Privacy Notice
The Data Controller PigBrother Ltd. declares that it records data in accordance with industry standards and similar websites, some of which may constitute personal data. The Data Controller declares that it does not base any marketing or commercial activity on the data recorded, nor does it carry out any profiling.
Concepts
Data subject: any natural person who is identified or can be identified, directly or indirectly, on the basis of personal data. In particular, for the purposes of this Notice, a data subject is the User.
Personal Data: data that can be associated with the Data Subject, in particular the name, the identification mark and one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of the Data Subject, and the inference that can be drawn from the data concerning the Data Subject.
Data controller: the natural person who, alone or jointly with others, determines the purposes for which the data are to be processed, takes and executes decisions regarding the processing (including the means used) or has them executed by a processor. The Controller for the purposes of this Notice is PigBrother Ltd., address: 40 Rákóczi street, 3043 Egyházasdengeleg. (e-mail: sales@agri-food.ai.)
Consent: a voluntary and explicit expression of the data subject’s wishes, based on appropriate information, by which he or she gives his or her unambiguous consent to the processing of personal data concerning him or her, either in full or in relation to specific operations.
Objection: a statement by the data subject objecting to the processing of his or her personal data and requesting the cessation of the processing or the deletion of the processed data.
Data processing: any operation or set of operations which is performed upon data, regardless of the procedure used, in particular collection, recording, recording, organisation, storage, alteration, use, consultation, disclosure, alignment or combination, blocking, erasure and destruction, as well as the prevention of further use of data.
Data erasure: rendering data unrecognisable in such a way that it is no longer possible to recover it.
Data blocking: the marking of data with an identifier in order to limit its further processing permanently or for a limited period of time.
Mobile Application: the entirety of Maduro’s digital content, including all its components and elements, available in the Google Play and Apple Store online application installers.
Service: services operated by the Data Controller and provided by the Data Controller that are available on the Mobile App.
External service providers: third party service partners used by the Data Controller, either directly or indirectly, in connection with the provision of certain Services, to whom data or personal data are or may be transferred or who may transfer personal data to the Data Controller in order to provide their services.
Legal basis for processing
The processing is based on the consent of the User or the legitimate interest of the Data Controller. By accepting this Notice, Users give their explicit consent to the processing of personal data in the course of using the Mobile Application, by means of a pop-up window, on the basis of the terms set out in this Notice.
In the case of processing based on consent, the User has the right to withdraw his consent at any time, without prejudice to the lawfulness of the processing prior to the withdrawal. Upon request, the Data Controller shall provide the User with information on the provisions of this paragraph as set out in this Notice.
Scope of data processed
When using the Services of the Mobile Application, the Data Controller may process the following data of the User: a) the User’s email address; b) the userUid uniquely identifying the User.
The technical data recorded during the use and the use of the Mobile Application Service may be recorded for the purpose of anonymized statistics, analysis and to enhance the user experience.
The purpose of processing the data specified in points a) to b) is to identify the User, to record promotional information and to enforce the legitimate interests of the Data Controller.
Profiling
The Data Controller declares that no profiling or automated decision-making is carried out in relation to the User on the basis of the data processed by it.
Data transmission
The transfer of personal data is only possible in cases provided for by law, on the grounds of legitimate interest or with the consent of the User. The data may not be accessed by anyone other than the Data Controller and certain External Service Providers specifically identified in the Data Protection Notice.
How personal data is stored
The Data Controller stores personal data concerning the User in electronic form.
Separate, technically recorded data during the operation of the IT systems: data of the User’s Mobile Application generated during the use of the Service and recorded by the IT system of the Data Controller or Google or Apple as a third party service provider as an automatic result of technical processes. The automatically recorded data are automatically logged by the systems of the External Service Providers at the time of the User’s act of use, without any specific declaration or action on the part of the User.
Duration of processing
The personal data concerning the User will be stored in the IT systems of the Data Controller and the External Service Provider until the withdrawal of the data processing authorisation at the latest, after which they will be automatically deleted.
The User may request the deletion of his/her personal data at any time by sending a request to the e-mail address sales@agri-food.ai.
If the User requests the deletion of his/her personal data – and there are no obstacles to this in this Notice – the personal data will be processed until the date of deletion in accordance with the request.
