AgStacked Privacy Policy

We are committed to processing personal data in compliance with this  privacy policy and applicable laws. This privacy policy contains  information about what personal data we collect, what are the key principles of processing data and what rights you have relating to your data. 

We may do updates to this privacy policy from time to time associated  with development of our business operations or changes in applicable laws, so please revisit this privacy policy.  

We can refer to AgStacked in this privacy policy also as  “AgStacked”, “we” or “us”. It’s our responsibility to process personal data in  accordance with this privacy policy and applicable privacy laws.

We collect, store and process personal data only for predefined purposes.  We also always make sure that there is at least one legal basis for processing personal data. The main purposes and the applicable legal basis for processing personal data are:  

  • To provide our services: Personal data is collected and used for managing the entire customer relationship as well as performing our obligations and invoicing the services. The legal basis for this processing is a contract between AgStacked and the Customer. 

  • Sales and marketing: We also collect and use personal data for marketing purposes, including contacting potential customers. We may also use personal data to target or retarget advertising in digital media platforms, such as social media and search engines. The legal basis for this  processing is especially our legitimate interest. A person can at any point prohibit direct marketing by sending email to info@agstacked.com. We do not sell or rent personal data to third parties for marketing purposes.  

  • Customer communications: We also collect and use personal data for customer communication  purposes, including handling of support requests and customer feedback, as well as notifying users about the service. The legal basis for this  processing is fulfilling contractual obligations as well as our legitimate interest.

  • Analytics and business development: We also use the personal data as well as the anonymized data generated from the use of the Service to develop our own digital service. The legal basis for this processing is mainly our legitimate interest

What personal data is collected and from which sources?  

The personal data we store relate mainly to the following groups of data subjects: potential and existing customers, and relevant roles within a customer organization, such as project team members and contract contact person.  

Personal Information: “Personal Information” refers to any information that you choose to  submit to us that identifies you personally. This includes, name, email address, company name, address, phone number, and other information about you and/or your business.  

Customer Testimonials & Quotes: We may publish customer testimonials and quotes on the Website, which  may contain some Personal Information. AgStacked obtains consent from each customer prior to posting their name and testimonial.  

Data we collect and process relating to our customers:

  • Company name  

  • Contact person(s) name  

  • End user profile information as provided by the customer

  • Work email and/ or work phone  

  • Invoicing details  

  • Marketing opt-in / opt-out  

  • Contact details for support issues  

  • Contact details for invoicing and executing contracts

Our customers and people within their organizations may use AgStacked for information where they are considered the data controller, in these situations we operate as their data processor based on a contract. In these situations, we process personal data only on behalf of the specific customer based on  their instructions and only as long as we have a valid contract. As a data controller, the customer has full control (and also responsibility) on what personal data it decides to enter in the platform and under what legal basis it has the right to process it and  transfer to AgStacked, including acquiring necessary consents, if required.  

AgStacked does not review the data entered by the customer to the platform. For more information about under which terms AgStacked processes its customer’s personal data, refer to AgStacked DPA terms and conditions.  

Who processes personal data and is it transferred to anyone?  

Personal data is stored in electronic format and only authorized personnel within our organization have access to the data. 

We may also use third party services providers for data storage (e.g. cloud storage), digital marketing, and processing of payments. In these situations, we have a written contract with the service provider with minimum data processing provisions and that the confidentiality of  personal data is secured and data is otherwise processed and transferred lawfully.  

We may also disclose or transfer personal data to fulfill legal obligations or when a legal authority requires a disclosure. We may also disclose  personal data if we are a party of a business sale, such as a merger or an  acquisition.  

If any of our service providers or data transferees are located outside the EU, we make sure that the transfer of data fulfills all legal requirements. We may also transfer pseudonymised or anonymised data, from where it  is not possible to identify a person.

Is personal data transferred outside the EU?  

By default, personal data is not transferred outside the EU. 

How long is data stored?  

We will not store personal data for a longer period than is necessary for  its purpose or required by contract or law. The retention periods for personal data may vary based on its purpose. The retention periods may also be based on applicable laws (e.g. accounting, tax laws, etc.). We may also update data from time  to time. Regarding content that our customers enter into a platform we  have provided, it is their responsibility to plan the data retention periods.  

How is data stored and kept secure?  

Personal data is stored and secured in accordance with general industry standards and practices. We consider and keep personal data confidential. For our own systems and data storage, we use only well established service providers and robust software tools. Access to personal data is also protected with user-specific logins, passwords and user rights. 

Is it mandatory to provide personal data?

We need to collect and process some amount of personal data in order to  provide the service and to ensure that an authorized person concludes a  contract on behalf of our customer, to deliver and provide the agreed  services as well as to identify the users of our platform. 

What rights does a person have relating to their personal data?  

Access to data  

You have the right to have confirmed if we are processing your personal data and also to know what data we have about you. In addition, you have the right to some supplemental information described in the law about the  processing activities. If we process personal data based on your consent, you can at any time withdraw your consent by notifying us by sending email to info@agstacked.com.

You have the following rights over your personal data:

  • Right to have errors corrected: You have the right to request that we correct any inaccurate or outdated personal data we have about you.  

  • Right to prohibit direct marketing: You have the right to request that your personal data is not processed for direct marketing purposes by emailing info@agstacked.com.

  • Right to object processing: If we process your personal data based on public interest or our  legitimate interest, you have the right to object processing of your data, to the extent that there is no such significant other reason that would  override your rights or the processing is not necessary for handling legal claims. Please notice that in this situation we may not be able to serve you anymore.  

  • Right to restrict processing: In certain situations you have the right to require that we restrict processing of your personal data.  

  • Right to data portability: If we process your personal data based on your consent or fulfilling of a contract, you have the right to require transfer of the data you have  provided to us to another services provider in a commonly used electronic format.  

How can a person use their rights?  

You can execute and use your rights by contacting us by sending email. In such a case, we ask you to provide us your name, contact details, and verification of your identity. If you consider that the processing of your personal data is not lawful, you can send a notification to a supervisory authority.  

Can this privacy policy be updated?  

We may make updates to this privacy policy when our operations change  or develop. Also changes in law may make it necessary to update this privacy policy. The changes become valid once we have published them in the form of an updated privacy policy. Therefore, please revisit this privacy policy from time to time.