CropTrak Data Collection, Use, and Ownership Policy

 Introduction

The Federal Government has lots of policies for the protection of your electronic personal data, but here at CropTrak, we want to be clear about how we treat our customers’ farming data as well.  So we have enhanced our EULA to be more specific about the how, what, when, and more regarding the data entrusted to CropTrak.

CropTrak knows that you care how your information is used and shared, and we appreciate your confidence that we will do so carefully and sensibly.

 

 Executive Overview

CropTrak is a Software Developer, and we have no need or use for your data in our business model.

CROPTRAK DOES NOT SELL, RENT, BASELINE, AGGREGATE, OR SHARE LICENSOR CONTENT OR PERSONAL INFORMATION WITHOUT YOUR WRITTEN CONSENT.

That includes data loaded onto the CropTrak server directly or automatically or collected by the CropTrak platforms remain the sole ownership of the client at all times.

The data is securely hosted as long as the client has an active account with CropTrak or until which time they request the information be deleted.

The client owns the data they load at all times in whole, in parts, and its derivatives.  That means we cannot use your data without your written release for any purpose inside or outside the company.

 

 Your Personal Information

When you use our mobile and web apps, CropTrak creates certain unique identifiers and tracks metadata to enable our tools to electronically record your Farm Data and associate that information with your account. These unique identifiers are associated with your Cloud database and Personal Information, such as name, address, phone number, and mobile device information.  We do not provide your personal information outside the company for any reason. 

 

 How Safe Is Your Personal Information?

We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.  Your information is also encrypted during rest (storage) on our servers and your mobile devices when the application is not being actively viewed using NIST level hardware-enabled encryption.

 

 Your Ownership of Customer Data

CropTrak believes that you the farmer are the owner of your Farm Data. CropTrak believes that ownership should give you the right to share, download, and delete your Data.  We make this easy with open formats, exporters, and commercially standard APIs.

By agreeing to use CropTrak, you agree that you are the owner of or have obtained the permission from the owner of any Data you transfer, share, or upload to CropTrak cloud, including any Data you authorize to be transferred to CropTrak from a third party. You release CropTrak from any claims that someone other than you owns the electronic Farm Data uploaded to the CropTrak Cloud Server.

 

 Customer Data Isolation

CropTrak hosts our clients on Amazon Aurora data centers around the world.  Each client is a unique database instance for which they are the only tenant. (Think each client has their own house vs. everyone sleeping in a hotel.)

Amazon’s hosting agreement requires them to respect and protect your data the same way the CropTrak team does.

 

 Customer Data Protection

Every bit of your data is protected by Two-step authentication requiring a paired device and user unique login/password.

Data stays encrypted on the cloud – in transit – on the mobiles devices.

The Cloud has the latest anti-piracy and security features, real-time reflection of your data in another remote facility, and non-sync based attachments are hosted on read-only servers.

 

 Ownership of Data After Transfer

The client owns the data they load at all times.  Putting it on our systems does not transfer ownership like so many other vendors.  That means we cannot use your data without your written release for any purpose inside or outside the company in part or in whole. 

 

 CropTrak Data Transfer to Others

CropTrak provides lots of tools for sharing data with others.  In our case, we do this through open standard interfaces which are under the client’s control – controls that let you control what is shared, who can access it, and for how long they may access your data.

CropTrak does not share any data with other users and companies without our client’s written consent in advance.

 

 Customer Retrieve Data Sets

CropTrak loads data in Shape, CSV, Excel, GeoTiff, and a number of other open commercial formats and interfaces.  All data loaded into our system can be accessed in a number of ways by the client to retrieve all the hosted data on our servers.

  • ODBC connection to access information from Microsoft Excel.
  • MySQL Views to access all spatial, imagery, photo, and attribute information.
  • Shape, CSV, Excel, JPEG, and other open format export from administration tool CTAT.

 

 Customer Data Removal

CropTrak will host client data up to 30 days after termination of an annual contract, at which time CropTrak will delete the client database, remove the client Amazon instance, and delete all client archive backups, thus removing all data from our systems which cannot be recovered.

 

 Data Breach

Data protection is very important to the CropTrak team.  That is why since 2009 we have incorporated two-step authentication into every tool we have developed.  With data security in mind, we configured the Amazon Aurora system to notify us of access to our systems not performed using our managed methods of access.

If we find that data has been disclosed to an outside party, CropTrak will inform our affected clients within 72 hours and, to the degree known, disclose what was exposed and any steps we have taken or will take to assure any future data breach is avoided.

 

 Sale of CropTrak

If CropTrak is sold to another company, customers will be notified in advance of new owners taking control of the client data systems.  At that time the client can ask for the data to be removed from our systems or choose to continue normal hosting on our Amazon systems with our new owners. Every effort will be taken to require any future company owner to honor our policy to our clients, and customers will be immediately notified of any changes in data policy.

 

Agreement Changes and Notification

CropTrak posts on its websites the latest version of this document.   A version of this document with change bars will also be hosted on our support site.   If any changes are made to this document, within 30 days, customers will be informed so they can review the changes for the effect on their business.

 

Revision: 08 Nov 2017