In the event of unlawful or fraudulent use of personal data, or in the event of a criminal offence committed by the User or an attack against the Data Controller’s IT system, the Data Controller is entitled to delete the User’s personal data without delay, and in the event of suspected criminal offences or civil liability, the Data Controller is also entitled to retain the personal data for the duration of the proceedings.
Use of an external service provider
The Data Controller uses an external service provider for the provision of the Service, with which the Data Controller cooperates. The personal data processed by the External Service Provider’s system shall be governed by the provisions of the External Service Provider’s own privacy policy. An extract of these is set out in Annex 1.
The Data Controller will use its best efforts to ensure that the External Service Provider processes the data transferred to it in accordance with the law and uses it only for the purposes set out in this Notice, which it cannot guarantee.
After 25 May 2018, the External Service Provider shall record, process or process the personal data transmitted to it by the Data Controllers and processed or processed by them in accordance with the provisions of the GDPR and shall provide a declaration to the Data Controller to that effect.
External service provider(s) cooperating with the Data Controller:
Google LLC (Contact: 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA, Privacy Policy in English: https://policies.google.com/privacy?hl=hu).
Apple INC (Contact: One Apple Park Way, Cupertino, California, 95014, USA, Privacy Policy in English: https://www.apple.com/hu/privacy/).
Principles of data management
The Controller processes personal data only for the purposes set out in this Notice and in the applicable legislation. The scope of the personal data processed shall be proportionate to the purpose of the processing and shall not go beyond that purpose.
The Data Controller shall ensure the security of personal data, take technical and organisational measures and establish procedural rules to ensure that the data recorded, stored or processed are protected and shall endeavour to prevent their accidental loss, unlawful destruction, unauthorised access, unauthorised use, unauthorised alteration or unauthorised disclosure. The User declares that he/she is over 18 years of age.
The Data Controller shall notify the User of the rectification or restriction of the personal data processed by it. The notification may be omitted if this does not prejudice the legitimate interests of the User with regard to the purpose of the processing. In view of the relevant provisions of the GDPR, the Data Controller is not obliged to appoint a Data Protection Officer and no Data Protection Officer has been appointed voluntarily.
Rights of Users
The User may request information from the Data Controller on the processing of his/her personal data, the rectification of his/her personal data, and the erasure or blocking of his/her personal data, except for mandatory processing, at the e-mail address sales@agri-food.ai . Upon the User’s request, the Controller shall provide information about the data processed by the User, the purpose, legal basis and duration of the processing, as well as the legal basis and the recipient of any data transfer.
A request sent by electronic mail is considered authentic by the Data Controller if the request sent allows the User to clearly identify him/herself. The User may request the Data Controller to provide him/her with his/her personal data provided to him/her or processed by the Data Controller in an automated way in a structured, commonly used, machine-readable format and/or to transfer them to another data controller.
The Data Controller shall provide the information in writing in an intelligible form within the shortest possible time from the date of the request, but not later than 25 days, upon the User’s request. The information shall be provided free of charge if the person requesting the information has not yet submitted a request for information to the Data Controller for the same data in the current year. In other cases, a fee may be charged. The fee already paid shall be refunded if the data have been unlawfully processed or if the request for information has led to a rectification.
The request for information may cover the data of the User processed by the Data Controller, their source, the purpose, legal basis and duration of the processing and, in case of transfer of personal data, who has received or is receiving the User’s data and for what purpose. The Data Controller may refuse to inform the User only in the cases provided for in the GDPR.
In the event of refusal to provide information, the Data Controller shall inform the User in writing of the provision of the GDPR on the basis of which the refusal to provide information was made. In the event of refusal to provide information, the Data Controller shall inform the User of the possibility of judicial remedy and of recourse to the National Authority for Data Protection and Freedom of Information. If the personal data is not accurate and the accurate personal data is available to the Controller, the Controller shall correct the personal data.
At the User’s request, the Controller shall modify, correct or, if necessary, supplement the personal data. The personal data shall be deleted if required by the GDPR or if ordered by a court or the National Authority for Data Protection and Freedom of Information.
