Privacy Policy | Agora Grove

Agora Grove Privacy Policy and Notice at Collection

Draft status: counsel-review working draft only; not for publication
Version: 0.1
Proposed effective date: [EFFECTIVE DATE]
Controller: [EXACT LEGAL ENTITY NAME], doing business as Agora Grove
Privacy contact: [PRIVACY EMAIL] · [PRIVACY REQUEST URL] · [POSTAL ADDRESS]

Placeholder rule: Every all-caps bracketed field in this draft is a [COMPANY INPUT REQUIRED] item unless it is expressly labeled [LAWYER REVIEW]. It must be completed and approved before publication.

Publication gate: Do not publish this policy until every bracketed field is completed and the vendor, tracking, AI, retention, payment, and data-sharing statements are verified against the production build and website. A privacy policy is not a safe place to reserve undisclosed rights.

1. Scope

This Privacy Policy explains how Agora Grove collects, uses, discloses, retains, and protects personal information when you use the Agora Grove consumer app, consumer-facing website, customer support, and related services that link to this Policy (collectively, the “Services”). It does not automatically govern a Farm’s independent handling of information it receives to fulfill an order, a third-party payment provider, or a third-party site or service unless that party’s notice says it does.

“Personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to a person, household, account, device, or other identifier, as the term is defined or applied by relevant law.

2. Summary: our current data position

Agora Grove is designed to help users discover independent farms and coordinate food orders. We may collect account/contact information; order, cart, payment-reference, and address information; location; device/technical information; support communications; preferences; feature interactions; AI search or image inputs when you choose those features; and information needed to protect the Services.

We use that information to operate the Services, route and coordinate requested orders, confirm inventory, process or coordinate payment, provide support, prevent fraud and abuse, improve product performance, personalize features where you enable personalization, comply with law, and communicate with you.

We share information with a Farm you select when it is needed to carry out your order; with service providers that help operate the Services; with payment, authentication, map/location, communications, hosting, and AI providers as described below; and with others when required or permitted by law.

We do not use allergy, dietary, or other sensitive-by-policy preferences for targeted advertising. We do not sell personal information for money. [COMPANY INPUT REQUIRED: select and validate the applicable advertising/pixels statement in Section 8 before publication.]

3. Personal information we collect

Category Examples Sources
Account and identifiers Name, email, phone, account ID, authentication ID, account settings, login provider You; Apple/Google/email authentication provider; our systems
Contact and support information Email, phone, support messages, dispute details, requested accommodations You; your communications with us
Order, transaction, and payment-reference information Cart contents, Farm, amounts, order status, substitution decision, payment-method label, card brand/last four, payment processor identifiers, refund/dispute data You; Farm; payment processor; our order systems
Address and fulfillment information Delivery/pickup address, address components, ZIP/postal code, access or pickup notes, selected market, fulfillment preferences You; map/address provider; Farm/order systems
Precise and approximate location Current or recent device coordinates, accuracy, derived proximity, city/region Your device if you allow location; your manual entry; map/address provider
Preferences and inferred interests Dietary and allergen preferences, household/fulfillment preferences, favorites, saved farms, product interactions, derived preference signals You; your use of the Services; our systems
Search, AI, and image inputs Search text, AI grocery request, image you choose to submit for grocery-list extraction, extracted list, feature result, feature feedback You when you use the relevant feature
Voice input Temporary on-device audio/transcript while you use voice input Your device when you activate the feature
Device, usage, and diagnostics information Device/app identifiers, operating system, app version, IP/network information, event logs, session data, crash reports, query length, latency, security signals Your device/browser; our app/website; service providers
Communications and marketing preferences Push token, notification topics, email/SMS choices, consent records, unsubscribe or opt-out records You; your device; our systems
Farm and business information Farm business contact, listing content, public product/farm information, permit/verification material if formally onboarded Farm; public sources; service providers
Legal and compliance records Policy version accepted, consent event, deletion/rights request, fraud/security investigation, regulator or legal request You; our systems; authorities; service providers

We may receive information from a Farm, payment provider, authentication provider, map/address provider, public sources, referral partner, or another user where needed to operate, secure, or improve the Services. We may combine information from sources where appropriate for the purposes described in this Policy.

