Privacy Policy

Last updated: June 11, 2026

Who operates Seedling

The Seedling business management platform (the “Service”) is offered and operated by Seedling Systems LLC, a Domestic Limited Liability Company organized in Hawaii, United States (Hawaii Business Registry File No. 369196 C5).

In these documents, “Seedling” refers to the Service and software product. “We,” “us,” and “our” refer to Seedling Systems LLC. Learn more about the company at https://seedlingsystemsllc.com. Other software products offered by Seedling Systems LLC may be described on that site; each product may have its own terms where applicable.

Introduction

Seedling Systems LLC ("we," "our," or "us") operates the Seedling platform and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our business management platform and related services.

By using Seedling, you agree to the collection and use of information in accordance with this policy. We collect certain information to operate, secure, and improve the Service for our own internal use by Seedling Systems LLC. We do not sell, trade, or rent your personal information to third parties for marketing or advertising purposes.

This Privacy Policy applies to your use of Seedling on the web and in our mobile or installable application (including any version distributed through an app store, such as the Google Play Store). It does not replace privacy policies of other websites or products you may access separately (for example, our company site at https://seedlingsystemsllc.com).

Data Controller

For personal information processed in connection with the Seedling Service, the data controller is Seedling Systems LLC, organized in Hawaii, United States. See Legal Information for how to contact us without publishing direct email or street addresses on this product site.

Information We Collect

Personal Information

  • Name and contact information (email address, phone number)
  • Organization details and business information
  • Payment and billing information (processed securely by Stripe; we do not store full card numbers)
  • Profile information and preferences
  • Communication history with our support team

Usage Information

  • Log data (IP address, browser type, access times, pages viewed)
  • Approximate location signals such as browser language/locale and, where available from our infrastructure, an inferred country or region code (we do not use this to serve ads)
  • Device information and technical specifications
  • Usage patterns and feature interactions
  • Error reports and performance data
  • Internal product analytics (for example, sign-up source, session activity, and coarse geographic or locale trends) used only to understand how the Service is used and to improve reliability and features

Business Data

  • Customer, contact, and vendor information you enter
  • Invoice, payment, expense, and financial transaction records
  • Project, task, booking, and calendar information
  • Product catalog data, including digital files and download links you upload for delivery
  • Community posts, organization public page content, and resource listings
  • Team member information, roles, and permissions
  • Buyer and patron purchase history, download access logs, and refund requests
  • Files you upload (images, receipts, logos, digital goods, and similar attachments)

Device, Integration, and Notification Data

  • Browser push notification subscription endpoints and related metadata when you opt in
  • Google account tokens and calendar event data when you connect Google Calendar
  • API or operator tokens you create for integrations, and related usage metadata
  • AI assistant prompts and responses when your Organization enables AI features (processed using credentials you provide)

Organization Data and Roles

If you use Seedling on behalf of an Organization, we process personal information about you and your Organization's customers, patrons, buyers, and contacts to provide the Service.

For most information your Organization stores about its own customers and end users, your Organization is the controller and Seedling Systems LLC acts as a processor/service provider on your Organization's instructions, as described in our Terms. Your Organization is responsible for lawful collection, notices, consents, and responding to data subject requests for that information.

For account registration, billing, platform security, abuse prevention, and operation of Seedling itself, Seedling Systems LLC is the controller. See our Data Processing Agreement (DPA) for processor obligations when we handle your organization’s customer and contact data.

How We Use Your Information

  • Provide and maintain our services
  • Process payments and manage subscriptions
  • Send important service updates and notifications
  • Provide customer support and respond to inquiries
  • Improve our platform and develop new features, including internal analytics on usage, performance, and coarse geographic or locale trends
  • Ensure security and prevent fraud
  • Deliver digital purchases, patron benefits, and organization-specific notifications you configure
  • Operate optional AI, calendar, payment, and automation integrations you enable
  • Detect abuse, enforce policies, and respond to legal requests regarding uploaded or published content

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties for advertising or marketing purposes, and we do not use your information to build advertising profiles or show third-party ads in Seedling. We may share your information in the following limited circumstances:

  • Service Providers: With trusted third-party services that help us operate our platform (e.g. payment processing, hosting, email, support tools). See "Third-Party Services" below for key providers.
  • Legal Requirements: When required by law or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Consent: With your explicit consent for specific purposes

Third-Party Services

We use the following third-party services. Their handling of data is governed by their own privacy policies:

  • Stripe. We use Stripe for subscription billing and, where enabled, Stripe Connect for organization checkout. Payment data you submit is processed by Stripe in accordance with Stripe's Privacy Policy and Stripe's Terms.
  • Square. Where configured, some payment flows may use Square under Square's terms and privacy policy.
  • Google. We may use Google sign-in, Google Calendar sync, and Google reCAPTCHA. Use is subject to Google's Privacy Policy and Google's Terms of Service. Calendar sync sends event data you choose to synchronize between Seedling and your Google account.
  • Anthropic. If your Organization enables the AI assistant with your own API key, prompts and relevant organization data needed to answer or perform actions are sent to Anthropic under Anthropic's terms and privacy policy. We store your encrypted API key to provide the feature.
  • SafeNode. Certain automated or AI-assisted write actions may be evaluated by SafeNode for policy and abuse prevention when enabled.
  • Hosting and infrastructure. We use hosting, email, storage, logging, and support providers to run the Service. Digital files you upload are stored on our infrastructure (or storage we control) to provide download delivery.

We may update this list as integrations change. Material new subprocessors will be reflected here when appropriate.

Push Notifications

If you opt in to browser or device push notifications, we store a push subscription endpoint and related technical data so we can deliver alerts about tasks, invoices, bookings, and other Service events. You can disable notifications in your browser or device settings and through in-product controls. Push delivery may rely on your browser vendor or operating system.

Uploaded and Published Content

When you upload files or publish organization content, we process and store that material to provide the features you use (for example, delivering a digital product to a buyer, displaying a public page, or attaching a receipt to an expense).

We may access, preserve, or disclose uploaded or published content if we believe doing so is reasonably necessary to comply with law, enforce our Terms, respond to abuse reports, protect safety, or address technical or security issues. See our Terms of Use for prohibited content and copyright reporting.

Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Secure data centers and infrastructure
  • Employee training on data protection

Cookies and Tracking

We use functional cookies and similar technologies to:

  • Maintain your session and preferences
  • Remember your login status
  • Improve website functionality and performance
  • Analyze usage patterns to enhance our services

We do not use tracking cookies for advertising purposes or sell user data to advertisers. You can control cookie settings through your browser preferences. Where required by law (e.g. in the EEA/UK), we will obtain your consent for any non-essential cookies before they are placed.

Legal Basis for Processing (EEA/UK)

For users in the European Economic Area and United Kingdom, we process personal data based on: (a) contract—to provide the Service and perform our agreement with you; (b) legal obligation—where required by law (e.g. tax, fraud); (c) legitimate interests—to operate, secure, and improve our Service, and to prevent fraud; and (d) consent—where we ask for your consent (e.g. optional communications). You may withdraw consent at any time where it applies.

Your Rights

You have the following rights regarding your personal information:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Withdrawal: Withdraw consent where applicable

To exercise any of these rights, contact us using the options in the Contact Us section below. We will respond within the time required by applicable law (for example, within 30 days where required). You may also have the right to lodge a complaint with a supervisory authority in your country.

US State Privacy Rights (California and Others)

Residents of California and certain other US states may have additional rights, such as the right to know, delete, correct, or limit use of personal information, and the right to non-discrimination for exercising these rights.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. To exercise your state privacy rights, contact us using the options in the Contact Us section below.

Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. When you delete your account, we will delete or anonymize your personal information, except where retention is required for legal, security, or business purposes.

When you delete an organization you own, we remove that organization and associated business records from our primary application database without a built-in “undo” or 30-day trash window in the product. Uploaded digital files and other organization content are deleted as part of that process, subject to backup retention described below.

Standard database backups and infrastructure logs may retain copies for a limited period consistent with our security and operations practices; those copies are not exposed as a self-service restore for deleted organizations.

We recommend exporting any invoices, reports, or other records you need before deletion. If you require assistance after deletion (for example, legal or tax holds), contact support; we cannot guarantee recovery of data once removed from production systems.

Children's Privacy

Seedling is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your information.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, want to exercise privacy rights, or need to reach Seedling Systems LLC about the Seedling Service:

Privacy & legal inquiries

You do not need a Seedling account to contact Seedling Systems LLC. use the contact options on our company website (we do not publish a direct email or street address here to reduce spam and automated scraping).

Seedling Systems LLC — contact

Privacy & legal email

For privacy requests, legal notices, and formal inquiries. Click the address below to copy it (not a mailto link, to deter bots):

Copyright & DMCA notices

To report copyright infringement on Seedling, send a notice with the information listed in our Copyright and Takedown section to the legal email above or through a support ticket if you have an account.

For formal legal service or registered-agent correspondence, consult your counsel on whether a physical address must appear on this product site. By default we route inquiries through the channels above rather than posting addresses or clickable email links.