1. Initial Information
This Privacy Notice applies to the company Eiwa, which we hereby will refer as just EIWA.
EIWA, aiming to act with transparency towards its customers, suppliers, employees, and the market in general, is committed to the best global privacy practices, and for that reason, it has been adopting, as we will see below, measures to ensure compliance with the data protection laws of the jurisdictions in which EIWA operates, including the United States, Brazil and Argentina.
This Notice will help you to, initially, understand the main concepts regulated hereunder, such as “personal data”, “sensitive personal data”, “data processing” and “international data transfer”, amongst others.
In addition, this Notice will help you understand:
- How does EIWA work;
- What are the main definitions and concepts relevant to the understanding of this
Notice; What data does EIWA collect; - How EIWA processes your personal data; How your personal data is used (for what purpose); What are your rights (as data subjects); If EIWA uses cookies on its website and/or its application;
- How is your data shared (and, being that the case, whether there is an “international
data transfer” happening); - What are the measures adopted by EIWA to ensure the security and integrity of your
personal data; and finally, - How to contact EIWA in case of any concerns related to the protection of personal data.
We kindly ask you to read this Notice carefully and, in case of doubt, contact us through email: Info@eiwa.ag .
It is important to keep in mind that this Privacy Notice does not cover third party websites/applications, only the EIWA platform and application.
Remembering that you accept the terms of this Notice when you start using our platform/application, thus tacitly agreeing to the use of your “personal data” (a concept that we will see below).
If you do not agree with the terms of this Notice, we kindly ask you to contact us before using our services, so that we can better serve you.
Failure to provide certain personal data may make it impossible for EIWA to provide its services. You are responsible for any personal data of third parties obtained, published or shared through the EIWA platform and/or application and confirm and warrant that you have the third party’s consent to provide or share their data.
You give your express and informed consent to EIWA to allow the personal data (i) to be processed and stored on servers and/or digital media and/or (ii) to be used scientifically and statistically for the improvement of the services, products and contents offered by EIWA and/or (iii) to be provided to any company that is part of the EIWA group of companies and/or to customers supplying products and/or services with which EIWA has a commercial agreement in force, for the sole purpose of enabling EIWA to deliver, offer and/or sell products, services and solutions to its customers and/or (iv) for the purposes set out in (iii) above, and/or to store the personal data on servers located in any country in the world.
Personal data collected through the services offered by EIWA may be disclosed and otherwise communicated to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
2. Main definitions and concepts relevant to the understanding of this Notice
The main concepts mentioned throughout this Privacy Notice are listed in alphabetical order:
Anonymization: the anonymized data is the data related to the data subject that cannot be identified, considering the use of reasonable technical means available at the time of its treatment.
Business Intelligence (“BI”): at EIWA, the raw data entered on the platform by its subscribers is used to extract information and insights that benefit all subscribers in the making of important decisions regarding agribusiness.
Controller: is the natural or legal person, of public or private law, who is responsible for decisions regarding the processing of personal data.
Cookies: cookies are nothing more than pieces of code that give a website some sort of “short-term memory”, allowing it to remember small pieces of your browsing information, such as your login information and browsing preferences, for example, in order to provide you with a more personalized experience.
Data Analytics: consists in the applied use of data, analysis and systematic reasoning to ensure a much more efficient decision-making process. It is considered a segment of BI.
Data Processing: is any operation carried out with personal data, such as those referring to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction. That is, the entire path that the data goes through, end to end, thus, from the moment that it is collected to the moment it is deleted.
Data Sharing (“Data Share”): the customer easily receives and shares market insights through BI dashboards (visual dashboards that contain information, metrics and indicators). Data share is the communication, dissemination, international transfer, interconnection of personal data or shared treatment of personal data banks by public bodies and entities in the fulfillment of their legal competences, or between these entities and private entities, reciprocally, with specific authorization, for one or more treatment modalities permitted by these public entities, or between private entities.
Drones: drones are nothing more than unmanned aircraft, of various sizes, which initially had military uses, but nowadays have a very wide range of uses, such as, in case of EIWA, capturing videos and photos of the farming fields, of the planting and harvesting phases, of land, etc.
