This Privacy Policy (the “Privacy Policy” or “Policy”) describes AGRI IOT Group Ltd. (“Agri IOT”, “we”, “our”, or “us”) practices for processing Personal Data on our applications (“Application“).  

When we use the term “Personal Data” in this Privacy Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual.

We collect, use, process, share and store Personal Data concerning individuals who use and access our services (“End User“). End User can be customers of our business customers, customers’ employees, representatives, administrators or other individuals authorized by our business customers to access and use the Application. End Users can also be individuals who have downloaded the app and contacted us directly.

End User data can be one of the following categories:

(1)   Private User Data means any Personal Data of our private customers’ who directly engage with Agri IOT (hereinafter, “Private User“). 

(2)   Business User Data means Personal Data concerning end user of our business customers (hereinafter “Business User“).

(3)   Business Contact Data means Personal Data concerning our business customers’ (who directly engage with Agri IOT) internal persons and representative (hereinafter, “Business Contact“).

We processes these categories of personal data differently because the direct relationship we have with our Private User, is different from the indirect relationship we have with the Business User of our business customers.

Read this Policy and make sure you fully understand our practices in relation to your Personal Data, before you access or use our Application. If you opposed to our practices, you must immediately leave this Application, and avoid or discontinue all use of the services. If you have further questions or concerns regarding this Privacy Policy please contact us at: [email protected].

This Privacy Policy is divided into the following sections:

Section 1              DATA CONTROLLER/DATA PROCESSOR

Section 2              LEGAL BASIS FOR PROCESSING

Section 3              PERSONAL DATA WE COLLECT WHEN YOU USE OUR SERVICES AND PURPOSES

Section 4              COOKIES          

Section 5              WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

Section 6              Transfer of Personal Information outside Your Territory

Section 7              Rights regarding Personal DATA

Section 8              Data Retention

Section 9              INFORMATION SECURITY

Section 10           CHANGES TO THIS PRIVACY NOTICE

Section 11           CONTACT

1.    DATA CONTROLLER/DATA PROCESSOR

The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR“) distinguishes between the data controller, who determines the purposes and means of processing; and the data processor, who processes the data on behalf of the data controller.

Below we explain how these roles apply to our Application:

1)     When Private User enters into a service agreement directly with us (i.e., B2C relationship), we process Private User Data for ours own purposes, as an independent data controller and we assume the responsibilities of data controller, as set forth in this Privacy Policy detailed in section ‎3.1.

2)     Agri IOT is also data controller of Business Contact Data. With respect to such Data, we assume the responsibilities of data controller, as set forth in this Privacy Policy.    

3)     When the user does not enter into a service agreement directly with us but rather through our business costumer (i.e., B2B relationship), we process Business User Data as a data processor and on behalf of our customer who is the data controller of such data. In this case we processes Business User Data strictly in accordance with our business customer’s reasonable instructions. Notwithstanding, Agri IOT is the data controller of Business User Data collected through cookies, as detailed in section ‎4 below.

Our business customers are solely responsible for determining whether and how they wish to use our services, and for ensuring that all individuals using the Application on their  behalf or at their request, as well as all Business User Data  that may be included through the services (whether Agri IOT is a processor regarding such data), have been provided with adequate notices and given informed consent to the processing of their Personal Data, where such consent is necessary or advised, and that all legal requirements applicable to the collection, recording, use or other processing of data through our Application are fully met concerning such Business User Data.

2.    LEGAL BASIS FOR PROCESSING

We only process personal data where we have a lawful basis to do so. The lawful basis will depend on the reasons we collected the personal data and purposes we use your personal data, and may differ according to applicable data protection laws.

The lawful basis for processing will be: (a) If you are based in Israel, when you gave us your consent for processing data for one or more of the purposes listed above; or, (b) when processing is required in order to take actions based on your request; (c) If you are based in the EU/EEA, where we have a legitimate interest to process the your data. For example, to identify and prevent abuse of the Application or to ensure the security of the Application; and (d) To comply with any legal obligation that may apply to us. For example, to disclose information to competent authorities.

