We are very happy to welcome you to the privacy notice of SAMP365 – Agritech App.
SAMP365 – Agritech App is an application operated by PUNDI X 365 LIMITED, a private limited company registered under the laws of the Republic of Cyprus with registration number HE 407178 and having its registered address at Michalakopoulou 1, Flat 201, 1075 Nicosia Cyprus (hereinafter collectively referred to as the “Company”, ”we”, “us” or “our”).
We know that you care how information about you is used and shared and we appreciate your trust in us to do that carefully and sensibly. We hereby confirm that we are committed to protecting your personal information. The Company will collect, process and use your personal data exclusively in compliance with the principles of the new Regulation (EU) 2016/679 of The European Parliament And of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”), the applicable local legislation as amended from time to time and any other legal and/or regulatory obligations.
This privacy notice is provided in a structured form covering specific areas in relation to your personal data. It has been prepared by our legal advisors, G.C. HADJIKYPRIANOU & ASSOCIATES LLC, in order to ensure that the processing of your personal data will be done at all times in compliance with the GDPR.
IMPORTANT INFORMATION AND WHO WE ARE
2.1 Purpose of this privacy notice
This privacy notice aims to give you information on how and for what purposes the Company uses, processes and looks after your personal data through your visit and/or use of this app (regardless of where you visit it from), including any data you may provide through this app when you sign up and/or registering and/or purchasing and/or interacting with any of our products (as the case may be).
Below we provide information about the processing of your personal data and the data protection rights you are afforded.
This app is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and/or terms and is not intended to override them.
2.2 Who is responsible for your personal data and who you can contact
Subject to the terms of this privacy notice the entity responsible for your personal data (known as the “Controller” for the purposes of the GDPR) is:
Full name of legal entity: PUNDI X 365 LIMITED (HE 407178)
Address: Michalakopoulou 1, Flat 201, 1075 Nicosia Cyprus.
Telephone: +357 22 504 304
We have appointed a data protection officer (hereinafter referred to as the “DPO”) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions, or want more details about this privacy notice or on how we use your personal information, please contact our DPO using the details set out below:
Full name of the DPO: Andria Neocleous
Address: 75 Limassol Avenue, Suite 401, Nicosia, 2121, Cyprus
Telephone: +357 22504304
As explained hereunder, you have the right to make a complaint at any time to the Cyprus Data Protection Commissionaire, the Cyprus supervisory authority for data protection issues (hereinafter the “Commissioner”).
We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance.
2.4 Third-party links
3. THE DATA WE COLLECT ABOUT YOU AND WHERE DOES THIS DATA ORIGINATE FROM
Pursuant to the provisions of the applicable local and EU legislation(s), “personal data” or “information of personal nature”, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (known as “anonymous data”).
We may collect, process, store and transfer different kinds of personal data about you in the context of our business relationship and/or services provided to you which we have grouped together as follows:
“Identity Data” includes first name, maiden name, last name, username or similar identifier, title, date of birth and gender.
“Contact Data” includes billing address, email address and telephone numbers.
“Financial Data” includes bank account and payment card [GCHLLC1] details.
“Technical Data” includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this app.[GCHLLC2]
“Profile Data” includes your username and password, purchases of and/or other interactions with our services/products, your interests, preferences, feedback and survey responses.
“Usage Data” includes information about how you use our app, products and services.
“Marketing and Communications Data” includes your preferences in receiving marketing from us and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific app feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we hereby confirm that we treat the combined data as personal data which will be used in accordance with this privacy notice.
Some types of information are classified as Special Categories of Personal Data known as “Sensitive Data” for the purposes of European data protection law and there are additional restrictions on how we may use and hold this information. “Sensitive Data” includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data as well as information about criminal convictions and offences.
We do not knowingly collect any “Sensitive Data” about you. Generally, it is necessary to obtain your consent before we can use Sensitive Data. However, we may hold and use such information without consent for limited statutory purposes such as to protect your vital interests, for legal claims, or in the public interest. We hereby confirm that we will always communicate to you the purposes for which we wish to use your Sensitive Data when it is being collected, and, if necessary, obtain your consent at that time. In such cases, you will be able to withdraw your consent at any time.