International Data Transfer: is the transfer of personal data to a foreign country or international organization of which the country is a member, such as a datacenter (which is nothing more than a centralized physical facility, where corporate computers, the network, storage and other IT equipment that support business operations are located), as it is the case of EIWA, whose datacenters used for data storage (AWS Amazon and Bizneo RH) are located, respectively, in Argentina and in Spain, but may be located elsewhere in the future.
Owner: is an individual (and, in some jurisdictions, business and/or legal entities) to whom the personal data subject to processing refer to.
Personal Data: is every single piece of information related to an identified or identifiable natural person and/or, in some jurisdictions, businesses and/or legal entities. Translating: it is all the information capable of identifying you and/or your business and/or legal entity, including names, email addresses, mailing addresses, phone numbers, payment information, credentials or other information for account verification, technical information including the IP address used by your device, geo-localization and flight data, studies related to agriculture, photos and videos of fields, land, plantations and harvests, among others.
Sensitive Personal Data: is personal data about racial or ethnic origin, religious conviction, political opinion, affiliation to a union or organization of a religious, philosophical or political nature, data concerning health or sexual life, genetic or biometric data, when linked to a natural person. That is: they are more sensitive data, which by their very nature deserve greater care.
Upload: act of transmitting data from one computer system to another (which in the case of EIWA is cloud storage, which basically consists of a technology that allows users and companies to store, maintain and access data on high availability servers via the internet) over a network.
- What data does EIWA collect and how does EIWA process your personal data?
As we have already discussed, personal data is all data linked to an identified or identifiable individual, whether it is capable of identification by direct or indirect means.
Likewise, in Salesforce CRM, EIWA only stores public data, collected from online LinkedIn browsing, news sites, etc., all data from a public source, which is not considered personal data.
The personal data that EIWA processes and/or stores includes:
- business and other personal data and/or customers and/or users’ personal data, including names, email addresses, mailing addresses, phone numbers, payment information, credentials or other information for account verification, technical information including the IP address used by your device, geo-localization and flight data, studies related to agriculture, photos and videos of fields, land, plantations and harvests, feasibility studies, and so forth), and business secrets, that are stored in the Amazon “AWS” cloud, a reference in the data protection security sector;
- users’ personal data, including geo-localization, names, email addresses, mailing addresses, phone numbers, payment information, credentials or other information for account verification, technical information including the IP address used by their devices; and
- The personal data of candidates from selection processes opened by EIWA and also the personal data from all EIWA employees, which are stored on the Bizneo platform (whose datacenter is located in Spain, and may be located elsewhere in the future), which periodically audits its data protection and cybersecurity processes.
- How is your personal data used (for what purpose)?
The personal data listed above are basically used for three purposes:
- Commercial contact with customers (in which only name and email address are collected, and, in the application, user – which is the email itself – and password), all stored in a secure cloud;
- Geo-location of users of the EIWA application, as may be requested by EIWA customers’ from time to time; and
- Recruitment and selection and hiring of new employees, whose data is also stored on a secure platform.
- What are your rights as holders of personal data?
Let’s deal with your rights separately.
You have the right to easy access to information about the processing of your data, which must be made available in a clear, adequate and ostensible way .
- Does EIWA use “cookies” on its website and/or its application?
Yes, EIWA does use “session cookies” and “first party cookies” on their website and their application.
Session cookies are basically a cookie that allows the browser to “re-identify” itself to the unique and exclusive server on which the client had previously authenticated itself. This is the classic example of a shopping cart made on a website, where you close the website, and when you return to the same website, your “shopping cart” is still there. It is an essential feature for the proper functioning of the EIWA website and/or application, which you can waive, knowing that it will harm or even make the usability of the website unfeasible.
Cookies first party, in turn, are very similar to session cookies, since they are created by the EIWA website and/or application itself in order to collect information about you, such as your username, passwords, language preference, payment method, and (possible) products in a shopping cart. It is an essential feature for the proper functioning of the EIWA website and application, which you can waive, knowing that it will harm or even make the usability of the website unfeasible.
- How is data stored at EIWA?
All customer personal data are stored in the Amazon AWS cloud, a reference in security and data protection.
Candidate data in recruitment processes and employee data, on the other hand, are stored on the Bizneo platform, a Human Resources software that is a global reference in terms of safety and quality.
