Data Protection Policy

1. Introduction

AgriConnect is committed to protecting your personal data and respecting your privacy rights. This Data Protection Policy explains how we collect, process, store, and protect your personal information in accordance with applicable data protection laws.

We are dedicated to maintaining the trust and confidence of our users by ensuring that your personal data is handled with the highest level of security and transparency.

2. Data Controller Information

AgriConnect acts as the data controller for personal data collected through our platform. Our contact details are:

3. Your Data Protection Rights

Under applicable data protection laws, you have the following rights regarding your personal data:

3.1 Right of Access

You have the right to request copies of your personal data. We may charge a small fee for this service.

3.2 Right of Rectification

You have the right to request that we correct any information you believe is inaccurate or incomplete.

3.3 Right of Erasure

You have the right to request that we erase your personal data under certain conditions.

3.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data under certain conditions.

3.5 Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

3.6 Right to Object

You have the right to object to our processing of your personal data under certain conditions.

4. How to Exercise Your Rights

To exercise any of your data protection rights, please contact us using the information provided in Section 2. We will respond to your request within one month of receiving it.

To help us process your request efficiently, please:

• Clearly identify the right you wish to exercise
• Provide sufficient information to verify your identity
• Specify the personal data concerned (if applicable)
• Explain your reasons for the request (if required)

5. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data against:

• Unauthorized access, disclosure, or destruction
• Accidental loss or damage
• Unlawful processing
• Malicious attacks and security breaches

5.1 Technical Measures

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Secure backup and recovery procedures
• Access controls and authentication systems

5.2 Organizational Measures

• Staff training on data protection practices
• Regular review and update of security policies
• Incident response and breach notification procedures
• Third-party vendor security assessments

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Providing our services to you
• Complying with legal obligations
• Resolving disputes and enforcing agreements
• Legitimate business purposes

When personal data is no longer needed, we will securely delete or anonymize it in accordance with our data retention policy.

7. International Data Transfers

Some of our service providers may be located outside of Liberia. When we transfer your personal data internationally, we ensure appropriate safeguards are in place, including:

• Adequacy decisions by relevant authorities
• Standard contractual clauses
• Binding corporate rules
• Certification schemes and codes of conduct

8. Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours
• Inform affected individuals without undue delay
• Provide clear information about the nature of the breach
• Explain the likely consequences and measures taken

We maintain an incident response plan to ensure prompt and effective handling of any security incidents.

9. Children's Data Protection

We take special care to protect the personal data of children under 16 years of age. For children under 16:

• We require verifiable parental consent before collecting their data
• We limit data collection to what is necessary for the service
• We provide additional security measures for children's data
• Parents can review, modify, or delete their child's information

10. Automated Decision-Making

We may use automated decision-making processes, including profiling, to:

• Provide personalized recommendations
• Detect and prevent fraud
• Improve our services
• Analyze user behavior patterns

You have the right not to be subject to automated decision-making that produces legal effects or significantly affects you. You can request human intervention or challenge automated decisions.

11. Complaints and Supervisory Authority

If you believe we have not handled your personal data in accordance with this policy or applicable data protection laws, you have the right to:

• Contact us directly to resolve the issue
• Lodge a complaint with the relevant supervisory authority
• Seek judicial remedy if necessary

We encourage you to contact us first so we can address your concerns promptly and effectively.

12. Updates to This Policy

We may update this Data Protection Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes through our platform or by email, and the updated policy will indicate the date of the latest revision.

13. Contact Information

For any questions, concerns, or requests related to data protection, please contact us: