Agdatahub's privacy policy

Version AGDATAHUB-PC-2023-01, published the 1st january 2023

Agdatahub accorde une grande importance à la protection des données à caractère personnel et porte une attention toute particulière aux informations (« Données Personnelles ») que vous lui transmettez lorsque vous utilisez les sites internet Agdatahub et la plateforme pour les Produits EXCHANGE, CONSENT et CONNECT (la « Plateforme »).

The "Sites" define the following websites:

The "Platform" includes the following products ("Products"):

  • Produit EXCHANGE : désigne les services d’intermédiation de données pour gérer les échanges entre abonnés au sein des filières agricoles et agroalimentaires, accessible à l’adresse suivante : https://platform.api-agro.eu/
  • Produit CONSENT : désigne la gamme des services fonctionnels et techniques Connect, Consent et Verif, basés sur l’Identité Numérique Agricole dédiée aux exploitations agricoles. Ces services sont disponibles en ligne (portail web agriculteur et portail partenaire) pour les membres accessibles à l’adresse suivante : https://agritrust.fr et via une application mobile dédiée aux exploitations agricoles.

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and the Act of January 6, 1978 relating to data processing, aux fichiers et aux libertés modifiée (together the
"Regulations"), the purpose of this privacy policy is to inform you of how Agdatahub uses and protects your personal data (the "Privacy Policy").

1. Identity and contact details of the data controller

The data controller is Agdatahub SAS, headquartered at 9, avenue George V, 75008 PARIS - France.

If you have any questions about this Privacy Policy or about the processing of your Personal Data by Agdatahub :

Agdatahub
9, avenue George V
75008 PARIS
+33 1 87 16 41 66
Mail : dpo@agdatahub.eu

2. Purposes of processing

Agdatahub processes your Personal Data for the following purposes:

  • Processing of a commercial information request issued by a Subscriber via its Members (as these terms are defined in the General Terms and Conditions of the AGDATAHUB Platform) via the Sites;
  • Processing a quotation request made by a Member via the Sites ;
  • Subscription to the newsletter issued by the Sites ;
  • Create and manage your Subscriber, Member or Farmer account on the Platform;
  • Access to functional support and technical assistance for the Platform ;
  • Payment management for purchases made via the Platforms ;
  • Processing appointment requests with an Agdatahub employee;
  • Gestion des paiements des Abonnements aux Produits EXCHANGE et/ou CONSENT ainsi que des prestations de services spécifiques.

3. Processed data

Which Personal Data?

Agdatahub processes the following Personal Data:

  • For processing information requests : email address, surname, first name, company, job title, business telephone ;
  • For quote request processing : email address, last name, first name, company, position, business phone ;
  • To subscribe to the newsletter on the Site: email address, last name, first name ;
  • To create your Subscriber, Member or Farmer account on the Platform: email address, last name, first name, business telephone number, postal address ;
  • Functional support and technical assistance for the Platform: email address, last name, first name, business telephone number.
  • For online payment of subscriptions and services via the payments service Stripe: surname, first name, credit card number, email and cell phone number

 
When?

We collect the information you provide us when:

  • create your Subscriber, Member or Farmer account on the Platform;
  • you create an Agricultural Digital Identity ;
  • you subscribe to a Subscription (as defined in the General Terms and Conditions of the AGDATAHUB Platform) via the Platform;
  • you contact Agdatahub functional support or technical assistance;
  • you write a comment ;
  • you communicate by message with a member of the Platform.

The compulsory or optional nature of the data is indicated at the time of collection by an asterisk. Some data is collected automatically as a result of your actions on the site (see paragraphs "Cookies" and "Processing by the EXCHANGE Product Manager" below).

In order to strengthen trust between Subscribers, Members or Farmers registered on the Platform, Agdatahub may ask you to confirm your identity by Linkedin authentication. When authenticating via Linkedin, you agree to give Agdatahub access to certain information in your profile (surname, first name and profile photograph).

4. Legal base for processing

The applicable legal bases are as follows:

  • The contract: processing is necessary for the performance of your contract with Agdatahub or for the performance of pre-contractual measures taken at your request ;
  • Consent: for any processing that is not necessary for the performance of your contract with Agdatahub or the performance of pre-contractual measures taken at your request, you agree to the processing of your Personal Data by means of express consent (check box, click...). You may withdraw this consent at any time.

