The web and mobile application Tomappo ("Application"), our websites, and other services are brought to you by PROVENTUS d.o.o. ("PROVENTUS") a company with a primary business address of Gradišče 40, 5270 Ajdovščina, Slovenia, EU.
We intend only to process personal data fairly and transparently as required by data protection law including the General Data Protection Regulation (GDPR).
What data we collect and how do we collect it
User Provided Information
Through Mobile Application Tomappo we collect the information you provide when you download and register the Application. Registration is optional but you may not be able to use some of the features such as weather forecast, asking questions on our gardening forum, secure storage of your gardening notes in Cloud, etc., unless you register with us. Through Web Application Garden Planner (PRO) we collect the information you provide after your registration. You cannot use the Garden Planner (PRO) without registration. When you register with us and use the Application, you generally provide:
(a) Your name, email address, password and other registration information;
(b) Transaction-related information, such as when you make purchases, respond to any offers, or download or use applications from us;
(c) Information you enter into our system when using the Application, such as the design of your garden and your gardening notes;
(d) Your location - only when you provide it (When you use our Services, we collect and process information about your specific location. For the app to know your location you will be asked to give your consent to this when joining and from time to time during your use of the Services. Knowing your location helps us improve the Services including offering location specific plant tasks, weather information, planting recommendations and plants for sale in our price comparison. We may also share an aggregated and anonymised approximation of your location with our partners.);
(f) Your address and/or phone number - only when you provide it for purchase or seedexchange purposes.
(g) Images you send when using the pest and disease recognition feature of the application.
The legal basis for data processing is the contract. The retention period is until the purpose of the contract is fulfilled or up to 6 years after the termination of the contract.
Purchase of goods and services in the online store
The company processes personal data in online business within the online store when an individual submits an online form, registers (creates a user account) or makes a purchase (successfully places an order) via the online store as an unregistered user. When the user purchases a product without registering or logging into the user account, the company processes personal data that is absolutely necessary for the purpose of carrying out the given order, business communication and enforcing the rights and obligations from the concluded contract, namely: name, surname, delivery address, e-mail address, telephone number, information about the ordered product and payment.
When an individual registers a user account or makes a purchase as a registered user, concludes a contract with the company on the provision of services to registered users. The types of personal data that are processed when registering a user account are: name, surname, delivery addresses, e-mail address, phone number, data on ordered/purchased products, data on popular products, data on payments, data on obtained discounts or other information that the user provides in their profile. In the case of user account registration, personal data is stored in the user's profile. In addition to the above-mentioned purposes, they are also processed for the purpose of automated filling in of data for the execution of orders, display of purchase history, for the purpose of evaluating the offer, improving the services and offer of the online store, increasing customer satisfaction, and for the purpose of studying user habits and for the purpose of creating special offers and benefits. intended only for registered users.
Notifying individuals by e-mail, e.g. e-newsletters
Based on the performance of legal activities, the company can inform customers, buyers and users of its services to their e-mail address about its services, events, trainings, offers and other content. The individual can at any time request the termination of this type of communication and processing of personal data and cancel the receipt of messages via the unsubscribe link in the received message or send the request by e-mail or by regular mail to the company's address.
The legal basis for data processing is legitimate interest and consent. The data will be processed until the receipt of messages is canceled or consent is withdrawn or until the purpose of the processing is fulfilled. Revocation of consent does not affect the lawfulness of processing based on consent prior to its revocation.
Automatically Collected Information
In addition, the Application collects certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device's unique device ID, the IP address of your mobile device, your mobile operating system, the type of Internet browsers you use, and information about the way you use the Application.
We also use standard Internet technology, such as web beacons, cookies and other similar technologies, to track your use of our Services (see our Cookies Policy). Web beacons are small pieces of data that are embedded in images on the pages of sites.
This allows us to assess how you have used our services and helps us to analyse how we can optimize them for you in the future. Please note, if you do not allow us to collect information from you it may result in you being unable to use certain features including purchase products or services and participate in a contest, promotion, survey, or sweepstakes. For further information about our use of these technologies and how you can opt out of cookies, please see our Cookies Policy.
How We Use Your Data
We gather data to:
* provide and deliver the products and services on your request, process transactions, and send you related information;
* provide weather forecast for your garden and location specific offers;
* develop and improve products and services;
* provide customer support and to communicate with you by e-mail, postal mail, display media and/or mobile devices about products or services that may be of interest to you either from us, or our business partners;
* send you updates, technical notices, security alerts and marketing communications on behalf of us or other companies;
* monitor and analyse trends and usage;
* perform scientific research on anonymised data regarding gardening, nutrition and lifestyle.
When our company processes your order, it may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.
How We Share Information
* to comply with any law, regulation, or governmental request, or to comply with judicial process;
* to protect and defend the rights or property of us, the users of our Services, or third parties;
* with our trusted service providers that perform certain services on our behalf such as e-mail services, billing and payment processing, services supporting contests, sweepstakes and surveys;
* to research institutions and aggregators of research data in anonymised form for purposes of scientific research related to gardening, nutrition and lifestyle;
* to advertisers and third party advertising networks and analytics companies as described in the section below.