4. How we use personal information

We use personal information for the following purposes:

  1. Provide the Services. Create and secure accounts; provide discovery, cart, search, and order tools; route an order to a selected Farm; coordinate availability, pickup, or delivery information; administer payment setup and payment activity; provide confirmations and support.
  2. Operate and improve the Services. Diagnose outages and defects; analyze performance; test and develop features; improve usability, search relevance, and Farm discovery; maintain records; and understand aggregate use.
  3. Personalize where you enable it. Use derived shopping and category preferences to personalize recommendations or search only when the relevant product setting is enabled. We do not use raw ordinary searches as a stored recommendation profile unless the product expressly says otherwise.
  4. AI-assisted features. Process a text request or image you deliberately submit to generate a grocery-list, search, or cart-assistance result. Section 7 provides feature-specific details.
  5. Communicate. Send transactional messages about accounts, orders, safety, Farm confirmations, substitutions, pickup/delivery coordination, support, changes, and legal notices. Send marketing only as described in Section 9 and subject to your choices and applicable law.
  6. Safety, security, and fraud prevention. Verify accounts and payment activity, investigate abuse, protect users and Farms, enforce Terms, protect our rights, and comply with legal obligations.
  7. Legal, compliance, and business operations. Meet legal, tax, accounting, audit, regulatory, insurance, dispute-resolution, and corporate-transaction needs; establish, exercise, or defend legal claims; and protect the rights, safety, and property of Agora Grove, users, Farms, or others.
  8. Aggregate and de-identified analysis. Create aggregated, statistical, or de-identified information for operational analysis, research, business planning, service improvement, and lawful commercial uses. We will maintain and use de-identified information in a form that does not reasonably identify you and will not attempt to reidentify it except as permitted by law.

5. Location information

We request foreground location access only when a feature needs it, such as helping you locate a delivery address, evaluate nearby availability, or provide pickup/delivery relevance. You can decline location permission and enter an address or city manually. Do not use location features while driving or in a situation where using your device is unsafe.

If you use address search, we may send your typed address-search information, an address-search session token, and a location bias/origin to our map/address provider, currently [COMPANY INPUT REQUIRED: Google Places confirmation], to return address suggestions or details. We do not use precise location for targeted advertising unless we first update this Policy and obtain any required choice or consent.

[COMPANY INPUT REQUIRED] Confirm whether any precise coordinate is stored on Agora Grove servers, shared with a Farm, or retained beyond the observed local short-term cache. The public policy must state the final answer precisely.

6. Payments and purchases

When you set up or use a payment method, we and our payment provider may process transaction and payment-reference information. The intended current payment provider is Stripe. We do not intend to receive or store your full payment-card number or card security code through the app’s Stripe payment sheet, but we may receive and retain payment-related identifiers, card brand/last four, expiration data, payment status, transaction amount, and fraud/dispute information.

We use payment data to set up payment methods, process or coordinate orders and refunds, prevent fraud, respond to disputes, and maintain records. Farms should not receive your complete card data through Agora Grove. A Farm may receive information necessary to fulfill the order, such as your name, contact method, order, and pickup/delivery details.

[LAWYER REVIEW] Finalize the merchant-of-record, payment processor account owner, tax, refund, and chargeback positions before publishing this section. Payment-data descriptions must match the actual flow, including Apple Pay and any future Stripe Connect configuration.

7. AI-assisted search, image processing, and voice

7.1 AI text search and cart assistance

If you choose an AI search or cart-assistance feature, we may send the request text you enter and the minimum associated information needed to provide the feature to an approved AI provider. Depending on the approved architecture, a provider may process the text to structure your request, identify products, or return a feature result. We will identify the provider in the feature disclosure, subprocessor list, or both before it receives your data.

Current code evidence, not a publication statement: complex text search can use Cerebras; production deployment and final model/provider are not confirmed. Do not publish a provider name, training statement, or retention promise until the production vendor list and settings are approved.

Do not submit information that you do not want processed to provide the requested feature. AI output may be incomplete, inaccurate, or unsuitable for your dietary, allergy, medical, safety, legal, or other circumstances. You remain responsible for reviewing the result and the Farm’s product information.

