Privacy Policy
Verdalio is a local-first growing platform. This policy explains what data we do and do not handle, and how our privacy-by-design posture backs the claims we make on the rest of this site.
Last updated: 6 July 2026. Early access — this policy may be refined before general availability.
The short version
- Your hub runs locally. Core automation, sensor readings, recipes, and device control happen entirely on your own Raspberry Pi. None of it is sent to us to make your plants grow.
- The cloud is optional. You only ever create a cloud account if you choose a cloud feature — remote access, away-from-home push notifications, or cloud backup. Everything else works with no account and no internet.
- We store as little as possible. Where the cloud is involved, we hold the minimum needed for that feature and nothing more.
What runs on your hub, not our servers
Your Verdalio hub is the source of truth for your grow. Sensor telemetry, the recipes you run, your automation logic, device pairings, and your day-to-day monitoring all live on the hub on your local network. We never receive that data unless you explicitly enable a cloud feature that requires it (for example, cloud backup, which you turn on deliberately).
Automation copy — alerts, notifications, guidance — travels as stable codes and structured values, not free prose we store about you. The app renders the human wording locally.
Data we handle when you use a cloud feature
- A cloud account. If you enable a paid cloud feature, we store your email address, a securely hashed password, and a display name. Accounts are created in the app, never on this website. Each hub has its own account.
- Subscription state. Whether your Cloud Access is active, so we know which cloud features to permit.
- A hub trust anchor. Your hub registers a public key with us so the app can reach it securely through the relay. We never receive your hub's local password; authentication is still validated locally.
- Newsletter signups. If you subscribe to launch updates on this site, we store your email address and the page you subscribed from, via our email provider. You can unsubscribe at any time from any email we send.
Anonymous, aggregated community data (opt-in)
Some features can, if you choose to opt in, contribute anonymous, aggregated data — for example, how well a recipe performed across many growers. This is strictly opt-in, defaults to off, and carries no personal identifiers, location precise enough to identify you, sensor detail, or photos. We enforce minimum-contributor thresholds before any aggregate is shown, and we discard the individual records after aggregation. Turning the opt-in off excludes you immediately.
AI stays on your hub
The Magdi AI assistant runs locally with your own API key. Your prompts and your grow data are not proxied through our servers for AI, and we never hold your AI provider key. There is no cloud inference path.
Your rights
You can request a copy of your cloud account data (data export) and delete your account and its associated cloud data at any time from the app. Deleting your account removes your cloud registrations, device tokens, and subscription records.
Third parties
We use a small number of infrastructure providers to run the cloud service — hosting, object storage, an email provider, and push-notification delivery. They process only what is needed to deliver the feature you enabled, and only on our instructions.
Contact
Questions about privacy? Email privacy@verdal.io.