Cropin global privacy policy

 Last modified: August 21, 2024

Table of Contents

This website, www.cropin.com, and its associated domains, including the Cropin Grow  (SmartFarm Plus), Cropin Trace (RootTrace) and the Cropin Connect (AcreSquare), and the  other Applications (the “Website”) is owned and operated by Cropin Technology Solutions  Private Limited (the “Company”/ “Cropin”, which expression shall, unless repugnant to the  context or meaning thereof, include its representatives, administrators, permitted successors and  assigns), having its registered office at 3rd Floor, 1021 16th Main, BTM 1st Stage, Bangalore,  Karnataka – 560029, India. 

Cropin is a global agri-ecosystem intelligence provider. Cropin’s suite of products enables  various stakeholders in the agri-ecosystem, including financial services providers, to adopt and  drive digital strategy across their agricultural operations. Using cutting-edge technology like  artificial intelligence, machine learning, and remote sensing, Cropin creates an intelligent,  interconnected data platform. Cropin helps organizations digitize their operations from farm to  fork and leverage near real-time farm data and actionable insights to make effective decisions.  Cropin helps agribusinesses bring transparency to their remote farm operations thereby  monitoring progress every day and taking corrective measures immediately and helping business  managers with analytics to get insights into farm data. 

This Global Privacy Policy (the “Privacy Policy”) describes the manner in which Cropin and its  affiliates collect, process, store, share, retain and purge personal information and / or data of its  Customers and Users (the “Processing”) that we receive from You when You visit the Website  and / or use our Services on the Website or which we otherwise collect from You. 

1. Definitions

Application” shall mean the software applications created, developed, and owned by Cropin to  enable access and use of the Service(s) through web, mobile or other handheld devices (such as  apps on iOS or Android devices). 

Business Partner” shall mean and include any third-party service provider duly authorised by  Cropin to provide certain services on its behalf.  

Controller” is a person or entity that determines the purposes and means of Processing  Personal Data, having the authority to decide how and why the data is processed. 

Customer” shall mean and include agribusinesses, corporations, or individuals who have  entered into agreements with the Company to utilize its Services. Unless otherwise specifically  provided, the Customers are generally considered the Controllers of the Personal Data processed,  stored or hosted by Us in the course of providing Our Services. 

Personal Data” shall mean any information that identifies a natural person in accordance with  the relevant data protection laws in Your region and does not include any publicly available  information. It shall however exclude any such information permitted by law to be used with any restriction or bar. For further details on the type of Personal Data collected, please refer to Clause  3. 

Products” shall mean those products and software offered by the Company on the Website. 

Processor” is a person or entity that processes Personal Data on behalf of the Controller,  following the Controller’s instructions and purposes for processing the data. 

Service(s)” shall refer to the services that the Company provides through the ‘Products’,  including but not limited to the software and Application. 

User(s)” means and includes individuals who may or may not be directly associated with a  Customer but use this Website or Application(s). Users under this Privacy Policy could be  prospective employees, employees, visitors, partners, or end-users who interact with the Website  or Application under the purview of the Customer’s agreement with the Company including the  employees and/or field agents of the Customer.  

We”, “Our”, and “Us” shall mean and refer to the Company/ Cropin, the creators of this  Privacy Policy.  

You”, “Your”, “Yourself” shall mean the Customer and/or the User(s) who use the Website.

2. Applicability

This Privacy Policy describes how Cropin collects, processes, stores, shares and retains Personal  Data. 

This Privacy Policy is limited in its applicability only to Your use of the Website. It does not  apply to any Personal Data, so collected by any third parties by virtue of You clicking any third party links on our Website out of Your free volition. In such an event, the Privacy Policy of such  Third-Party website shall be applicable to You. 

This Privacy Policy shall not apply to Personal Data processed, stored or hosted by us when we  act as a Processor on behalf of our Customers in the course of providing our Services, in which  case the privacy statement of the relevant Customer will apply, and our data processing  agreement with such Customer will govern our processing of Your Personal Data.

3. Information collected

We generally collect the following types of information: 

Personal data:

Personal Data such as but not limited to the below: 

Information collected basis the agreement with the customer:

Notwithstanding anything mentioned in Clause 3.1 above, the Customers can ask their users to  submit Personal Data to be submitted to Cropin’s systems using a custom module. The  information collected depends on the Customer’s business needs. Customers are solely  responsible for ensuring only the necessary information is captured. The types of information  stored by Cropin to provide better Services include, but are not limited to, farmer’s education,  assets, plot and crop details, farming practices, fertilizers and pesticides used, and harvest  information. Cropin collects this Personal Data as per the agreement with the Customers.  However, processing-related information is not covered by this policy and is governed by the  Customer’s privacy policy. Any queries about processing-related information should be directed  to the respective Customer. 

Geo-location Information:

Geo-location Information is captured by Cropin based on the Customer’s request. The Customer  can choose to enable / disable geo tracking based on business requirements, and agreement  between the Customer and its user. If You use certain features of Cropin’s Website and  Application, we may collect information about Your user’s location such as Internet Protocol  (IP) address which in turn would enable us to infer the city, region/state, country, continent,  Internet Service Provider (ISP), longitude/latitude coordinates of location, type of connection  (residential, business, etc.), and name of the organisation that owns the connection. 

Usage Information:

Usage Information is captured by Cropin about Your interactions with Cropin’s Website such as the pages viewed on the Website, reports and dashboards viewed, and content viewed via using API’s. We use the following to analyze the data and improve user experience:

Cookies:

We do not store any information other than user-id in cookies. You may decline these cookies by  changing Your browser settings, if permitted. However, do note that this may impact Your  experience in using the Services. 

If You access our Service though our App we will be able to view personally identifiable  information made available through Your wireless device. We may collect Your unique device  identification number and other information made available through Your wireless device.

Non-identifying information:

Whenever You visit our Website, we may collect non-identifying information from You, such as  Your referring URL, browser, operating system, and Internet Service Provider. Without a  subpoena, voluntary compliance on the part of Your Internet Service Provider, or additional  records from a third party such as Your wireless provider, this information alone cannot usually  be used to identify You. 

In accordance with applicable laws, we may also collect and store certain user-related  information whenever You visit our Website which shall include but not be limited to the  following: 

4. Consent

Any consent collected on the Website with respect to the B2B business undertaken by Cropin  with its Customers, shall be pursuant to a service agreement (“Agreement”) entered into  between a Customer and Cropin to collect, process, store, share, retain and purge User Personal  Data, necessary for the provision of Our Services. 

In light of the above, the User is to note that in such circumstances highlighted in clause 4.1, the  Customer is the Controller of the User information and Cropin in furtherance to the Agreement,  acts merely as a Processor. All obligations to obtain the appropriate consent lies with the  Customers in this regard. As per Cropin’s requirements, the Customer must provide a copy of a  consent form to their users. By signing this form, the Customer’s user grants their consent for  Cropin to act as a data Processor. 

When Users directly access or use Cropin Website, Cropin may collect the information  mentioned in Point 3. In this case, Cropin acts as both the Controller and Processor of the  information. Cropin will ask for your consent to collect, use, store, transfer, and delete Your  Personal Data. By clicking “I accept,” you agree to allow Cropin to collect this information.  Your consent will be recorded and considered a legally binding contract between You and  Cropin. 

You shall be entitled to withdraw Your consent at any time by writing to our Data Protection  Officer (the “DPO”) at dpo@cropin.com, which shall not apply in case of any ongoing Services.  

Cropin updates this Privacy Policy from time to time. When we amend this Privacy Policy, we  will place a note on our Website as to when the Privacy Policy was last modified and We may  reobtain Your consent using such format and/or manner as may be required by law from time to  time.

Your continued use of the Website and/or Services available through the Website despite such  Notice shall constitute Your acknowledgement of the modified Privacy Policy and commitment  to abide by the same.

5. External links on the website

We do not allow third parties/individuals to display advertisements when You use the Website or  Application. However, the Application may be configured to include hyperlinks to other  websites, content or resources by You or Your users. We have no control over such external  links present in the Website or Application, which are provided by persons or companies other  than us. 

You acknowledge and agree that We are not responsible for any collection or disclosure of Your  Personal Data by any external websites, companies or persons, nor do We endorse any  advertising, products or other material on or available from such external websites or resources. 

You further acknowledge and agree that We are not liable for any loss or damage which may be  incurred by You as a result of the collection and/or disclosure of Your Personal Data by external  websites, sites or resources, or as a result of any reliance placed by You on the completeness,  accuracy or existence of any advertising, products or other materials on, or available from such  websites or resources. This external website and resource providers may have their own privacy  policies governing the collection, storage, retention and disclosure of Your Personal Data that  You may be subject to. We recommend that before You enter the external website, do review  their privacy policy.

6. Our use of your information

We use your personal data and information as provided below:

7. Disclosure of personal data

We will not use Your Personal Data for any purpose other than for reasons provided in Point 6 above.
We may disclose Your Personal Data in the following instances:
We will not share, sell, or otherwise provide Your Personal Data received from You to any third party without Your consent, except as described herein or as required by law.

We may disclose Your Personal Data in the following instances:

We may share Your Personal Data to Cropin employees, contractors and agents who need to know that information in order to provide Services to You and who are subject to strict contractual confidentiality obligations and code of conduct to ensure protection of information and may be terminated if they fail to meet these obligations.
Although You disclose Your information to Cropin, we use third parties such as contractors and web hosts to assist Us. While We do not currently share Personal Data with other third parties, We may need to do so in the future to provide Our services. For example, if We add a payment processor for transactions, We would need to share Your information to process payments. By agreeing to this policy, you allow us to share Your information with third parties we hire for operating, maintaining, or improving Our Services. You agree not to hold Us liable for their actions, and any legal action for their wrongdoing must be taken directly against them. Third parties We may share information with include:

8. Data transfer

Unless expressly permitted by law and with Your explicit consent, Cropin will not transfer Your Personal Data to any third party, either within or outside the territorial jurisdiction of Your region.
In the event of a merger, acquisition, or change of control of Cropin by another entity, Cropin reserves the right to share and/or transfer all or a portion of Your Personal Data to such entity in accordance with applicable laws. Cropin will not be required to obtain Your express consent or notify You in case of a change of control of Cropin.
Your information is regarded as confidential and shall not be divulged to any third party, unless legally required to do so to appropriate authorities or if necessary to ensure users may fully avail of the services of the Website. We shall not sell, share, or rent your Personal Data to any marketing agencies or any other companies that engage in unsolicited communications. Any communication by us to You shall be undertaken in accordance with our Terms of Service and Privacy Policy.
Cropin stores Personal Data on its databases and on servers in various countries around the world. We may store Your Personal Data on a server located outside the country where You live. The information that you provide, subject to disclosure in accordance with this Privacy Policy and license agreement, shall be maintained in a safe and secure manner. Cropin databases and information are stored on secure AWS servers with appropriate firewalls.
Cropin uses industry-standard physical, technical, and administrative security measures to safeguard all Personal Data, keeping it confidential and secure. Cropin follows ISO/IEC 27001 Information Security Management System Standard to handle and secure the information dealt. We conduct periodic reviews of Our security measures pertaining to our information collection and storage to guard against unauthorized access to systems. While all reasonable efforts will be made to ensure that information submitted by You is safe and secure, Cropin makes no representations, warranties, or other assurances that the security measures are adequate, safe, foolproof, or impenetrable.
As a user of the Services, You have the responsibility to ensure data security. You should use the Services responsibly and not share Your user information, including Your username, password, or account information, with any person. Remember that You are solely responsible for all acts done under the account registered to You.
Your data may be transferred to and stored on computers outside of your state, province, country, or other governmental jurisdiction where privacy laws may not be as protective as those in Your area. If You are outside India and choose to provide information to Us, Cropin may transfer Your Personal Data to locations where Cropin has its servers and process it there. By consenting to this Privacy Policy and submitting Your information, You agree to this transfer. For the data that will be shared by Cropin in light of the agreements signed with Customers, We commit to maintaining a mechanism established that facilitates transfers of Personal Data outside the EU as required by the data protection directive or laws.

9. Public data

Any information that is freely available or accessible in the public domain or furnished under any law for the time being in force shall not be regarded as Personal Data.
We will not be responsible in any manner of whatsoever nature for any unauthorized use, violation or misuse of such publicly available information.

10. Aggregate and non-identifiable data

We may use, process, and disclose de-identified or aggregated non-identifiable information for quality control, analytics, research, development, and other purposes. This information will not identify You individually. When handling de-identified data, We will maintain its de-identified status and not attempt to reidentify it, except to ensure our de-identification methods comply with privacy laws.

11. Children and disabled persons

Our Services are not intended for children. If You are under the age of majority as per applicable laws of your region, or are unable to give consent due to a disability, You may submit Your Personal Data while using the Website only with the express consent of your parent or guardian, as applicable.
In the event of discovery of You being a minor and/or disabled, Cropin shall, without any notice, shall at its sole discretion stop the Services including but not limited to removing Your information from its system and seek such legal remedy as may be prescribed under applicable laws.

12. Data retention and storage

We shall retain Your Personal Data on our servers for such period as may be prescribed by law from time to time or otherwise agreed to by the Customers when we act as a data Processor.
In the event that We are unable to process the Personal Data submitted by You for whatsoever reason(s) or when the purpose of collection and/or processing of Your Personal Data is fulfilled, Your Personal Data shall be deleted unless it is required by us to retain such Personal Data under law and/or as may be required for any internal or external audit purposes.
We are committed to complying with applicable laws to ensure that all measures, so prescribed by law, are taken for storing Personal Data in order to ensure the safety and security of Your Personal Data.
We may store Your data on servers provided by any third-party hosting vendor whom we have a valid contract with.

13. Data purging

Cropin has necessary policies, mechanisms and tools in place to ensure that all Your Personal Data so collected and stored is deleted as soon as the purpose, as described in this Policy is completed, unless otherwise agreed to between the Customer and Cropin or mandated by law to be maintained by Cropin.
Any data destroyed shall be disposed of in a manner that protects the confidentiality of Your Personal Data, in an appropriate manner as per the standards prescribed by law.

14. Data security

We shall take all reasonable measures to prevent unauthorized access, use and disclosure of Your Personal Data.
In furtherance to keeping Your Data safe and secure, Cropin may collect the following information:

15. Accessing, editing and removing your information

Users may review and edit the Personal Data they have provided to Us by placing their request via email to the DPO as per the details mentioned below.

Data deletion:

Cropin stores information in it’s databases for the duration of the contract. If You delete the data using Website, then data is archived in case restoration is required at a later stage. In case any data deletion activity is required to be done, which cannot be done from Website, You can drop an email to dpo@cropin.com and the request would be taken care of by the Cropin team within the time limit as specified in the contract, or in a maximum of 30 days. From time to time, Cropin retains residual information about You in our backup and/or database. Such information would be deleted subject to contractual agreements, provided that region/country’s law permits the same. Post deletion of data, user would have to login as a new user.
Although most changes in information or data collection preferences may change, some information may stay stored on a browser’s web cache or in downloaded excel/pdf documents. We take no responsibility for stored information in Your cache, or in other devices that may store information, and disclaim all liability of such.

Data modification

In case any type of data as listed in clause 3.1 is collected by Cropin or if the Cropin’s Customers share with Cropin any of the data as listed in Clause 3.1, Cropin may allow You to modify Your own data and make corrections / updates as necessary. In case of any data modification activity is required to be done, You can drop an email to dpo@cropin.com. Cropin cannot ensure all Services would work as expected after data modification / deletion, as functionalities dependent on that data might not work in certain cases. Cropin may deny data modification if it is required for compliance of laws of that country.

Consent withdrawal

Where You have provided Your consent to the collecting of Your Personal Data by Cropin’s Customers, You may withdraw Your consent at any time by sending a communication to Cropin at dpo@cropin.com stating that You are withdrawing Your consent. In cases where the Customers have shared any Personal Data for which consent is to be withdrawn, the Customer can directly intimate Cropin’s DPO at the aforementioned email. Please note that the withdrawal of Your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. However, please note that in the event You withdraw Your consent, we cannot ensure the continuity or quality of the Services being provided to You.

Complaints

If You wish to place a complaint with regard to privacy requirements or laws, access any of Your Information or would like to update or correct any errors in Your User Information, please contact Cropin at dpo@cropin.com and also copy the data Controller (Customer who has collected the data) so that we can consider and respond to Your request. All requests will be addressed no later than 72 hours from the date such a request is made.
If You have any questions or complaints about this Privacy Policy or Cropin handling practices, You may send an email at dpo@cropin.com or send mail to:

Attention: Rajesh Jalan (DPO)

Cropin Technology Solutions Private Limited
3rd floor, 1021, 16th Main Road,
BTM 1st Stage, Bengaluru, Karnataka 560029

16. Cookies

We use data collection devices such as “cookies” on certain pages of our Websites. “Cookies” are small files sited on Your hard drive that assist us in providing customized Services. We also offer certain features that are only available through the use of a “cookie”. Cookies can also help us provide information’ which is targeted to Your interests. Cookies may be used to identify logged in or registered Users. Our cookies store only username, and no other tracking information.
The Website also has enabled the Google Analytics, which allows Google to collect data about Users on our Website, in addition to anonymous identifiers. You may choose to opt out of this by sending an email to Cropin.

17. Commercial/non-commercial communication

By providing Your contact information to the Website, You consent to being added to our email list. This allows Us to periodically send You communications and updates. However, You may unsubscribe from Our communications by notifying Cropin that You no longer wish to receive solicitations or information and We will endeavor to remove You from Our database where You have the right to request this under our Privacy Policy, or applicable law, or where We voluntarily decide to grant the request.

18. Severability

Each paragraph of this Privacy Policy shall be and remain separate from and independent of and sever-able from all and any other paragraphs herein except where otherwise expressly indicated or indicated by the context of the agreement. The decision or declaration that one or more of the paragraphs are null and void shall have no effect on the remaining paragraphs of this Privacy Policy.

19. Amendment

Like our Terms of Use, we may amend this Privacy Policy from time to time. When we amend  this Privacy Policy, we will place a note on our Website as to when the Privacy Policy was last  modified. You must agree to the amendments as a condition of Your continued use of our  Website and Service. If You do not agree, You must immediately cease using our Website and  Service and notify us of Your refusal to agree by emailing us at dpo@cropin.com.

20. Dispute resolution & governing law

Any dispute or grievance remaining unresolved for a period of over 30 (thirty) business days, post exhausting grievance redressal mechanism, may be resolved by referring such disputes to the relevant Data Protection Authority (the “DPA”) as may be notified in Your region in this regard.
This Privacy Policy shall be governed by the laws governing data protection and privacy within Your local jurisdiction.
Additional information for EU citizens

21. Data controller and contact information

The Controller for Personal Data collected under this Privacy Policy is the relevant Cropin entity in Your country, having its registered offices at the Hague Humanity Hub, Alexanderveld 5, Office 3.05, 2585 DB, the Hague, the Netherlands.
If You are using Cropin B2B Services administered by Your company, Your company may be the Controller for Personal Data collected by those Cropin B2B Services. Please contact Your company for more information.
You can reach Cropin’s European Data Protection Officer at:
Attn. EU data protection officer
The Hague Humanity Hub, Alexanderveld 5,
Office 3.05, 2585 DB, The Hague, The Netherlands.

Email: dpo@cropin.com

22. Cropin’s lawful basis for processing your personal data

The lawful basis for Cropin’s processing of Your Personal Data depends on the purposes of the processing. Generally, the basis is the necessity for Cropin’s legitimate business interests. For contracts or potential contracts, the basis is the necessity for performance or pre-contractual steps. For legal obligations, we share Personal Data with law enforcement or governmental bodies as required. Consent is used as the basis where appropriate or required by law, for example, before collecting precise location data from Your mobile device.
We process Your Personal Data for reasons as provided in Clause 6.
When processing is based on contract performance in furtherance to any agreement with Customers, these include online transactions where You purchase a Service from Cropin through its Website.
When processing is based on consent, these include:
When processing is based on legal obligations, these include:

23. Retention of your personal data

To determine the retention period for Your Personal Data, Cropin considers criteria such as: a. Legal requirements for data retention.

24. Cross border data transfer

In order to provide our Services, Your Personal Data may need to be stored in locations outside of Your local jurisdiction. Before transferring Your Personal Data to any of our servers outside of Your local jurisdiction, Cropin will ensure all required transfer mechanisms are in place to make available an adequate level of protection for the transfer of Your Personal Data or take “express consent” by providing a detailed notice to You, including any threats that may ensue due to the non-availability of appropriate transfer mechanisms for the transfer.

25. Your individual rights

In accordance with EU laws, You have the following rights with respect to Your Personal Data: a. The right to access Your Personal Data
Cropin will use its best efforts to address and settle any requests or complaints brought to its attention. In addition, You have the right to approach the competent data protection authority with requests or complaints. The overall competent supervisory authority for Cropin in Europe is:
Autoriteit Persoonsgegevens (“Dutch Data Protection Authority”)
If You wish to make a request to exercise Your rights, we will respond within thirty (30) days, with a possible extension of sixty (60) days if necessary. You can exercise Your rights by writing to DPO.
Additional information for U.S. Residents in certain states (Including California)
This section provides additional details for residents in specific U.S. states, including California, regarding Your privacy rights under applicable laws, such as the CCPA.
For Personal Data processed on behalf of a Customer, where we act as a Processor or Service provider, we will assist that Customer in responding to Your privacy rights requests. You should submit such requests directly to the relevant Customer or include them in Your correspondence with us.
The collection, use, and disclosure of Personal Data depend on our relationship and interactions with You. The table below outlines the categories of Personal Data we generally collect (and have collected in the past twelve months for California residents), and the third parties to whom we may disclose this data for business or commercial purposes, however, it must be noted that Cropin does not sale or share Personal Data with any third party for any monetary benefit. In some cases, We may seek Your consent or provide You with choices before collecting or using certain Personal Data.
Satellite Monitoring Category of Third Party Business Purpose for Disclosure
Financial Information Payment Gateways Processing payments and transactions
Email and SMS Information Email and SMS Gateway Communication and notifications
All Personal Data Stored on AWS Servers AWS Servers Secure data storage and management.

26. Sensitive personal information

We only use and disclose sensitive personal information, as authorized by applicable law, such as to provide requested Services, ensure security, detect and respond to fraud, comply with legal obligations, and with Your consent.

27. Exercising your privacy rights

Subject to limitations and exceptions under applicable law, verified residents in certain U.S. states (including California) may have additional privacy rights. You can exercise these rights by contacting us at dpo@cropin.com:
Cropin will use its best efforts to address and settle any requests or complaints brought to its attention. In addition, You have the right to approach the competent data protection authority with requests or complaints. This can be the supervisory authority in the country or federal state where You live. The overall competent supervisory authority for Cropin in California is:
California privacy protection agency
ATTN: PRA coordinator
Scroll to Top
?
?
?