We will not use individually identifiable AI prompts, images, voice recordings, or outputs to train a general-purpose model unless we clearly tell you beforehand and obtain any required separate consent. We will not use dietary/allergen preferences for targeted advertising.

7.2 Grocery-list or food-spread images

If you select or take a photo for grocery-list extraction, the image is sent to the disclosed provider to perform that feature. Current source code identifies a Supabase function using Google Gemini Vision; production configuration must be confirmed before launch. We intend not to retain the original image after processing unless you expressly choose a feature that saves it. The result may remain in your session or account only as the feature tells you.

7.3 Voice input

The current intended voice-input experience processes audio on your device and does not upload or retain the audio or transcript after the active session. [COMPANY INPUT REQUIRED] The app currently has server-side fields for voice-retention and model-improvement preferences. Those fields must be removed, disabled, or reconciled before this “on-device/no retention” statement is published. If any fallback speech-recognition service transmits audio or transcript off-device, we will update this Policy and provide a feature-specific disclosure before use.

7.4 Your choice

Using an AI or image feature is optional. We provide a feature-specific disclosure before data leaves your device for a third-party AI provider. You can choose not to use that feature and can use other available app functions instead.

8. Analytics, cookies, pixels, advertising, and tracking

8.1 Operational analytics

We use operational analytics and diagnostics to understand feature performance, detect errors, prevent abuse, and improve the Services. Current app telemetry is designed to use closed-vocabulary events and metrics rather than raw user query text, but all telemetry and crash-reporting flows must be reconciled to the final implementation before launch.

8.2 Website cookies and similar technologies

Our websites, including the separate Mandala farm-facing site when it links to this Policy, may use cookies, SDKs, pixels, local storage, tags, and similar technologies for essential functions, authentication, preferences, security, analytics, campaign measurement, referral attribution, and, if enabled, advertising.

We will provide a cookie notice and controls that distinguish required technologies from optional analytics or advertising technologies where applicable. See the Cookie and Tracking Technologies Policy in the supplemental policies document.

8.3 Choose one verified publication statement

Option A — use only if no sale/share/targeted-ad flow exists:

As of the effective date, Agora Grove does not sell personal information for money and does not share personal information for cross-context behavioral advertising or process it for targeted advertising as those terms are defined by applicable U.S. privacy laws.

Option B — use only after final vendor and control implementation:

We may disclose online identifiers, device/browser information, cookies, engagement information, and campaign/referral information to analytics and advertising partners to measure campaigns, market the Services, and reach people who may be interested in the Services. Depending on the technology and law, this may be a “sale,” “sharing,” or processing for “targeted advertising.” You may use our “Do Not Sell or Share / Targeted Advertising Opt-Out” control, cookie controls, and, where applicable, a Global Privacy Control signal to opt out.

Do not publish both options. A pixel or advertising SDK cannot be enabled before the selected statement, vendor list, consent logic, Global Privacy Control handling, and any required App Tracking Transparency flow are complete.

Apple treats some linking or sharing of app data with third-party data for targeted advertising or measurement as “tracking,” which can require App Tracking Transparency. Apple User Privacy and Data Use

9. Communications and marketing choices

We may send transactional communications about your account, order, Farm confirmation, substitution, pickup/delivery coordination, payment, safety/recall, support, and policy changes. You may not be able to opt out of certain essential order, safety, fraud, security, or legal notices while using the relevant service.

Email

We may send marketing email only where permitted by law. You can opt out through the unsubscribe link in the message or through [PREFERENCES URL]. We will continue to send non-marketing transactional and legal messages when permitted. Commercial email will include the legally required sender identification, address, and opt-out mechanism. FTC CAN-SPAM guide

Push notifications

If you allow push notifications, we may use them for order updates and, if you separately opt in, promotions or Farm-drop messages. You can change your choice in iOS Settings and the app’s notification preferences. We do not make promotional push notifications a condition of using the Services. Apple App Review Guidelines §4.5.4

