For purposes of the General Data Protection Regulation, the Data Controller is FoodChain ID Group, Inc., and the EU Representative is FoodChain ID Europe Limited, whose Contact Information can be found below.
Throughout this Policy we use the term “Designated Countries” to refer to countries in the European Union (EU), European Economic Area (EEA), and Switzerland. If you reside in the Designated Countries, you have a number of important rights we want you to be aware of. These rights will be indicated by reference to the Designated Countries where applicable.
Information we collect from you
Sources of information
This Policy applies to information we collect:
- On this Website.
- In any electronic messages between you and this Website.
- Offline or through any other means, including on any other website operated by Company or any of our affiliates and subsidiaries.
This Policy does not apply to information collected by:
- Any third party, including through any application or content (including advertising) that may link to or be accessible from the Website.
What information we collect
We collect information to provide better services to all our users––from remembering user preferences to contacting you regarding services or opportunities that may be of interest to you. The information we collect, and how that information is used, depends on how you use our services.
We collect and process some or all of the following types of information from you:
- Information that you provide to us by filling in forms or creating an account on the Website. This may include information provided at the time of registering to use the Website or requesting further information or services, such as: Full name, email address, phone number, mailing address, and IP address. We may also ask you for information when you report a problem with the Website.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Details of all actions that you carry out through the Website and of the provision of services to you.
- Details of your visits to the Website including, but not limited to, traffic data, location data, and other communication data.
The provision of your full name, e-mail address, phone number, mailing address, and IP address are required from you if you choose to create an account on our Website. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
How we use your information
We may use the information that we collect in a variety of ways in providing our service, including:
- To ensure that content from the Website is presented in the most effective manner for you and for your computer and to understand and analyze your usage trends and preferences, to improve our services, and to develop new products, services, and features
- To operate, maintain, enhance, and provide all features of our services, to provide our services and information that you request, to respond to your questions, and to provide support to users of our service
- To notify you about changes to our services and provide you with information that is relevant to your use of the services.
- To provide you with information, products or services that you request from us or which we feel may interest you. You have the ability to opt-out of receiving promotional communications.
We will occasionally contact you through email, phone, and/or notices posted on our Website. We will send you messages about the availability of our services, security, or other service-related issues. We also send messages about how to use the services, network updates, and promotional messages from us. You may contact us at any time using our Contact Information below to change your communication preferences. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.
Lawful bases for processing your information
You have choices about our use of your information. At any time, you can withdraw consent you have provided by contacting us using our Contact Information below.
We will only collect and process your information where we have lawful bases. Lawful bases include consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver the services you have requested)) and legitimate interests.
If you have any questions about the lawful bases upon which we collect and use your personal data, please contact us using the Contact Information provided below.
Sharing your information
We do not share your personal information with advertisers, other companies, or individuals outside of FoodChain ID Group, Inc. except in the following cases:
We may need to share your information when we believe it’s required by law or to help protect the rights and safety of you, us, or others. It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you, (3) investigate and defend ourselves against any third-party claims or allegations, (4) protect the security or integrity of our Service (such as by sharing with companies facing similar threats); or (5) exercise or protect the rights and safety of the Company, our users, personnel, or others. We attempt to notify you about legal demands for your personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
For external processing
- Cert ID Solutions, Inc.
- Cert ID LC
- FoodChain ID, Inc
- Genetic ID NA, Inc
- FoodChain ID Group Inc.
- Agricert Mexico S.A. de C.V.
- FoodChain DO Brasil Ltda
- Cert ID Certificadora Ltda
- FoodChain ID Brasil Participacoes S.A.
- Ecocerta Biotecnologia Ltda
- Genetic ID GmbH
- Cert ID Germany GmbH
- Cert ID Europe Limited
- FoodChain ID Europe Limited
- Genetic ID (UK) Limited
- Bioagricert S.r.l.
- Bioagricert Serbia
- Bioagricert Bulgaria Ltd
- CERT ID India Private Limited
- Bioagricert Thailand Co., Limited
Merger, acquisition, or sale of assets
How we store your information
We take industry-standard security measures to ensure that all of your personal data is kept secure, including security measures to prevent personal data from being accidentally lost, used, or accessed in an unauthorized way, for the duration of your use of our services. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website, therefore any transmission remains at your own risk. Once we have received your information, we will use strict procedures and security features in order to prevent unauthorized access.
