AgriSync Privacy Statement
This AgriSync Privacy Statement will describe how John Deere collects and processes personal data related to the AgriSync services. This Statement supplements the Enterprise Privacy Statement at www.deere.com/privacy.
When thinking about our solutions and privacy, the following general information shall apply:
- John Deere, Deere, or AgriSync is us. In this Notice, “we”, “us,” “our” or “AgriSync” will refer collectively to the entities listed in Table 1 of this statement. The AgriSync solutions we provide are collectively called “the Services”.
- John Deere Dealers and its employees or a person in an agreement with us to use the paid portions of the Services (including during a free trial) is a User.
- Any natural person who interacts with the Services because a User has put the Services to work in their business is a “Customer of the User.” We will not directly connect with a Customer of the User as part of the Services. Provided we can rely on a legal basis, we may directly connect with a Customer of the User independently of the Services.
- As part of the Services, the User shall always be the Controller for the processing of personal data of the Customer of User. Only if we can rely on a legal basis and do directly connect with a Customer of the User, Deere shall be a Controller for the processing of personal data of the Customer of User.
- This AgriSync Privacy Statement explains the processing of personal data of the User through Deere as a Controller and provides additional information of the processing of personal data of the Customer of the User through Deere as Processor on behalf of the User.
- In case Deere processes personal data of the Customer of the User as a Controller, Deere shall provide separate information to the Customer of the User.
- Personal data shall have the meaning as defined the applicable data protection laws and regulations.
Information on Controller of data and purpose of data processing
Deere collects and processes the following categories of personal data of the User for the following purposes:
- We collect identifiers, like names and contact information, company name and job title, to fulfill the service agreement between us and the User or to enter into a service agreement and when a User registers to use our Services in order to allow them to use our Services, verify their identity, and communicate with them. We may use this data for early problem identification or to provide technical assistance.
- We collect commercial information as we keep track of the Services that Users purchase from us and our communications history about those Services.
- We collect financial information, such as User payment information, when Users pay for our Services.
- We collect internet and other electronic activity information, such as communications metadata, as Users interact with our website or use our Services. This metadata may be information about how a User interacts with our websites and the information on them and what features are used in our Services.
- We collect geolocation information to Users when using our Services and to provide support during service events. This could be location based on an IP address, on the cell tower to which a mobile device is connected, or on Wi-Fi triangulation.
- We collect commercial information to carry out core business operations such as accounting, filing taxes, and fulfilling regulatory obligations.
- We collect data to detect, prevent, or investigate security incidents, fraud and other abuse and/or misuse of our Services.
- Functionality is built into the tool that allows Users to effectively obtain consent from the Customers of Users. This functionality is enabled by Deere, but the utilization and execution of obtaining and confirming consent is the User’s responsibility.
Legal basis for data processing
We are processing this personal data based on the following legal basis in accordance with the applicable data protection laws and regulations:
- Contract fulfilment as far as necessary to fulfill the service agreement between us and the User or to enter into such service agreement.
- Legitimate interest as far as necessary for managing our user relationship, security and fraud prevention as well as other core business operations
- Legal obligations as far as necessary as required by applicable laws.
Retention Period
AgriSync will store personal data as long as needed while providing our Services and to operate our business. We keep the data up to 5 years following the last interaction with a User account.
Categories of recipients of personal data
We may share User personal data with third parties, such as the following:
Telephony operators as necessary for proper routing and connectivity. Some of the Services’ features make use of the publicly switched telephone network (PSTN) to send communications. Therefore, communications-related data is shared with and received from telephony operators as necessary to route and connect those communications from the sender to the intended recipient. How those telephony operators handle this data is generally determined by those operators’ own policies and local regulations.
Other communications service providers for proper routing and connectivity. AgriSync also enables sending or receiving communications through communications service providers that do not use the PSTN, such as WhatsApp (referred to as Over-the-Top (OTT) communications service providers). If you choose to use AgriSync to send or receive communications by way of these providers, AgriSync will share communications data with these providers as necessary to route and connect those communications from the sender to the intended recipient. How those OTT communications service providers handle this data is determined by their own policies.