Data Analytics and Advertising
We may work with analytics companies to help us understand how our Services are being used. We may work with advertisers and third party advertising networks who need to know how you interact with advertising provided in the Application, which helps us keep the cost of the Application low. Advertisers and advertising networks use some of the information collected by the Application, including, but not limited to, unique device identifiers, device manufacturer and operating system, IP address, browser type, pages viewed, session start/stop time, links clicked, and conversion information. You can stop all collection of information by the Application easily by uninstalling the Application.
We may send you information about products and services we think you might like. You may always opt out by unsubscribing from mailing lists. To unsubscribe from our emails and service you can use the settings menu within the application.
Privacy policies of third-party websites
To process your personal data, we rely on certain legal grounds, depending on how you interact with our Sites and Applications (our Services).
When you purchase products from our Sites, we need your personal data to fulfil our contract with you. For example, we need your payment and contact details to deliver your order. When you use our Applications, we rely on your consent for processing and for certain limited purposes to fulfil our contract with you.
We also rely on other legal grounds, such as our legitimate interests as a business, to comply with a legal obligation, or to protect your vital interests.
Data processing agreements and data export
The contract processors with which the company cooperates are mainly:
* accounting services and other providers of legal and business advice;
* maintainers of information systems;
* e-mail service providers and software providers, cloud services (e.g. Microsoft, Google);
* providers of social networks and online advertising (Google, Facebook, Instagram, etc.);
* partners on (research) proejcts.
For the purposes of better inspection and control over processors and regulation of the mutual contractual relationship, the company also maintains a list of processors, which lists all specific processors with which the company cooperates.
Under no circumstances will the company provide personal data of an individual to unauthorized third parties. Contract processors may only process personal data within the framework of the company's instructions and may not use personal data for any other purposes.
As a controller, the company and its employees do not export personal data to third countries (outside the member states of the European Economic Area - EU members and Iceland, Norway and Liechtenstein) and to international organizations, except in the USA, whereby relations with contractual processors from the USA are regulated on on the basis of standard contractual clauses (standard contracts adopted by the European Commission) and/or binding business rules (adopted by the company and approved by supervisory authorities in the EU).
Depending on your location, you may have some or all of the following rights in relation to how we use your information:
1. The right to access - you may ask of what kind of personal data is being processed and receive copies of it;
2. The right to data portability - you may ask to get a structured record of the data we have on you and the right to transfer that record to another organization;
3. The right to rectification - you may ask for modifications in case personal data is not up to date, accurate or complete.
4. The right to Object to, Limit or Restrict the use of your Information - you may ask us to stop using all or some of your information or to limit our use of it.
5. The right to erasure - in certain circumstances, you can request a right to be forgotten - to have your information deleted. We will honour such requests unless we have to retain this information to comply with a legal obligation or unless we have an overriding interest to retain it.
6. Consent Withdrawal - where we rely on consent to process your information, you may withdraw a previously given consent at any time.
If you wish to exercise any of these rights, or wish to object to our use of your information, please write to us at our email: email@example.com.
Should you believe that your rights related to the processing of your personal data have been infringed, you may lodge a complaint with the Information Commissioner's office (Zaloška 59, 1000 Ljubljana, e-mail: firstname.lastname@example.org). In any event, in order to resolve any privacy issue as quickly and conveniently as possible, it is advisable that you send any complaints or enquiries to PROVENTUS at the above email address prior to addressing the authorities.
We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. Sensitive information such as credit card details are not stored on our own servers but passed directly to our secure payment provider. The servers that store personally identifiable information are in a secure environment.
The collected data is stored on a virtual server within EU. The security of the infrastructure is guaranteed by the (established) cloud provider while the system itself complies with current security best practices (encryption of passwords, secure communication etc.).
Information we collect, or permit third parties to collect may be transferred to, stored and processed outside your country of residence in any country or territory where one or more of our affiliated group companies, third party service providers or advertising companies or advertising networks are located or maintain facilities, including but not limited to Slovenia.
Data Retention Policy, Managing Your Information
We will retain User Provided Data for as long as you use the Application and for a reasonable time thereafter. We will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate. If you would like us to delete User Provided Data that you have provided via the Application, please contact us at email@example.com.
We reserve the right to modify this statement at any time, therefore we ask you to review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page.
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third party to recognize you and make your next visit easier and the Service more useful to you.
Cookies can be "persistent" or "session" cookies. A persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies that we use
If you do not wish to accept cookies in connection with our website Services, you will need to delete, and block or disable cookies via your browser settings. For details, visit your browser's help menu. If you choose to reject cookies, you may still use our website though your access to some functionality and areas of our website may be restricted.
If you have any questions about our cookies or this cookies policy, please contact us by email to firstname.lastname@example.org.