Cropdesk understand how important your personal data is and we are committed to protecting and respecting your privacy. ‘Personal Data’ means any personal information relating to you, or information from which you can be personally identifiable. This might include data such as your name, address, and date of birth for instance. You have a choice over how it is used by organisations such as Cropdesk.
- Who we are
- The data we collect and how we collect it
- Childrens data
- How we process your data
- Lawful basis
- How we store your data
- External links
- Your data rights
- How to contact us
WHO WE ARE
We are Cropdesk Technologies Ltd. We are a company registered in England and Wales with a registration number of 10722615. Our registered office is at Cavendish Suite, 11 Bargates, Christchurch, Dorset, England BH23 1PZ.
Cropdesk Technologies Ltd (“us”, “we”, or “our”) operates the www.cropdesk.com Corporate website, and the applications:
Cropdesk Production (a Cropdesk ‘Service’ found at api.cropdesk.com)
Cropdesk Recruit (a Cropdesk ‘Service’ found at recruit.cropdesk.com)
The Services above are cloud-based applications created with and using Amazon Web Services (AWS), and as such all data processing carried out by Cropdesk Technologies Ltd abide by the AWS terms of service which include a Data Processing Addendum, and GDPR compliance built into AWS by default. Further information can be found at aws.amazon.com/compliance/gdpr-centre.
Address: Information Commissioners Office, Wyecliffe House, Water Lane, Wilmslow, SK9 5AF
Telephone: 0303 123 1113
THE DATA WE COLLECT AND HOW WE COLLECT IT
Cropdesk collects the following personally identifiable information from this website such as (but not limited to):
- Phone number
- Email address
- Company and job position (if applicable)
We collect this data generally through the following circumstances:
- You register online through this website
- Place an order with us
- Complete a ‘Contact Us’ request
- Complete a survey or complete a form we provide you
- Use Cropdesk as a client during Farm Setup
- We may also receive your data a
- At a marketing event such as shows or seminars
On behalf of our customers using our software applications (Services) Cropdesk Production and Cropdesk Recruit we store personally identifiable information about their employees and workers such as (but not limited to):
- Email address
- Date of birth
- Age and gender
- Emergency medical information
- Employment data (such as work performance related information)
This data is collected directly by our customers, who are generally farmers and businesses involved in the Agri-food industry. We ensure our customers are aware of their responsibilities regarding data protection, however it is the responsibility of our customers to inform their employees of what data they hold, what is happening with their data, and their data protection rights under GPDR.
Our Service does not address anyone under the age of 16 (“Children”). We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a children under age 16 without verification of parental consent, we take steps to remove that information from our servers.
HOW WE PROCESS YOUR DATA
Cropdesk collects your data as detailed above to enable us to carry out such business functions as:
- Manage your account as a customer
- Process your orders
- Return your contact request if requested
- Provide you with ongoing support
- Communicate updates to our products
- With your permission, send you relevant marketing information about our business
We will only carry out processing that is necessary for the action being taken, and will only use the minimum data required to carry out that function. We will not store or use data that is not necessary for us to carry out our work.
With your permission we may share your data with our partner companies so that they can offer you their products and services. When we process a customer order, we may send data to (and also use the resulting information from) credit reference agencies for necessary financial business security and to prevent fraudulent purchases.
Under the GDPR, Cropdesk can be both a data controller and a data processor. When we are collecting and processing information gathered directly by ourselves from this website, or by the means highlighted above, we are a data controller. In most cases this will apply to our customers, and to those people who have expressed an interest in our Services.
When we are storing and processing data on behalf of our customers using our Services (Cropdesk Production and Cropdesk Recruit) we are a data processor. In this situation we are not collecting the personally identifiable information ourselves, but being provided the information, storing and processing the information on instructions from our customers.
LAWFUL BASIS FOR PROCESSING
We process your data using the lawful basis under GPDR for processing of Legitimate Interest. This means that through carrying out a balancing test called a Legitimate Interest Assessment (LIA), we have established that we may process your data legally and in full compliance with Data Protection laws.
For our corporate website and offering, an LIA requires that we balance our need to process customers and prospects data, against any potential negative impact on those individuals, their businesses and their data.
For our Services websites and their software, an LIA requires that we balance our need to process the employee/worker personal data that our customers provide us, against the data rights and potential negative impact on those individuals.
In both cases we have established Legitimate Interest is a lawful basis on which we can process. We may, but only if completely necessary, disclose your Personal Information where required to do so by law or in accordance with an order of a court of competent jurisdiction, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.
We may employ third party companies and individuals as sub-processors to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used. All sub-processors are subject to Non-Disclosure Agreements, and Data Processing Agreements with us, and will not disclose or use any individuals personally identifiable information for any reason other than the instructions they have been given by Cropdesk.
HOW WE STORE YOUR DATA
We securely store your data online on a secure Amazon AWS server. We will keep data from Contact Us request forms for 1 year. After this time, your data will be deleted automatically. We will keep data forming part of client accounts for as long as you are a customer and for 6 months following any termination of your account.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
We may also collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics. In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this type of information in order to increase our Service’s functionality. These third party service providers have their own privacy policies addressing how they use such information.
We take the security of all data and personal information extremely seriously. Through its IT contracted partner Lanus d.o.o, Cropdesk is certificated ISO27001, and employs strict and rigorous IT and data security measures as a foundation of the business. Amazon Web Services (AWS) as our cloud service and storage provider are also certificated to ISO27001.
This security includes our vigilance with data transfer. Cropdesk deals with customers globally, therefore data and personal information may be transferred to, and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those within your jurisdiction. This applies to companies both within and outside of the United Kingdom.
By employing Amazon Web Services, Cropdesk is ensuring the highest levels of security of data both at rest and in transit on a global basis. The AWS Term of Service incorporate a GDPR Data Processing Addendum which applies to all companies on a global basis.
YOUR DATA RIGHTS
Cropdesk respects your rights regarding the processing of data we hold about you. We take this very seriously and have outlined your rights and the actions you can take below. In all cases you can contact us using the contact details we provide at the bottom of this policy. We are an open and accessible company and encourage you to approach us with any questions or requests you may have.
You have the right of access
You have the right to request that Cropdesk provide you with details of all the data we hold about you. We are obliged to tell you exactly what data we hold about you, and the source of that data. To exercise this right you must provide us proof of ID and your postal address to ensure we only provide such data to the correct individual.
You have the right to request amendments and corrections
You can request that we amend or correct any information that we hold about you and change your contact preferences at any time.
You have the right to erasure “right to be forgotten”
You can request the total erasure of your details from our database.
You have the right to restriction of processing
You have the right to request that Cropdesk restrict the processing we carry out using your personal information.
You have the right to data portability
You have the right to receive the personal data about you from the controller, and transmit or transfer to another controller without hindrance.
You have the right to object
You have the right to object to Cropdesk processing your personal data, including profiling.
You have the right to object to automated individual decision making
You have the right not to be the subject to a decision based solely on automated processing (including profiling) which would produce a legal effect on you, or would significantly affect you.
HOW TO CONTACT US
Cropdesk will be pleased to answer any questions you may have regarding your data, its use, and your data privacy. Please contact us using the details below, and we will do our best to answer your questions as quickly as possible:
Cropdesk Technologies Ltd
Telephone: +44(0)7525 069644