5. Recipients

Your Personal Data are only transmitted to the subcontractors and suppliers that Agdatahub uses to ensure:

  • distribution of the Site newsletter and related marketing information (events, user club....);
  • contact, leading to a commercial quote;
  • management, maintenance and hosting of the Platform;
  • access to functional support and technical assistance on the Platform;
  • processing payment transactions.

Under no circumstances will your Personal Data be sold.

6. Shelf life

Agdatahub will retain your Personal Data for as long as necessary to fulfill the purpose(s) described in the "Data Processed" paragraph.

En tout état de cause, la durée de conservation de vos Données Personnelles n’excédera pas trois (3) années, à partir de la fin de l’Abonnement (pour les Abonnés, ayant souscrit à un Produit EXCHANGE et/ou CONSENT) ou à partir de la dernière communication (pout toute autre personne),  sauf durée de conservation plus longue qui serait requise par la Réglementation ou par une agence administrative ou judiciaire compétente. A l’expiration de la durée de conservation, ou à votre demande, vos Données Personnelles seront supprimées.

7. Cookies

A l’exception des cookies techniques nécessaires à la fourniture du service, dont la seule finalité est de faciliter l’usage des Produits EXCHANGE et/ou CONSENT et de certains cookies de mesure d’audience bénéficiant d’une exemption au recueil de consentement[1], tel l‘outil Matomo Analytics dans sa version 4, votre consentement exprès sera requis avant toute utilisation de tous autres cookies. Vous pouvez accepter ou refuser le dépôt de cookies à tout moment. Si vous ne souhaitez pas que des cookies soient stockés sur votre terminal, vous pourrez bloquer tous les cookies ou certains d’entre eux en modifiant les paramètres de votre navigateur. Les cookies seront conservés pendant une durée de 13 mois.

Each time you connect to the Platform, a banner displaying information on the use of cookies and similar technologies appears at the bottom of your screen, and can be accessed at any time by clicking on the "Cookie management" link in the footer of the Sites. This banner allows you to express your consent to the various cookies or to reject them.

Please note that social network sharing cookies are issued and managed by the publisher of the social network concerned.

8. Traitements effectués par le gestionnaire du Produit EXCHANGE

Nous attirons votre attention sur le fait que lors de votre usage de la Plateforme pour le Produit API-AGRO, la société Dawex, gestionnaire du Produit EXCHANGE recueille par le biais de cookies, votre adresse IP, vos données de connexions et données de navigation, les offres consultées et les historiques des transactions réalisées, ainsi que les opérations et échanges ayant conduit à ces transactions.

This Personal Data is collected in order to:

  • register Members for newsletters;
  • edit commercial quotations ;
  • compile statistics on visits to and use of the Product (number of pages visited, frequency, etc.);
  • improve the member experience;
  • secure transactions carried out via the Platform;
  • s’assurer que l’utilisation de la Plateforme par les Membres est conforme aux Conditions Générales d’abonnement du Produit EXCHANGE ;
  • ensure that the Platform is not abused.

La collecte de ces Données Personnelles est fondée sur votre consentement exprès lors de l’ Abonnement au Produit EXCHANGE. Vous pouvez retirer ce consentement à tout moment.

Data is kept for as long as your account is active. It is then archived in accordance with applicable regulations. In particular, when a member unsubscribes, identity data is deleted and connection data is anonymized, except for messages exchanged, where first and last names are kept for a period of three years.

9. Traitements effectués par le gestionnaire du Produit CONSENT

Nous attirons votre attention sur le fait que lors de votre usage de la Plateforme pour le Produit EXCHANGE, la société Orange Business, gestionnaire du Produit CONSENT recueille par le biais de cookies, votre adresse IP, vos données de connexions et données de navigation, les offres consultées et les historiques des transactions réalisées, ainsi que les opérations et échanges ayant conduit à ces transactions. 

This Personal Data is collected in order to: 

  • register Members for newsletters; 
  • edit commercial quotations ;  
  • compile statistics on visits to and use of the Product (number of pages visited, frequency, etc.);  
  • améliorer l’expérience du Membre; 
  • secure transactions carried out via the Platform; 
  • s’assurer que l’utilisation de la Plateforme par les Membres est conforme aux Conditions Générales d’abonnement du Produit CONSENT ; 
  • ensure that the Platform is not abused. 

La collecte de ces Données Personnelles est fondée sur votre consentement exprès lors de l’ Abonnement au Produit CONSENT. Vous pouvez retirer ce consentement à tout moment.  

Data is kept for as long as your account is active. It is then archived in accordance with applicable regulations.

10. Your rights

In accordance with the Regulations, you may exercise the following rights:

  • Access: you can request information about the processing of your Personal Data, as well as a copy of it.
  • Rectification: if you believe that your Personal Data is inaccurate or incomplete, you may request that your Personal Data be amended accordingly.
  • Deletion: you may request the deletion of your Personal Data, to the extent permitted by Regulation.
  • Limitation: you may request the limitation of the processing of your Personal Data.
  • Objection: you may object to the processing of your Personal Data, for reasons related to your particular situation. In particular, you may object to the processing of your Personal Data for direct marketing purposes, including profiling related to this type of direct marketing, without Agdatahub being able to refuse.

In addition to the aforementioned rights, you have the possibility of organizing the fate of your Personal Data after your death, by sending your instructions to Agdatahub.

You also have the right to withdraw your consent at any time where the consent given serves as the legal basis for the processing concerned of your Personal Data. In these circumstances, the withdrawal of your consent will have the effect of interrupting the processing concerned for the future, but will not affect the lawfulness of the processing previously carried out.

Finally, under the right to portability, you have the right to recover the Personal Data concerning you that Agdatahub has in its possession, and, where technically possible, to request their transfer to a third party.

You may exercise your rights with Agdatahub by sending your request to the contact point mentioned in paragraph 1 "Identity and contact details of the Data Controller " below. Agdatahub informs you that it will be entitled, where appropriate, to oppose manifestly unfounded or excessive requests.

11. Links to third-party websites

You may be able to access third-party websites through links available on the Platform. Use of such third-party sites will be governed by the privacy policies of those sites and not by this Privacy Policy.

12. Transfers outside the European Economic Area

As a matter of principle, we take care to minimize situations in which personal data may be transferred to a country outside the European Union. Nevertheless, it may happen that the use of services provided by a service provider or a third-party application involves the transfer of personal data to a country outside the European Union. In such cases, we ensure that processing involving the transfer of personal data outside the European Union only takes place on condition that a sufficient and appropriate level of protection for your personal data is guaranteed. To this end, we use one of the mechanisms provided for by European regulations to control such transfers.

In addition, we also ensure, in accordance with the recommendations of the European Data Protection Committee on measures that complement transfer mechanisms designed to ensure compliance with the EU level of personal data protection, that we assess the practical effectiveness of the chosen transfer mechanism with regard to the legislation of the third country. If this analysis shows that the chosen transfer mechanism does not offer a level of protection essentially equivalent to that of the EU, we ensure, as far as possible, that additional measures (technical, organizational or contractual) are put in place and regularly evaluated.

In order to be as transparent as possible, you will find below a table containing the processing operations carried out involving a transfer of data outside the European Union and the transfer mechanism used.

Provider
(Processing) 		Transfer mechanism used
(If applicable, additional measures adopted)

STRIPE (Subcontractor) 

https://stripe.com/ 

 

(Management of online credit card transactions) 

Transfer mechanism used: European Commission standard contractual clauses (SCC).

Additional measures:

  • Physical access control to prevent unauthorised persons from accessing the data processing systems available on the premises and facilities (including databases, application servers and related equipment) where personal data is processed.
  • Virtual access control to prevent the use of data processing systems by unauthorised persons.
  • Data access control to ensure that persons authorised to use a data processing system only have access to personal data in accordance with their access rights, and that personal data cannot be read, copied, modified or deleted without authorisation.
  • Disclosure control to ensure that personal data cannot be read, copied, modified or deleted without authorisation during electronic transmission, transport or storage on storage media (manual or electronic), and that it can be verified to which companies or other legal entities the personal data is disclosed.
  • Input control to check whether data has been entered, modified or deleted, and by whom, from data processing systems.
  • Availability control to ensure that personal data is protected against accidental destruction or loss (physical/logical).
  • Separation control to ensure that personal data collected for different purposes can be processed separately.
  • Stripe encrypts data by default. Stripe's security controls include TLS 1.2 configuration for data in transit, TLS and/or SSL encryption for HTTPS and regular testing of infrastructure components. Two-step authentication is available for an additional layer of security when connecting to the Dashboard.
  • Each request for access to data by administrative, judicial and police authorities is examined in order to respond to lawful requests with the minimum of information required.