SMS

[COMPANY INPUT REQUIRED: no marketing SMS program may launch until this is completed.] If we offer marketing SMS, we will obtain separate, affirmative consent that is not a condition of purchase; identify the program/sender; disclose message frequency, message/data-rate notice, and HELP/STOP instructions; and honor opt-outs. Transactional SMS must remain separate from marketing content. Automated/prerecorded telemarketing texts have additional consent requirements. 47 C.F.R. §64.1200

10. How we disclose personal information

We may disclose personal information to the following categories of recipients:

  1. Selected Farms and fulfillment participants. To process the order you request, coordinate availability, substitutions, pickup/delivery, safety/recall notices, support, and disputes. This may include your name, contact method, order, quantity, order instructions, and pickup/delivery information. Farms are independent businesses and may have their own privacy obligations and notices.
  2. Service providers. Hosting/database, authentication, payment, security, analytics, support, communications, mapping, cloud, and other providers that process information for or with us under appropriate contractual/data-protection arrangements.
  3. AI providers. When you use a feature-specific AI function, the provider identified at the point of use may receive your feature input as necessary to produce the result.
  4. Payment and financial parties. Payment processors, banks, card networks, fraud-prevention providers, and others needed to process, reconcile, refund, dispute, or secure a payment.
  5. Professional advisers and authorities. Auditors, insurers, lawyers, accountants, government authorities, law enforcement, courts, and other parties when we reasonably believe disclosure is required or permitted by law, legal process, safety, fraud prevention, enforcement, or protection of rights.
  6. Corporate transaction participants. A buyer, investor, lender, successor, adviser, or other participant in a merger, financing, acquisition, reorganization, bankruptcy, or asset sale, subject to applicable law and appropriate confidentiality/security measures.
  7. At your direction or with your consent. Other parties you ask us to share information with or authorize.

We require service providers to use information only for appropriate contracted purposes where applicable. A Farm that receives order information to sell or fulfill its products may have independent controller responsibilities; we do not automatically characterize every Farm as our “service provider.”

11. Retention

We retain personal information only as long as reasonably necessary for the purposes described in this Policy, including to provide the Services, meet legal/tax/accounting obligations, resolve disputes, prevent fraud, enforce agreements, and protect security. We consider the nature/sensitivity of the information, the reason for collection, the risk of harm, the availability of less-identifying alternatives, and applicable legal requirements.

Our proposed retention periods are in the Legal Readiness Data Map. Before publication, we will replace those proposals with a technically implemented schedule covering accounts, orders, tax/payment records, consent records, security logs, support cases, AI inputs, analytics, push tokens, and deletion records. We may retain or isolate information for a legal hold, fraud/security investigation, or other lawful need and will delete or deidentify it when the reason no longer applies.

12. Security

We use administrative, technical, and organizational safeguards designed to protect personal information. No system, transmission, or storage method is completely secure, and we cannot guarantee absolute security. Please use a unique password or sign-in method, protect your device, and notify us promptly of suspected account compromise.

13. International processing

Agora Grove is based in the United States. We and our service providers may process information in the United States or other locations where we or they operate. Those locations may have different data-protection laws than your jurisdiction. If we offer the Services outside the United States, we will update this Policy and use an appropriate transfer mechanism where required.

14. Children and age restriction

The Services are for users 18 and older. We do not knowingly collect personal information from children under 13 or knowingly offer the Services to minors. If we learn that we collected personal information from someone under 18 without an appropriate basis, we will take appropriate steps to delete it or otherwise address it. Contact [PRIVACY EMAIL] if you believe this occurred.

COPPA can apply to child-directed services and general-audience services that have actual knowledge of under-13 collection. FTC COPPA guidance

15. Your privacy choices and rights

15.1 Account, preference, and communications controls

Subject to available features, you can update account information, saved addresses, payment methods, notification topics, marketing choices, privacy/recommendation choices, and relevant permissions in the app. You can manage location, camera/photo, microphone, and push permissions through your device settings. You can request a copy of your data or delete your account through the app or [ACCOUNT DELETION URL].