The User has the right to receive feedback from the Data Controller as to whether his/her personal data are being processed and, if such processing is ongoing, the right to access the personal data and certain information relating to the processing, including the purposes of the processing, the categories of personal data concerned, the recipients of the personal data, the (envisaged) duration of the processing, the rights and remedies of the data subject (including the right to lodge a complaint with a supervisory authority) and, where the data are not collected from the data subject, information on their source.
A request for erasure from the User may be refused if the processing of the personal data is authorised by law and is necessary for the establishment, exercise or defence of legal claims. In any case, the Data Controller shall inform the User of the refusal of a request for erasure, indicating the reasons for the refusal.
Instead of deletion, the Controller shall block the personal data if the User so requests or if, on the basis of the information available to it, it can be assumed that deletion would harm the legitimate interests of the User. The personal data blocked in this way may be processed only for as long as the processing purpose which precluded the deletion of the personal data persists.
Once a request for erasure of personal data has been complied with, the previous (erased) data can no longer be restored. The rectification, blocking, flagging and deletion, or refusal thereof, shall be notified to the User and to all those to whom the data were previously disclosed for processing. The notification may be omitted if this does not harm the legitimate interests of the User with regard to the purpose of the processing.
If the Data Controller does not comply with the User’s request for rectification, blocking or erasure, the Data Controller shall, within 25 days of receipt of the request, inform the User in writing of the factual and legal grounds for refusing the request for rectification, blocking or erasure. In the event of refusal of a request for rectification, erasure or blocking, the Data Controller shall inform the User of the possibility of judicial remedy and of recourse to the National Authority for Data Protection and Freedom of Information.
The User may object to the processing of his/her personal data. The Data Controller shall examine the objection within the shortest possible time from the date of the request, but not later than 25 days, and shall decide whether the objection is justified and inform the applicant in writing of its decision. If the Data Controller finds that the User’s objection is justified, the Data Controller shall terminate the processing, including further recording and transmission of data, and block the data, and shall notify the objection and the measures taken on the basis of the objection to all those to whom the personal data concerned by the objection were previously transmitted and who are obliged to take action to enforce the right to object.
The Controller reserves the right to amend this Notice at any time by unilateral decision. The User accepts the current provisions of this Policy by his/her next act of use, without the need to seek the consent of individual Users.
Remedies available
Any questions or comments related to data management can be addressed to the Data Controller at the e-mail address sales@agri-food.ai.
The User may directly contact the National Authority for Data Protection and Freedom of Information (address: 9-11 Falk Miksa street. 1125 Budapest; phone: +36-1-391-1400; e-mail: ugyfelszolgalat@naih.hu; website: www.naih.hu) with any complaint regarding data processing. Anyone, including the User, may file a complaint with the National Authority for Data Protection and Freedom of Information to initiate an investigation on the grounds that a violation of rights has occurred or is imminent in connection with the processing of personal data or the exercise of the right to access data of public interest or data in the public interest.
The User may also take legal action in case of violation of his/her rights. The court of law shall have jurisdiction to decide on the action. The action may also be brought, at the User’s option, before the court of the User’s domicile or residence. Upon request, the Controller shall inform the User of the possibilities and means of legal remedy.
Done at Budapest, 26 day 03 month 2024 year
- Annex No.