- How is your data shared?
Personal data collected by EIWA is for internal use only.
This implies that your data will be shared, basically with:
- Amazon AWS cloud, which, as we have seen, stores almost all customer and supplier data, as well as documents and information collected by EIWA;
- Bizneo platform, a Human Resources software that is a global reference in safety and quality, where, as we have seen, the data of candidates from recruitment processes and the data of EIWA employees are stored.
EIWA may also be required by governmental and/or regulatory authorities to provide data related to its employees, which may be necessary to comply with the legislation.
In addition, the data is for internal consumption, and the insights resulting from the platform’s data analysis come from anonymized data.
- What are the measures adopted by EIWA to ensure the security and integrity of your personal data?
EIWA invests heavily in technology, so that the notebooks used by its employees have state-of-the-art antivirus, firewalls and coding techniques, in addition to all reasonable security measures in place to prevent a data leak.
Employees are instructed not to save any personal data on their company notebook, to use a “secure password” (a random password that is stored in an encrypted software), and to log out of the notebook whenever they are at the company’s headquarters or even in a public place and need to stay away from the machine, even for a short period of time.
Employees are also instructed to maintain a clean desk policy and not to talk about work matters, let alone mention personal data in public places (such as elevators, restaurants, taxis, or even the company’s open space, depending on the criticality of the data).
Furthermore, the personal data collected by the company are stored in a cloud that is a reference in data security (Amazon AWS) and also in the Bizneo platform, a Human Resources software that is a global reference in security and quality.
- Does EIWA transfer data internationally?
The answer is yes, since the personal data collected by the company is located in two datacenters, one located in Argentina (headquarters of the Amazon AWS datacenter chosen by EIWA) and the other located in Spain (headquarters of Bizneo RH and its datacenter), and may be located elsewhere in the future.
Deciding on a particular country as the “host” of the data is a multi-factorial decision, which takes into account a series of points, such as the business model, the target audience, the price, or even technical issues, among others. others. And due to the global telecommunications infrastructure, it is very common for providers to be located in another country.
- How do you get in touch with EIWA, in case of any need linked to the protection of your personal data?
All requests regarding data protection must be made via email (Info@eiwa.ag), and will be answered immediately, when in simplified format, and within 15 days, when the holder requires a clear and complete statement, that indicates the origin of the data, the lack of registration, the criteria used and the purpose of the treatment, observing commercial and industrial secrets.
Annex to apply in Argentina
EIWA S.A., with domicile in 25 de mayo 460, 4th Floor, (C1002ABJ) Ciudad de Buenos Aires, Argentina, is responsible for the treatment of the personal data collected in Argentina.
The owner of the personal data has the right of access to his or her personal data free of charge at intervals of no less than six months, unless a legitimate interest is proven in accordance with the provisions of article 14, paragraph 3 of Argentine Law No. 25,326.
The Agency for Access to Public Information (Agencia de Acceso a la Información Pública), in its capacity as regulator in charge of the application of Argentine Law No. 25,326, has the power to deal with complaints and claims filed by those who are affected by their rights due to non-compliance with current regulations on personal data protection.
Agencia de Acceso a la Información Pública
Address: Av. Pte. Gral. Julio A. Roca 710, 5th floor
(C1067ABP) Ciudad Autónoma de Buenos Aires
Argentina
You may also request information and/or exercise your rights of access, rectification and deletion of your personal data by email to info@eiwa.ag or by postal courier to EIWA SA., with domicile in 25 de mayo 460, 4th Floor, (C1002ABJ) Ciudad de Buenos Aires, Argentina.
In Argentina, this Privacy Policy is governed by the laws of Argentina. In the event of any claim relating to or arising out of this Privacy Policy, the parties submit to the exclusive jurisdiction of the Ordinary National Courts sitting in the Autonomous City of Buenos Aires, and waive any other court or jurisdiction that may apply.
(Focusing on continuous improvement, our Privacy Notice is constantly being updated, so we kindly ask you to periodically visit this page to ensure you are aware of any changes made to this document. If changes are made that require consent – which is not usually the case for EIWA – you will be informed in advance. This version of the Privacy Notice is dated 06/01/2023).