15.2 U.S. state privacy rights

Depending on where you live and applicable law, you may have rights to request access/know, deletion, correction, portability, opt out of certain sale/sharing/targeted-advertising or profiling activities, limit certain sensitive-data uses, and appeal a decision. California provides rights including access/know, delete, correct, opt out of sale/sharing (including through GPC), and non-discrimination, subject to statutory scope and exceptions. California DOJ CCPA

To make a request, use [PRIVACY REQUEST URL], email [PRIVACY EMAIL], or call [TOLL-FREE NUMBER IF REQUIRED]. We may verify your identity and authority before fulfilling a request, and we may ask for information needed to do so. We will respond within the timeline required by applicable law and explain any lawful denial or limitation.

You may use an authorized agent where applicable law allows. We may require the agent to provide written authorization and may ask you to verify your identity directly. If we deny a request, you may appeal by contacting [APPEAL EMAIL / URL] with “Privacy Appeal” and the request reference number. We will explain the appeal result and any further rights available under applicable law.

15.3 Global Privacy Control and advertising opt-out

Where applicable law requires it, we will treat an opt-out preference signal such as Global Privacy Control as a request to opt out of sale/sharing or targeted advertising for the browser/device associated with the signal. If you are logged into an account, we may apply the signal to that account where technically and legally appropriate. Essential processing, security, fraud prevention, and non-advertising operations may continue.

15.4 Non-discrimination

We will not unlawfully discriminate against you for exercising a privacy right. Some features may need information that is necessary to provide them; if you choose not to provide it or ask us to delete it, that feature may not work.

16. Notice at Collection for California and similar laws

At or before collection, Agora Grove provides this notice:

Category collected Business / commercial purposes Categories disclosed
Identifiers and contact information Account, authentication, support, order coordination, communications, security Farms selected for order; authentication, hosting, support, communications, and security providers
Commercial and payment-reference information Order processing, payment, refund, fraud, accounting Farms selected for order; payment processor; hosting/accounting/security providers
Precise location and address Availability, address assistance, pickup/delivery coordination, fraud/security Map/address provider; selected Farm/fulfillment participant as needed
Preference / dietary / allergen information User-requested search/filter/personalization; order assistance Hosting/AI provider for feature you use; selected Farm only if necessary or user-directed; never targeted ads under current proposed position
Internet/device/usage information Service function, security, analytics, diagnostics, improvement Hosting/security/analytics providers; advertising partners only if Option B in Section 8 is selected and controls operate
User Content / image inputs Requested AI/image feature, support, safety, legal compliance Approved AI provider for feature; hosting/support provider
Inferences Recommendations/search relevance, fraud/security, product improvement Hosting/service providers; no targeted ad use without approved program

We do not retain each category longer than reasonably necessary for the disclosed purposes, subject to the Retention section. See Sections 8 and 15 for sale/share/targeted-advertising choices and opt-outs.

17. Account deletion and data export

You can initiate whole-account deletion from the app and [ACCOUNT DELETION URL]. Deletion is intended to remove the account and associated personal data, subject to data we must or may lawfully retain for security, fraud prevention, tax/accounting, payment disputes, legal claims, consent evidence, or legal compliance. Where we retain records, we will isolate, minimize, and/or deidentify them where appropriate.

We may also provide an in-app data export. Export links may be time-limited for security. Account deletion does not itself cancel an accepted Farm order or erase data a Farm independently needs to fulfill a current order or meet its own legal obligations; we will explain the effect at the deletion screen.

Apple requires apps that support account creation to provide an in-app account-deletion path. Apple account-deletion guidance

18. Changes to this Policy

We may update this Policy to reflect changes to the Services, vendors, data practices, legal requirements, or other business needs. We will post the updated version and effective date. For material changes, we will provide additional notice or obtain consent where required. If a change affects how we use a previously collected sensitive input or enables a new AI/advertising use, we will provide the required feature-specific notice and control before that use.

19. Contact us

For privacy questions, requests, or accessibility-related requests about this Policy, contact:

[EXACT LEGAL ENTITY NAME] d/b/a Agora Grove
[POSTAL ADDRESS]
[PRIVACY EMAIL]
[PRIVACY REQUEST URL]
[PHONE / TOLL-FREE NUMBER IF APPLICABLE]

Drafting authority and publication notes

Change log

Version Proposed effective date Change
0.1 [EFFECTIVE DATE] Initial counsel-review draft.