Cross-border data transfers
We may store and use your data outside your country. We process data both inside and outside of the United States and rely on legally-provided mechanisms to lawfully transfer data across borders. Countries where we process data may have laws which are different, and potentially not as protective, as the laws of your own country. In many cases, we will use European Commission-approved Standard Contractual Clauses as a legal mechanism for data transfers from the Designated Countries. These clauses are contractual commitments between companies transferring personal data, binding them to protect the privacy and security of your data. These clauses are designed to help safeguard your privacy rights and give you remedies in the unlikely event of the misuse of your personal data.
Keeping your information up to date
If your personal details change, you may contact us to request an update or correction using our Contact Information below. We will endeavor to update your personal data information within thirty (30) days of any new or updated personal data being provided to us, in order to ensure that the information we hold about you is as accurate and up to date as possible.
Where we store your information
The information that we collect from you and process as a result of your use of the services may be transferred to, and stored at, a destination outside the Designated Countries. It may also be processed by our employees operating outside the Designated Countries who work for us. Such employees may be engaged in, among other things, the fulfilment of your orders, the processing of your payment details and the provision of support services. By submitting your personal data and accessing this Website, you agree to this transfer, storing or processing.
How long we keep your information
We retain your information for so long as it needs to be kept for legitimate business or legal purposes. Some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary. We try to ensure that our services protect information from accidental or malicious deletion. Because of this, there may be delays between when you delete something and when copies are deleted from our active and backup systems.
Accessing, correcting & deleting your information
You can contact us any time at email@example.com to:
- Request access to information that we have about you
- Correct any information we have about you
- Delete any information we have about you
- Export a copy of any information we have about you if you wish to transfer it to a service outside of the Company.
There are other ways to control the information we collect, including:
Browser settings: For example, you can configure your browser to indicate when we have set a cookie in your browser. You can also configure your browser to block all cookies from a specific domain or all domains. But remember that our services may rely on cookies to function properly, for things like remembering your user preferences.
If you reside in the Designated Countries, you have a number of important rights we want you to be aware of. The rights available to you depend on our reason for processing your information.
- Access and request copies of the personal data we collect about you
- Request the correction of any mistakes in your information held by us
- Request the deletion of your personal data in certain situations and as allowed by law
- Request transfer of your personal data and receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format
- Object at any time to processing of personal data concerning you
- Object to decisions being taken by automated means which produce legal effects concerning or affecting you
- Object in certain situations to our continued processing of your personal data
- Otherwise restrict our processing of your personal data in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of these rights, please contact us using our Contact Information below. You may make any requests regarding these rights verbally or in writing. Upon receiving your request, we may request additional information so we are able to identify you and ensure you are the one making the request.
Third party websites
Compliance and cooperation with regulators
We regularly review this Policy and make sure that we process your information in ways that comply with it. We hope that we can resolve any question or concern you raise about our use of your information.
When we receive formal written complaints, we respond by contacting the person who made the complaint. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of your data that we cannot resolve with you directly.
If you reside in the Designated Countries, you may lodge a complaint regarding the processing of your personal data with a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement.
IP addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, customer support and to collect aggregate information for internal reporting purposes.
The cookies we use are “analytical” cookies. Some of the common uses for our cookies are as follows:
- To recognize and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our Website works, for example by ensuring that users are finding what they are looking for easily.
- To identify and authenticate a user across different pages of our Website, within our own Website, in a session or across different sessions. This is so that the user does not need to provide a password on every page the user visits; and
- To be able to retrieve a user’s previously stored data, for example, information that the user previously submitted to the Website, so as to facilitate reuse of this information by the user.
FoodChain ID, Inc.
Attn: Privacy Compliance
504 North 4th Street
Fairfield, IA 52556
Foodchain ID Europe Limited
Attn: Privacy Compliance
Unit 50, Drayton House,
Drayton Manor Business Park,
+44 (0) 121 308 9130