3.1 If you fail to provide or choose not to give your personal data
In the context of our relationship (as the case may be) we may need to collect personal information by law, or under the terms of a contract we may have with you or for the provision to you of our services. Without this data, we may, in principle, not be in a position to provide to you the services offered in and/or through our app.
For the avoidance of any doubt, data collection that is optional would be made clear at the point of collection.
4. WHY DO WE PROCESS YOUR DATA (PURPOSE OF THE PROCESSING) AND ON WHAT LEGAL BASIS
We process the aforementioned personal data in compliance with the provisions of GDPR and the applicable local legislation as amended from time to time. Please contact us or our DPO if you need details about the specific legal ground we are relying on to process your personal data.
4.1. For compliance with a legal obligation
Such cases include cases where the processing is necessary because of a legal obligation that applies to us.
We may process your data to comply with our legal and regulatory obligations eg preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.
4.2. For the performance of contractual and professional obligations
We may process your data when we need to perform a contract we are about to enter into or have entered into with you and/or to provide you with any of our services and/or products.
4.3. For the purposes of safeguarding legitimate interests
We may process your data where it is necessary for our legitimate interests (or those of a third party) and your data protection rights do not override those interests. Examples include but are not limited to:
ensuring the security and integrity of our services and in ensuring that our app operates effectively;
providing our services to our users;
protecting users, employees and other individuals and maintaining their safety, health and welfare;
sending alerts (upon request) which are relevant and tailored to individual users;
for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise;
understanding our user’s behaviour, activities, preferences, and needs;
improving existing products and services and developing new products and services;
handling customer contacts, queries, complaints or disputes; and
fulfilling our duties to our users.
For the avoidance of any doubt, legitimate interest generally means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience.
We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us or our DPO using the details provided herein.
4.4. On the basis of your consent
Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message.
Insofar as you have granted us consent to the processing of personal data for marketing purposes, the lawfulness of such processing is based on your consent. Any such consent granted, may be revoked at any time by contacting us or our DPO using the details provided herein.
Please note that we will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us or our DPO using the details provided herein.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
4.5. Third-Party Marketing
We will get your express opt-in consent before we share your personal data with any third-party outside the Company for marketing purposes.
4.6. Opting-out From Marketing Promotions
You can ask us or third parties to stop sending you marketing messages at any time by contacting us or our DPO using the details provided herein.
5. DISCLOSURES OF YOUR PERSONAL DATA
We may disclose information that concerns you if we are legally required to do so pursuant to the provisions of the GDPR and/or the provisions of the applicable local legislation as amended from time to time as well as any other relevant legislation.
We may disclose your personal data to third parties in order to comply with any legal obligation or in order to enforce or apply our terms and conditions and/or based on your consent/instructions.
Personal data is shared with:
Third party suppliers and/or associates;
Our service providers such as IT systems, support and hosting service providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities; and
Governmental authorities and third parties involved in court action.
Where the party to whom we share your personal information is a legal entity, we hereby affirm that we will take all reasonable steps and/or actions to confirm that the employees and/or representatives of such a third party will execute their duties in accordance with the highest industry standards and will comply with all provisions and requirements of the provisions of this Privacy Notice and the local laws and regulations on the protection of personal data (as amended from time to time) and GDPR and any legislation to success it or complement it.
For the avoidance of any doubt, we note that by using our app you agree to have your personal details passed to suppliers and/or associates having a contractual relationship with us. We will take all reasonable actions to ensure that the said suppliers and/or associates are using your data in accordance with the provisions of the GDPR and/or the provisions of the applicable local legislation in relation to the protection of personal data (as amended from time to time) and/or the provisions of any other applicable legislation.
6. DATA TRANSFERRED TO A COUNTRY OUTSIDE THE EUROPEAN ECONOMIC AREA
We may transfer personal data to supplier(s) and/or associate(s) outside the European Economic Area ("EEA").
GDRP and the applicable local legislation as amended from time to time prohibits the transfer of personal information outside the EEA unless specific requirements are met for the protection of that personal information. More specifically, data will only be transferred to countries outside the EU or the EEA (i) if it is required by law; or (ii) if you have granted us your consent and/or instructed us to do so.
