SCR PRIVACY POLICY
Privacy
SCR is committed to protecting your privacy and your personally identifiable data and other personal information (“Personal Data”). SCR has created this Privacy Policy to let you know what information SCR collects when you use the system provided by SCR (the “System”), how SCR collects it and how it makes use of it. When you access or use the System you are invited to read this Privacy Policy.
Categories of Personal Data collected
SCR collects and stores Personal Data from you, including without limitation, your name, your farm or other physical address, email address, phone number, other contact data, and any and all data generated by the System to the extent it may be considered Personal Data (see below for discussion of what may not be considered Personal Data). SCR also collects and stores an activity log unique to you that collects certain administrative and traffic data including without limitation source IP address, time of access, date of access, web page(s) visited, language used, System crash reports, type of browser used, the technical operation of the System, and any data required to ensure your use of the System is compliant with the Terms of Use. SCR collects and stores the aforesaid Personal Data when you visit or use the System and when you provide it to SCR, and also in your communications with SCR.
You are responsible for ensuring the accuracy of your Personal Data you submit to SCR through the System. Inaccurate information will affect the information you receive when using the System and SCR's ability to contact you as contemplated in this Privacy Policy as well as to provide you with the System in the best manner possible.
In addition, please note that this Privacy Policy does not cover the following information as if is not considered Personal Data:
- information relating to a legal entity (e.g. corporate information, contact details, accounting information, etc.);
- anonymised data, namely information which does not relate to an identified or identifiable natural person or to Personal Data rendered anonymous in such a manner that the data subject is not or no longer identifiable.
If we are unable to collect your Personal Data we may be unable to provide the System to you.
Use of Personal Data
SCR uses the Personal Data it collects from or about you to establish and manage the contractual relationship, provide you with our services and make the System available to you, source official identifications numbers for your animals when required by law, conduct statistical analysis, provide customer support, undertake necessary security and identify verification checks, allow software integration with other tools that you use, to track your use of the System and/or for other internal purposes, such as evaluating, providing, and improving the System. Your Personal Data is used to provide you with promotional offers and information regarding products and services from SCR or third parties where you have accepted or consented to receive such offers and information via the System or otherwise, and also in order for SCR to improve the System and/or customer service.
SCR may also share Personal Data with third parties, i.e. professionals you work with (e.g. veterinarian, nutritionist), firms that may provide services relevant to your type of business, analyzers, law enforcement authorities, administrative and regulatory bodies, potential purchasers or investors, including their outside counsels, in case of a projected corporate operation. Finally, SCR also anonymizes certain of your Personal Data in order, for instance, to generate aggregated data.
Sharing and Transfer of Your Personal Data
Usually, a sharing of Personal Data may occur (i) if you have requested and/or agreed that the Personal Data will be provided to these third parties; or (ii) if the disclosure is required or permitted by law; or (iii) if it is transferred for the performance of a contract between you and SCR; or (iv) the transfer is necessary in order to protect the vital interests of the data subject; or (v) the transfer is necessary or legally required on important public interest grounds, or for the establishment, exercise, or defence of legal claims.
SCR may disclose your Personal Data to associated entities and/or to third parties, at SCR's sole discretion, where the purpose of such disclosure is to provide you with the System and to improve the System as part of compliance with contractual duties between us.
In addition, SCR may disclose your Personal Data if SCR believes in good faith that such action is necessary to comply with applicable legislation, a current judicial proceeding, a court order or legal process, or to protect and defend SCR's (or its licensor's) rights or property, the personal safety of other users of the System or the public at large. SCR reserves the right to share the Data with appropriate authorities and financial institutions, if SCR determines in its sole discretion that you attempted to defraud SCR, or if SCR suspects you are committing any fraudulent activity, or any other prohibited transaction, or if you breach the Terms of Use.
In the event that SCR sells, assigns or transfers some or all of its business or assets to a successor or acquirer, or if SCR is acquired by or merges with a third party, or if SCR files for bankruptcy or becomes insolvent, SCR may disclose, sell, assign or transfer all of your Personal Data as part of the transaction. These may be located at destinations outside the European Economic Area. The data protection and privacy laws of the jurisdictions to which the Personal Data will be transferred may not be as comprehensive as those in the European Union (if applicable to you); in which case SCR will take measures to ensure a similar level of protection is provided to your Personal Data.