Third-party service providers or consultants. AgriSync engages certain third-party service providers to carry out certain data processing functions required or permitted by the User. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
Sub-processors. We may share User data and information with sub-processors who assist in providing the AgriSync Services, like our infrastructure providers, or as necessary to provide optional functionality like transcriptions. An up-to-date list of AgriSync’s sub-processors is available upon request.
Integrated systems. Users sometimes require the Services to interoperate or integrate with certain non-AgriSync systems. Where we enable that interoperability, certain User data and information may be accessed or transmitted to and from the non-AgriSync systems. AgriSync does not control the non-AgriSync systems’ use of User data and information, and their use of such data and information will be in accordance with their own policies. If a User does not want their data and information to be shared by an AgriSync Customer through the Services to a non-AgriSync system, then you should contact the Customer to opt out of that integration.
Compliance with legal obligations. We may disclose Users’ personal data to a third party if (i) we reasonably believe that disclosure is compelled by applicable law, regulation, legal process, or a government request (including to meet national security, emergency services, or law enforcement requirements), (ii) to enforce our agreements and policies, (iii) to protect the security or integrity of our Services, (iv) to protect ourselves, our Customers, or the public from harm or illegal activities, or (v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury. If AgriSync is required by law to disclose any personal data, we may notify the involved AgriSync Users of the disclosure requirement, unless prohibited by law. Further, we object to requests we do not believe were issued properly.
Business transfers. If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from Users may be part of the assets transferred or shared in connection with the due diligence for any such transaction. In that situation, and that situation only, we might transfer your data in a way that constitutes a sale under applicable law. If we do, we’ll let you know ahead of time, and any acquirer or successor of AgriSync may continue to process data consistent with this Notice.
We also share with or disclose this personal data to Deere and our Affiliates for the purposes set out in the long form privacy statement. Your personal data is transferred to non-UK/EEA countries with different, and less protective data protection laws (including the United States of America), but, where this is the case, Deere relies on admissible data transfer mechanisms, such as Standard Contractual Clauses or Binding Corporate Rules, if any.
Data Subject Rights
To request access to your personal data, to ask us to rectify or erase personal data or restrict the processing, to object the processing or to exercise any of the other data privacy rights available to you, or to request information/a copy of the relevant international data transfer mechanism, please contact us under the information at www.deere.com/privacy. You can withdraw consent at any time by contacting us at the www.deere.com/privacy. You also have the right to complain to the relevant supervisory authority in your country.
More information is available in our long-form Enterprise Privacy Statement (see here www.deere.com/privacy).
Processing of personal data on behalf of the User
As part of providing the Services to the User, Deere will process personal data of the Customer of the User on behalf of and as instructed by the User. This includes the following categories of personal data:
- Name, address of Customer of the User
- Communication data and content of communication between the User and Customer of the User
- Sales data and sales history of the User and the Customer of the User
- Data originating from other non-AgriSync applications if a Customer has asked Deere to enable those integrations. Example integrations may include WhatsApp for Business, Salesforce and other CRM systems, and unique business systems the Customer uses in its business to deliver goods or services to Users.
We process this personal data solely to provide services to you as further described in the service agreement and the data processing agreement between the User and us.
Table 1
|
Contract Jurisdiction |
Contracting Entity |
Governing Law |
Venue |
|
United States of America |
John Deere Special Technologies Inc. Attn: Privacy Manager Center for Global Business Conduct
One John Deere Place Moline, IL 61265, USA |
State of Illinois |
State or federal courts of the State of Illinois
|
|
Canada |
John Deere Canada ULS 295 Hunter Road P.O. Box 1000 Grimsby, ON L3M4H5 |
Province of Ontario, Canada |
Province of Ontario, Canada |
|
Australia or New Zealand |
John Deere Limited (Australia) Attn: complete Goods Manager 1660170 Magnesium Drive Crestmead, Queensland 4132 Australia: 1800-800-981 New Zealand: 0800-303-100 |
Province of Queensland, Australia |
Province of Queensland, Australia |
|
Brazil |
John Deere Shared Services |
State of Illinois, United States |
State or federal courts of the State of Illinois, United States
|
|
France, Germany, Netherlands, United Kingdom |
John Deere GmbH & Co. KG |
Germany |
Germany |
Last Updated: November 1, 2022