| Cloud Functions for Firebase | IP addresses | Purpose: Cloud Functions uses IP addresses to execute event-handling functions and HTTP functions based on end-user actions. Limitations: Cloud functions only saves IP addresses temporarily, to provide the service. |
| Firebase App Check | Certificates from supported certification providers Tokens | Control objective: Firebase App Check uses attestation material required by the corresponding attestation provider and received from end-user’s devices to help establish the integrity of the device and/or the app. Attestation materials are sent to the corresponding attestation provider for validation based on the developer’s configuration. App Check tokens obtained from successful attestations are sent with every request to supported Firebase services to access resources protected by App Check. Restrictions: Attestation material is not retained by App Check, but when it is sent to attestation providers, it is subject to the terms of those attestation providers. App Check tokens returned from successful attestations are valid throughout their TTL duration, which cannot be longer than 7 days. For developers who use replay protection features, App Check stores the App Check tokens used with these features for at most 30 days. Other App Check tokens not used with replay protection features are not retained by Firebase services. |
| Firebase App Distribution | Usernames Email addresses iOS UDIDs Secure Android IDs Firebase installation IDs | Purpose: Firebase App Distribution uses the data to distribute app builds to testers, monitor tester activity, enable tester features like in-app feedback, and associate data with tester devices. Limitations: Firebase App Distribution retains user information until the Firebase customer requests its deletion, after which data is removed from live and backup systems within 180 days. |
| Firebase Authentication | Passwords Email addresses Phone numbers User agents IP addresses | Purpose: Firebase Authentication uses the data to enable end-user authentication, and facilitate end-user account management. It also uses user-agent strings and IP addresses to provide added security and prevent abuse during sign-up and authentication. Limitations: Firebase Authentication keeps logged IP addresses for a few weeks. It retains other authentication information until the Firebase customer initiates deletion of the associated user, after which data is removed from live and backup systems within 180 days. |
| Firebase Cloud Messaging | Firebase installation IDs | Purpose: Firebase Cloud Messaging uses Firebase installation IDs to determine which devices to deliver messages to. Limitations: Firebase retains Firebase installation IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days. |
| Firebase Crashlytics | Crashlytics Installation UUIDs Firebase installations ID Crash traces Breakpad minidump formatted data (NDK crashes only) | Purpose: Firebase Crashlytics uses crash stack traces to associate crashes with a project, send email alerts to project members and display them in the Firebase Console, and help Firebase customers debug crashes. It uses Crashlytics Installation UUIDs to measure the number of users affected by a crash and minidump data to process NDK crashes. The minidump data is stored while the crash session is being processed and then discarded. The Firebase installation ID enables upcoming features that will enhance crash reporting and crash management services. Refer to Examples of stored device information for more detail on the types of user information gathered. Limitations: Firebase Crashlytics keeps crash stack traces, extracted minidump data, and associated identifiers (including Crashlytics Installation UUIDs and Firebase installation IDs) for 90 days before starting the process of removing it from live and backup systems. Note: Firebase Crashlytics stores minidump data only temporarily in order to process NDK crashes. |
| Firebase Dynamic Links | Device specs (iOS) IP addresses (iOS) | Purpose: Dynamic Links uses device specs and IP addresses on iOS to open newly-installed apps to a specific page or context. Limitations: Dynamic Links only stores device specs and IP addresses temporarily, to provide the service. |
| Firebase Hosting | IP addresses | Purpose: Hosting uses IP addresses of incoming requests to detect abuse and provide customers with detailed analysis of usage data. Limitations: Hosting retains IP data for a few months. |
| Firebase In-App Messaging | Firebase installation IDs | Purpose: Firebase In-App Messaging uses Firebase installation IDs to determine which devices to deliver messages to. Limitations: Firebase retains Firebase installation IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days. |
| Firebase ML | Uploaded images Tokens | Data management purpose: The Cloud based APIs store uploaded images temporarily, to process and return the analysis to you. Stored images are typically deleted within a few hours. See the Cloud Vision Data Usage FAQ for more information. Installation auth tokens are used by Firebase ML for device authentication when interacting with app instances, for example, to distribute developer models to app instances. Limitations: installation auth tokens remain valid until their expiration date. The default token lifetime is one week. |
| Firebase Performance Monitoring | Firebase installation IDs IP addresses | Control objective: Performance Monitoring uses Firebase installation IDs to calculate the number of unique Firebase installations that access network resources, to ensure that access patterns are sufficiently anonymous. It also uses Firebase installation IDs with Firebase Remote Config to manage the rate of performance event reporting. Additionally, it uses IP addresses to map performance events to the countries they originate from. For more information, see Data collection. Limitations: Performance Monitoring keeps IP-associated events for 30 days, and it keeps installation-associated and de-identified performance data for 90 days before starting the process of removing it from live and backup systems. |
| Firebase real-time database | IP addresses User agents | Purpose: Realtime Database uses IP addresses and user agents to enable the profiler tool, which helps Firebase customers understand usage trends and platform breakdowns. Limitations: Realtime Database keeps IP addresses and user agent information for a few days, unless a customer chooses to save it for longer. |
| Firebase Remote Config | Firebase installation IDs | Purpose: Remote Config uses Firebase installation IDs to select configuration values to return to end-user devices. Limitations: Firebase retains Firebase installation IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days. |
Our website uses cookies