Cookies
SCR uses a browser feature known as cookies, which are small text files which are placed on your computer or equipment when you visit certain online pages, to track your activities, record your preferences, and make the System more responsive to your needs by delivering a better and more personalized experience to you.
Security
SCR has implemented suitable security policies, rules and technical measures to protect and safeguard the Personal Data under its control from unauthorized access, improper use or disclosure, unauthorized modification, unlawful destruction or accidental loss. SCR may use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to provide the service. These may be located at destinations outside the European Economic Area. By submitting your Personal Data, you agree to this. All of SCR's employees and data processors that have access to, and are associated with the processing of your Personal Data, are obliged to respect the confidentiality of your Personal Data. However, we cannot guarantee the security of your data, which may be compromised by unauthorized entry or use of the System.
Reasonable physical, technical, and procedural measures shall be taken to:
- Prevent and/or to identify unauthorized or unlawful collection, processing, and transmittal of Personal Data; and
- Prevent accidental loss or destruction of, or damage to, Personal Data.
Links to Other Sites
The System may contain links to other sites. Other sites may also reference or link to the System. SCR is not responsible for the privacy practices or the content of such other online sites, and any information collected by these third party online sites is not governed by this Privacy Policy, and SCR assumes no responsibility or liability whatsoever for the policies (including privacy policies), practices, actions or omissions of such third parties.
Your Choices
You can opt out of marketing emails by utilizing the “unsubscribe” link or other mechanism noted in marketing emails you receive from SCR. You may also request to opt out of marketing emails, including those regarding offers from third parties, by contacting us through one of the methods specified in the Contact Information section below, and sharing the email address at which you are receiving marketing emails.
Retention and Deletion of Your Personal Data
SCR may retain your Personal Data for as long as needed to provide you with the services described in the Terms of Use. This often means that SCR will keep Personal Data for the duration of your account, which may be terminated in accordance with the Terms of Use. Please note, however, that where applicable legislation requires SCR to do so, it may be required to keep records of your Personal Data even after such termination.
Contact Information
In the event that you wish to learn more about our data privacy practices or to make a complaint about how SCR processes your Personal Data, please contact SCR in the first instance:
- at the following email address dataprivacy@scrdairy.com; or
- mail our offices address at SCR (Engineers) Ltd. 18 Hamelacha St. Netanya, POB 13564 Hadarim, 42138, Netanya, Israel.
SCR will endeavour to deal with your request as soon as possible.
Change to this Policy
SCR reserves the right to make, from time to time, changes and updates to this privacy policy as shall be posted at http://www.scrdairy.com/END-USER-SYSTEM-LICENSE-AGREEMENT/legal.html#privacy . You are responsible for regularly reviewing information posted online to obtain timely notice of such changes. If you do not agree to the altered privacy policy, you may stop using the System.
European Union (EU) Section
This EU section in this Privacy Policy is being made according to Regulation (EU) 2016/679 known as the General Data Protection Regulation (“GDPR”) and so contain additional provisions, all to ensure full compliance with the GDPR provisions in the event you reside in the EU, and with respect to your Personal Data, which is may be processed by SCR for the performance of contract between you and SCR or according to a consent given by you and inter alia according to your consent for this Privacy Policy and the Terms of Use.
This section prevails over any contradicting statement contained in the other sections if you reside in the EU.
Controller
SCR acts as the data controller for the processing activities listed in the table below. SCR’s representative in the EU is SCR Europe SRL, Via Mattei 2, Loc-Gariga 29027, Podenzano (PC), Italy, screurope@scrdairy.com / +39 (0) 523 18 67 200.
Lawful Bases for Processing
We will only collect and process Personal Data about you where we have lawful bases (see table below).
Where we rely on your consent to process Personal Data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and use your Personal Data, please contact us (contact information provided above).