Please note that if supplier(s) and/or associate(s) in a third country are used, all reasonable and practicable measures will be taken to ensure that they will comply with the data protection level in Europe in accordance with the GDPR. In addition, any transfers to parties located outside the European Union will be in line with the legal and regulatory provisions of the GDPR and applicable local legislation as amended from time to time.
For the avoidance of any doubt, by accepting this privacy notice you provide your consent to transfer your data, subject to the safeguards included in the preceding paragraph, to supplier(s) and/or associate(s) outside the EEA and in particular to supplier(s) and/or associate(s) in China and the USA.
If you need more information in relation to the possible transfer of your data to a country outside the EU or the EEA please do not hesitate to contact us or our DPO using the details provided above.
7. DATA RETENTION
7.1 How long we keep your personal information
We will keep your personal information for as long as you are a person using and/or enjoying our app and/or our services. For the avoidance of any doubt you stop being a person using and/or enjoying our app and/or our services when you delete your account and/or otherwise request cancelation of the services we provide to you (as the case might be).
After you stop being a person using and/or enjoying our app and/or our services, we may keep some of your personal information for a period of up to 2 weeks without however processing them. We may keep your data for longer than 2 weeks if we cannot delete it for legal and/or regulatory and/or technical reasons. If we do so, we will ensure that your privacy is protected.
In case you your account remains inactive and we have not been in contact with you for a period of 1 year, your account as well as your personal data will be deleted and removed from our systems.
Without prejudicing to the generality of the preceding paragraphs, we note that in some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
8. WHAT DATA PROTECTION RIGHTS YOU HAVE
The following are the rights you have pursuant to the provisions of the GDPR and the applicable local legislation (as amended from time to time) in relation to the data protection:
Request access to your personal data (commonly known as a “data subject access request”).
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Please note however that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. In such a case, your data will be stored but not processed until expiration of the retention obligation.
Subject to the legal basis on which the processing activity is based, you may object to processing of your personal data. Please note that in some cases, we may have compelling legitimate grounds to process your information which we need to comply with.
Request restriction of processing of your personal data (a) if it is not accurate;(b) where processing may be unlawful but you do not want us to erase your data; (c) where you need us to hold the data even if we no longer require it; or (d) where you may have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party.
In case the processing of the data is performed subject to your consent, you may withdraw consent at any time where we are relying on consent to process your personal data. However, we note that this will not affect the lawfulness of any processing carried out before you withdraw your consent. Kindly note however that if you withdraw your consent, we may not be able to provide certain products or services to you. We will of course advise you if this is the case at the time you withdraw your consent.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). Kindly note however that we may charge you with an administrative fee, in cases where requests are deemed manifestly unfounded or excessive, in particular because of their repetitive character.
If you wish to know more and/or exercise any of the rights set out above, please contact us or our DPO using the details provided above.
8.1. What we may need from you in relation to your personal data rights
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
9. DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. COOKIES [GCHLLC3]
Our app may use technologies such as "cookies" to provide visitors with tailored information upon each visit. Cookies are a common part of commercial apps and/or websites that allow small text files to be sent by an app and/or website, accepted by a web browser and then placed on your hard drive in order to recognise repeat visits to the app and/or website. Every time you visit our app, our servers, through cookies, pixels and/or GIF files, collect basic technical information such as your domain name, the address of the last URL visited prior to clicking through to the app, and your browser and operating system. If you like, you can set your browser to notify you before you receive a cookie so you have the chance to accept or reject it and you can also set your browser to turn off all cookies. The app (run by the Interactive Marketing Bureau) contains step-by-step guidance on how cookies can be switched off by users. You do not need to enable cookies to visit our app - however, some parts of the app and some services may be more difficult or impossible to use if cookies are disabled.
For the avoidance of any doubt Cookies do not contain any information that could identify the individual user personally.
11. LODGING A COMPLAIN
Please let us know if you are unhappy with how we have used your personal information. As stated above you can always contact us or our DPO.
You also have the right to make a complaint at any time to the Commissioner which is the supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance.
SAMP365 – Agritech App