    Voir aussi https://stripe.com/fr/privacy-center/legal#data-transfers

Brevo

https://www.brevo.com/fr/

 

(mailing solution) 

Transfer mechanism used: European Commission standard contractual clauses (SCC) .

Additional measures:

  • Les données personnelles ne sont traitées que par les employés de Brevo, et les filiales américaines (Inc) et indiennes (Silver Line Ltd) sont contrôlées par Brevo.
  • The transfer consists exclusively of remote access to data, to achieve two specific objectives (support and maintenance), in situations identified and limited according to the principle of data minimisation.
  • Employees are subject to a confidentiality agreement and receive regular training on data protection and the GDPR.
  • Toute copie ou extraction de données par les employés de Brevo est interdite.
  • Aucune donnée sensible (au sens de l’article 9 du RGPD) n’est traitée par Brevo.
  • Data is stored in the European Union and backup data (back up data) is encrypted.
  • Les sous-traitants sont des filiales de Brevo qui répondront aux demandes des clients exactement comme s’ils étaient situés dans l’Espace économique européen.
  • A ce jour, l’activité de Brevo n’a jamais fait l’objet d’une demande de l’administration américaine en vertu de l’article 702 de la FISA.

Le cas échéant, Brevo s’engage à refuser systématiquement, lorsque la loi applicable le permet, de communiquer des données à un tiers (y compris à des personnes de droit public).

Freshdesk  

https://freshdesk.com  

 

(customer support management solution) 

  • Transfer mechanism used: European Commission standard contractual clauses (SCC).

    Additional measures:

    • Data hosted in the European Union
    • Subsequent sub-contractors are excluded
    • Data is encrypted both at rest and in transit
    • Data is transferred outside the EU for support/security purposes.

    Pour les mesures techniques et organisationnelles additionnelles de Freshdesk : https://www.freshworks.com/data-processing-addendum/

13. Personal Data of minors

Les Produits EXCHANGE et CONSENT ne sont pas destinés aux mineurs.

It is up to parents and any person exercising parental authority to decide whether their minor child is authorised to use the Products.

14. Complaints

If you consider that the processing of your Personal Data constitutes a breach of the Regulations, and without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are ordinarily resident or where the breach is alleged to have occurred.

In France, the supervisory authority responsible for receiving such complaints is the Commission Nationale de l'Informatique et des Libertés (CNIL).

Sur les données à caractère personnel contenues dans les Fichiers échangés au sein du Produit EXCHANGE :

Files exchanged as part of your use of the Platform may contain personal data (the "Files"). As a Platform Subscriber, you are responsible for processing this data.

In the event that Agdatahub is considered to be a sub-contractor within the meaning of the Regulation, you must ensure that Agdatahub is authorised to process the Files on your behalf.

A cet égard, Agdatahub peut accéder à, enregistrer temporairement ou transférer les données à caractère personnel présentes dans les Fichiers aux fins de permettre aux autres Abonnés et Membres de bénéficier des Produits EXCHANGE et de conclure des transactions, pendant toute la durée d’utilisation de la Plateforme, dans le respect de vos instructions et des conditions de la Plateforme.

Agdatahub will not make any changes to the content of the Files and any changes to the content of the Files must be made by you.

En tant qu’Abonné vous devez déclarer directement sur l’interface du Produit EXCHANGE la présence de données à caractère personnel dans les Fichiers afin notamment qu’un traitement automatique soit mis en œuvre afin de masquer les données à caractère personnel dans l’échantillon mis en ligne. En cas d’omission de déclaration, Agdatahub n’est pas tenu responsable de la visibilité des données à caractère personnel dans l’échantillon mis en ligne.

(1) https://www.cnil.fr/fr/cookies-et-autres-traceurs/regles/cookies-solutions-pour-les-outils-de-mesure-daudience

Legal information

Privacy policy

Resources

© 2024. All rights reserved Agdatahub.

Company

Pricing

News