3.    PERSONAL DATA WE COLLECT WHEN YOU USE OUR APPLICATION AND PURPOSES.

3.1.   Private User Data and Business User Data

If you are Private User, when you sign up for an account with us and use our Application, we ask you to provide us with the following Personal Data:

·        Identification data (e.g., first name, last name);

·        Contact details (e.g., phone number, email address);

·        Payment information – for Private User Data only (e.g., bank account, credit and your billing address).

·        Electronic network activity information/”Cookie” Data (e.g., connectivity; date and time of the use; time and length of the use; device data (like type, OS, device id, locale and language settings used, operating system); activity log; session recordings; log-in credentials to the Application). To collect this data we use cookies and other tracking technologies (for more information please see section ‎4 below).

If you are a Business User, please note that our business customer has provided us with your Identification and Contact data (as details the above), and we ask you to provide us with your Electronic network activity information (including your location);

The types of location data we collect depends in part on your device and account setting. For example, depending on your selected device settings and/or your account settings we may collect information about your location also while you are not using the Application.

Please note that you must turn on your location to access the Services, otherwise we will not be able to provide you with the services.

3.2.   Business Contact Data

In order to provide our Business Customers with the services, they shall provide us with personal data concerning their internal persons and facility management teams, for example:

·        Identification data (e.g., first name, last name, address, country); 

·        Contact details (e.g., email, phone number);

·        Business details (e.g., company’s name, job title);

·        Communications (e.g., correspondences, calls);

3.3.  For what purposes do we use your Personal Data?

Business User Data that we process on behalf of our business customers are processed according to our customer’s requestsand  instructions. Therefore, our business customers, as data controllers are responsible for determining the purposes and legal basis of such data.

Notwithstanding, we act as a Controller of Cookies Data of Business User when we process such data for the following purposes:

4.    COOKIES POLICY

This policy explains how we uses cookies (or other tools) and your related choices. For more information, please see our Privacy Policy: https://www.croptune.io/cookie-policy.

5.    WITH WHOM DO WE SHARE YOUR PERSONAL DATA

We may share the Personal Data collected for the provision of the services in the following instances:

·        With service providers: We share your Personal Data with our IT support and cloud and hosting providers for the purpose of assisting us in providing the services.

·        With analytics providers: We share your internet and other electronic network activity information with third party analytics providers that conduct analytics on our Applicaion.

·        In the event of a corporate reorganization: In the event that we enter into, or intend to enter into, a transaction that alters the structure of our organization, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our assets, we would share your Personal Data with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We will also share your Personal Data with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.

·        For legal purposes: We will share your Personal Data where we are legally required to do so, such as in response to tax obligations, court orders, law enforcement or legal process, including for national security purposes; to establish, protect, or exercise our legal rights, as required to enforce our terms of use or other contracts; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person; or to comply with the requirements of any applicable law.

6.    Transfer of Personal Information outside Your Territory

We store, process or maintain Personal Data in various sites worldwide, including through cloud-based service providers. Where applicable, such as Personal Data originating from Israel, by using AGRI IOT’s Application, you hereby provide your informed consent to the transfer of your Personal Data to countries outside your state or country to countries in which the level of data protection may not be as protective as the level in your country.

When we transfer Personal Data from within the European Economic Area (EEA) to countries that are based outside the EEA, we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to Personal Data being transferred outside of the EEA, this may be done in one of the following ways:

·        The country that we send the Personal Data to is approved by the European Commission as offering an adequate level of protection for Personal Data;

·        in the absence of an adequacy decision, other legally permitted safeguards such as the EU Commission Standard Contractual Clauses (in the relevant module) for the transfer of Personal Data to third countries, adopted by the European Commission via its implementing decision of 4 June 2021, or any set of clauses approved by the European Commission which amends, replaces or supersedes the SCCs; or –

·         

Further details on the steps we take to protect your Personal Data, in these cases, is available from us on request by contacting us by email at [email protected].

7.    Rights regarding Personal DATA

Individuals have rights concerning their Personal Data.

0If you are based in the EEA, you are entitled to request us to:

·        access your Personal Data in order to obtain clear, transparent and understandable information on how we process your Personal Data and on your rights (as provided in this Policy), as well as a copy of your Personal Data;

·        rectify your Personal Data in case your Personal Data are obsolete, inaccurate or incomplete;

·        object the processing of your Personal Data when the processing is based on Agri IOT’s legitimate interest. Agri IOT will no longer process your Personal Data unless Agri IOT demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, such as the respect of a legal obligation (e.g. legal obligation involving the retention of documents), or for the establishment, exercise or defense of legal claims;

·        in certain circumstances under applicable laws, restrict the processing of some of your Personal Data during a limited period of time;

·        withdraw your consent when it has been obtained and processing is based on consent;

·        in certain circumstances under applicable laws, request data portability, meaning that you can receive the Personal Data originally provided by you in a structured and commonly used format or that the data subject can request the transfer of the Personal Data provided by him or her to another data controller;

·        in certain circumstances under applicable laws, delete your Personal Data (also known as the right to be forgotten);

·        lodge a complaint with your national data protection authority.

If you are based in Israel, you are entitled to request us to:

·        review your personal data that we process;

·        update, amendment, and deletion of personal data which is incomplete or outdated.

If you have any question or you want to exercise any of your rights concerning Business User Data, please contact to our customer (which you engage with). Our customers, as data controllers are responsible for answering and implementing your request to exercise your rights concerning Business User Data. If you send your request to us, we will transfer it to the relevant business, in accordance with our agreement with such customers. You may also send your request to exercise your rights directly to our customer. If notwithstanding the above, from some reason, you need our help to exercise your rights, you may contact us any time at: [email protected].

If you have any question or you want to exercise any of your rights concerning Private User Data please contact us. When you ask us to exercise any of your rights under this Policy and the applicable laws, we may need to ask you to provide us with certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of Personal Data which is related to others that you are not authorized to receive, and to ask you questions to understand better the nature and scope of data that you request to access.

If you have a complaint about how we use your Personal Data (for which we are the controller), we would always prefer you to contact us first. However, you may also make a complaint to your local data protection authority in the EEA country where we are based or where we monitor your behavior. If you are unsure which data protection authority to contact, please contact us at [email protected].  

8.    Data Retention

When we act as a controller concerning Personal Data, the length of time we store your Personal Data depends on the purposes for which we collect and use it; as long as we deem it reasonably necessary in order to maintain and expand our relationship and provide you with our services; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy.

Our business customers, as data controllers of Business User Data are responsible for determining the retention period. Therefore, we will process the personal data under their instruction and will delete it in accordance with our data processing addendum or other agreement with such customer. If you have questions or concerns regarding our customer data retention period, please contact the respective customer directly.

9.    INFORMATION SECURITY

We implement technical and organizational measures, such as access controls and encryption, to protect Personal Data, in particular against potential data breaches, either by accident or unlawfully, and against the destruction, loss, modification, unauthorized access or divulgation.

However, no security measure or modality of data transmission over the Internet is 100% secure and we are unable to guarantee the absolute security of the information we have collected from you.

10. CHANGES TO THIS PRIVACY NOTICE

We may change this Privacy Policy from time to time. We will post the changes to this page and will indicate the date the changes go into effect. If we make changes that materially affect your privacy rights, we will notify you via email and obtain your consent, if required.

11. CONTACT

If you have any specific questions about this Privacy Notice, you can contact us via email [email protected] or telephone by calling +972-747373737.

Last Updated: August 4, 2024

Copyright © 2024, Agri IOT Ltd. All rights reserved