Overview of the data Processing carried out by SCR
The table below summarises the data Processing carried out by SCR. You may refer to the sections below for further information on our Processing.
|
Purposes of the Processing |
Legal basis |
Recipients |
Data transfer outside the EEA |
Retention period |
|
Establish and manage the contractual relationship. |
Performance of contract during the time of the relationship and legitimate interest after the termination of the contractual relationship (e.g. if contractual documents are necessary for enforcement or any legal action). |
Internal recipient: essentially marketing, legal and accounting teams. External recipient: selected professionals by SCR on a case-by-case basis (e.g. our outside counsels; our insurers; courts). |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
Until the termination of the agreement and then for the limitation period applicable to the contractual agreement. |
|
Provide users with information about the state of their herd and make available the system (including providing technical support). |
Performance of contract. |
Internal recipient: essentially R&D, marketing and IT teams. External recipient: external IT providers (e.g. data hosting providers). |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the provision of the contract. |
|
Source official identification numbers for the farmers’ animals in compliance with the local legal obligations applicable to ear tags. |
Legal obligation. |
Administrative and regulatory bodies |
n/a |
Set by the applicable statute. |
|
Improve the system and customize service (e.g. generate statistics about the use of its services and to manage the capacity of its servers). |
Legitimate interests to adapt our services to our users’ needs |
Internal recipient: essentially R&D, IT and marketing teams. External recipient: external providers if necessary in order to help use achieving the purpose. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Marketing prospection, communication by (i) mail, (ii) phone or (iii) electronic for communications relating to similar products to those you have already purchased |
Legitimate interest of SCR to promote its products and to develop its activity. |
Internal recipient: marketing teams. External recipient: marketing professionals (e.g. marketing agencies). |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Marketing, prospection, communication for SCR services by SCR through electronic communications not relating to similar products to those you have already purchased |
Consent |
Internal recipient: marketing teams. External recipient: marketing professionals (e.g. marketing agencies). |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Marketing, prospection, communication for third parties services by SCR through electronic communications |
Consent |
Internal recipient: marketing teams. External recipient: marketing professionals (e.g. marketing agencies). |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Data sharing with professionals working with a user and calculation of new metrics / insights in order for the professional to better serve this user. |
Consent |
Specified professionals (e.g. veterinarians, nutritionists) approved by the users on a case-by-case basis. Microsoft Windows Azure cloud-computing platform. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as authorized by the user. |
|
Provision of metrics about a farm to other firms in the supply chain. |
Consent |
Selected firms in the supply chain. Data hosting providers. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Management of software integration (i.e. transfer of information to a third party software if requested by the users). |
Consent |
Internal recipient: essentially IT teams. External recipient: selected software by the users on a case-by-case basis. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the software integration. |
|
Sharing of information with law enforcement authorities (e.g. in the context of a criminal prosecution or an administrative or regulatory investigation). |
Legal obligation. |
Law enforcement authorities, administrative and regulatory bodies. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
Set by the applicable statute. |
|
Sharing of information to third parties, including potential successors or acquirer, in case of a projected corporate operation.
|
Legitimate interest of SCR to develop and manage its business. |
Potential successors or acquirers, including their outside counsels. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary to complete the corporate operation projected. |
|
Provision of data on individual cows to analyzers for the purpose of analyzing non-farm related aspects. |
Consent |
Analyzers (e.g. genetics, AI or feed organizations) authorised by the users on a case by case basis. Data hosting providers. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary to carry out the analysis. |
|
Cookies (analyse of the audience and use). |
Consent |
Internal recipient: IT teams and marketing teams. External recipients: third-party analytics tools. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Cookies necessary for the proper functioning of our services. |
Legitimate interest of SCR to ensure the proper functioning of its System and services. |
Internal recipients: IT teams. External recipients: external IT providers. |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary for the purpose. |
|
Anonymization of Personal Data. |
Legitimate interest to create set of non-identifiable data for enhancing our products and sharing with selected partners. |
Internal recipients: essentially IT teams. External recipients: selected partners and professionals (e.g. nutritionists). |
Such a transfer may occur. In such a case, SCR will undertake to adopt the appropriate safeguards required by the GDPR on a case-by-case basis or would rely on a derogation for specific situations if relevant. |
As long as necessary to carry out the anonymization process. |
Your rights
In certain circumstances, you have rights in relation to the Personal Data SCR holds about you. The table below sets out an outline of those rights and how to exercise them.
Please note that SCR will require you to verify your identity before responding to any requests to exercise your rights. To exercise any of your rights, please email dataprivacy@scrdairy.com. Please note that for each of the rights below, SCR may have valid legal reasons to refuse your request, in such instances SCR will let you know if that is the case.
|
Right |
Content |
|
Access |
You have the right to know whether SCR processes Personal Data about you, and if SCR does, to access Personal Data SCR holds about you and certain information about how SCR uses it and who SCR shares it with. You can request a copy of these Personal Data. |
|
Portability |
You have the right to receive a subset of the Personal Data you provide SCR in a structured, commonly used and machine-readable format and a right to request that SCR transfers such Personal Data to another party if SCR processes it on the bases of (i) SCR’s contract with you or (ii) with your consent and when the processing is carried out by automated means. |
|
Correction |
If you believe that the Personal Data SCR holds about you are inaccurate or incomplete, you have the right to request its correction or modification. |
|
Erasure |
You may request that SCR erases the Personal Data SCR holds about you in the following circumstances: (i) where you believe it is no longer necessary for SCR to hold the Personal Data, (ii) SCR is Processing it on the basis of your consent and you wish to withdraw your consent, (iii) SCR is Processing your Personal Data on the basis of SCR’s legitimate interest and you object to such Processing, (iv) you no longer wish SCR to use your Personal Data to send you marketing or (v) you believe SCR is unlawfully Processing your Personal Data. |
|
Restriction of Processing |
You have a right to require SCR to restrict of Processing the Personal Data SCR holds about you in the following circumstances: (i) if you dispute the accuracy of your Personal Data, (ii) if the Processing is unlawful and you object to its deletion, (iii) if you believe that SCR no longer needs your Personal Data but that it is still necessary for you to establish, exercise or defend your legal rights or, (iv) if you have objected to SCR Processing Personal Data SCR holds about you. |
|
Objection |
You have the right to object to the Processing of the Personal Data SCR holds about you and SCR will consider your request. Please provide SCR with detail as to your reasoning so that SCR can assess whether there is a compelling overriding interest in SCR continuing to process such Personal Data or SCR needs to process it in relation to legal claims. |
Complaints
In the event that you wish to learn more about our data privacy practices or to make a complaint about how SCR processes your Personal Data, please contact SCR in the first instance (see “Contact Information” above).
SCR will endeavour to deal with your request as soon as possible.
This is without prejudice to your right to launch a claim with the data protection supervisory authority in the European Union country in which you live or work where you think SCR has infringed data protection laws.
Australia Section
This Australia section in this Privacy Policy, is being made to users resides in Australia and contain additional provisions, SCR strive to create consistent standards for everyone, but we also wish to ensure that we respect local laws. The following additional provisions apply to users in Australia.
Sharing and Transfer of Your Information
Please be aware that Data which SCR collects and receives may be disclosed to third parties (including to the “recipients” referred to above in the “European Union (EU) Section”) outside of Australia, which locations typically include [insert] and others from time to time.
Accessing and correcting your Personal Data
You may contact SCR to request access to the Personal Data that we hold about you and/or to make corrections to that Data, at any time. On the rare occasions when we refuse access, we will provide you with a written notice stating our reasons for refusing access.
We are not obliged to correct any of your Personal Data if we do not agree that it requires correction and may refuse to do so. If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing.
We will respond to all requests for access to or correction of Personal Data within a reasonable time.
Resolving personal information concerns
If you have any questions, concerns or complaints about this Privacy Policy, or how we handle your personal information or to opt out of marketing, please contact us through the Contact Information in this Privacy Policy below.
We take all complaints seriously, and will respond to your complaint within a reasonable period.
If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Telephone: 1300 363 992
Email: enquiries@oaic.gov.au