, and other industry participants
Improvement of the Service’s recommendations and benchmarks
Commercial licensing of aggregated, de-identified agricultural datasets

We ensure that:

No Anonymized Data can be reasonably re-identified to you, any individual, or any specific farm
Anonymized Data is only made available in aggregate form combining data from multiple sources
No data is shared until we hold data from a minimum of five separate farm operations
Recipients are contractually prohibited from attempting re-identification

Opt-out: You may opt out of Anonymized Data creation at any time by contacting privacy@junogrow.com. We will stop creating new Anonymized Data from your Farm Data within 30 days of your request.

4. Data Retention

Data Type	Retention Period
Account information	Duration of service + 90 days
Sensor & climate data	Duration of service + 90 days
Pest detection imagery	Duration of service + 90 days
Crop & yield data	Duration of service + 90 days
AI interaction transcripts	Duration of service + 90 days
Water analysis reports	Duration of service + 90 days
Usage and activity data	Duration of service + 90 days
Voice audio	Not stored (transient processing only)
Anonymized Data	Retained indefinitely (not Personal Data)

5. Third-Party Services

We use the following categories of third-party service providers to operate the Service. A detailed list of sub-processors is maintained at junogrow.com/subprocessors.

Provider Category	Purpose	Data Shared
Cloud Infrastructure	Hosting, database, backups	All farm and user data
AI Processing Services	Chat, voice, pest detection inference	Prompts, images, transcripts (not retained by provider)
CDN & Security	Content delivery, DDoS protection, TLS, web analytics	IP addresses, request metadata, performance data
Email Services	Transactional emails	Recipient email, message content
Weather Services	Weather data for recommendations	Farm geographic coordinates only

6. Data Security

We implement industry-standard technical and organizational measures to protect your data, including:

TLS encryption on all connections
Encrypted database storage
Multi-factor authentication and account lockout protections
Tenant-isolated database architecture (each farm has its own isolated data store)
Web application firewall, API rate limiting, and security headers
Daily automated backups with multi-layer retention
Regular security reviews and monitoring

7. Your Rights

Depending on your jurisdiction, you have the following rights regarding your Personal Data:

Access: Request a copy of the Personal Data we hold about you
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your data (subject to legal retention requirements)
Portability: Request your data in standard formats (CSV, JSON)
Restriction: Request we limit processing of your data
Objection: Object to certain processing activities
Opt-out of Anonymized Data: Request we stop creating Anonymized Data from your Farm Data

To exercise any of these rights, contact us at privacy@junogrow.com. We will respond within 30 days.

8. Data Breach Notification

In the event of a data breach affecting your Personal Data, we will notify you within 72 hours of becoming aware of the breach, in accordance with GDPR, PIPEDA, and applicable breach notification requirements.

9. Data Storage and International Transfers

Your data is stored on servers located in the United States. Where data is transferred to other jurisdictions for processing (e.g., AI services), such transfers are governed by Standard Contractual Clauses (for GDPR), PIPEDA’s accountability principle, and the service provider’s own data protection certifications.

10. Children’s Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect Personal Data from children. If we learn that we have collected data from a child under 16, we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service with a revised “Last updated” date. Continued use of the Service after such changes constitutes acceptance of the updated policy.

12. Contact Us

For any questions about this Privacy Policy or our data practices:

Juno Grow Inc.
Ontario, Canada
Email: privacy@junogrow.com