Natufia processes personal data in accordance with applicable law, including consistent with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
Personal information we collect
When you visit the Site, we collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this information as “Device Information”.
Please note that we automatically collect only information that is necessary for the Site to function. We may collect additional information if you give you consent for such processing on our cookie-banner.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
When you make a purchase or attempt to make a purchase through the Site, we collect certain information from you. We collect your name, billing address, shipping address, payment information, email address, and phone number. After your purchase, we will also process your purchase history. Furthermore, when you send us inquiries via email or social media, we process the data related to them. We also process your data if you subscribe to our mailing list. We refer to this information as “Order Information”.
After you have purchased a Unit form the Site or from a trusted third party vendor, you have to register the Unit following the steps directly on the unit touchscreen display. During the registration process we will collect data such as your name, e-mail address, location (city, country, zip code, time zone) and registration key (sent with the unit).
We collect data from the Unit itself about the growth environment inside the Unit. This data is stored in a pseudonymised form – the data is generally only attached to the Unit’s number, not to a user’s name. We collect data such as pH of water, temperature of water, EC level of water, humidity level in the main chamber, temperature in the main chamber, outside temperature, status of the glass door (open or closed), watering status (watering or not), water level in the tank, in the nutrient and pH tanks.
We refer to this information as “Unit Information”.
How do we use your personal information?
Mostly, the processing is necessary for the performance of the contract to which you are a party or in order to take steps at your request prior to entering into a contract. We use the Order Information that we collect to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). We use the Unit Information to fulfil the contract, e.g provide support services for the Unit and ensure that the Unit is operating properly.
Furthermore, the processing might be necessary for compliance with legal obligations to which Natufia is subject. For example, we are required to organise the accounting and financial reporting.
We will also process your personal data if the processing is necessary for the purposes of the legitimate interests pursued by Natufia. In every such case we will consider whether such interests might be overridden by the interests or fundamental rights and freedoms of the data subject. For example, Natufia has the legitimate interest to process your data to help with fraud identification and prevention. We may use the Unit Information (generally in a non-personalized form) to improve our growing algorithms.
We may process your personal data if you have given consent to the processing of your personal data for one or more specific purposes. For example, Natufia can send you direct marketing offers if you have expressly given such consent (see below section “Email”) or provide you with personalised advertisements (see below section “Behavioural Advertising”). You have the right to withdraw your consent at any time. However, we remind you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. We also relay on your consent if you send us any inquiries via email or social media. We use the information to answer to your inquiry.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Based on our business interested, we send informational emails reminding customers about their recent abandoned cart to all customers who have submitted their email address as part of the Order Information. Email addresses submitted as part of the Order Information will only be added to our marketing mailing lists if you have given us explicit consent by checking the clearly marked (unchecked by default) option on the Checkout Contact Information page. You can withdraw consent to be included in our marketing mailing list at any time by either unsubscribing using the link provided promotional emails we send you or by contacting us using the methods described in the CONTACT US section below.
Sharing your personal information
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
As described above, we may use your Personal Information for other purposes if you have given consent to the processing of your personal data. If you give us the consent to use your data for direct marketing, we can provide you with targeted advertisements or marketing communications we believe may be of interest to you. We use Device Information for to provide you with better and more relevant information. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You have the right to withdraw your consent at any time. However, we remind you that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
- Pinterest: https://help.pinterest.com/en/articles/personalization-and-data
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Do not track
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track (DNT) signal from your browser. Please note that we cannot support DNT due to a lack of requirements for its use.
You always have the opportunity to opt out of receiving promotional communications any time by following the instructions in those communications. If you opt out, we may still send you non-promotional communications, such as technical notices, support or administrative notifications or information about your account.
You have the right to receive information about the personal data processed by Natufia, including the categories of data processed, the sources of the data, purposes of processing etc. You are also entitled to receive copies and extracts of personal data processed. You have the right to request the correction or updating of data if it turns out that the personal data being processed is inaccurate.
You have the right on to object to processing, on grounds relating to your particular situation, at any time to processing of personal data concerning you if such processing is only necessary for the purposes of the legitimate interests pursued by Natufia.
You have the right to obtain from Natufia restriction of processing or the erasure of your personal data we will erase your data or implement other measures that result in the data becoming permanently anonymous if:
your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw the consent on which the processing is based and there is no other legal ground for the processing; you object to the processing and there are no overriding legitimate grounds for the processing; your personal data have been unlawfully processed; your personal data have to be erased for compliance with a legal obligation to which Natufia is subject.
Natufia will fulfill your request within a reasonable time, but no later than one month after receiving the request.
In case of any suspected infringement of your privacy, please contact us. We’ll try to resolve the dispute by negotiation. However, you also have the right to lodge a complaint to the supervisory authority. In Estonia the supervisory authority is Estonian Data Protection Inspectorate located at Väike-Ameerika St. 19, 10129 Tallinn and online www.aki.ee.
Data transfers and retention
We process your personal data in the European Union as well as in countries outside the European Union (including Canada and the United States). We place great importance on the security of all personally identifiable information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. If the data is transferred to a third country, we implement appropriate safeguards and means, such as the EU-U.S. Privacy Shield Framework. You can learn more about the EU-U.S. Privacy Shield Framework here: https://www.privacyshield.gov/welcome. If we transfer your data to Canada, we rely on the adequacy decision by the Commission that Canada provides equal protection to your data. We will carefully assess all the circumstances and make sure appropriate safeguards are put in place so that your rights are not in any way undermined. We make sure that conditions to enforce your rights and effective legal remedies are available.
Natufia has both the right and the obligation to retain the personal data collected for a period of time. We do not retain personal information longer than necessary to achieve the purposes of processing and comply with the obligations of Natufia. As a general rule we will keep your personal information for ten years from the time of purchase. However, we may retain the personal data for a longer period of time if you have given consent for longer storage and processing of the data.
The information contained in the accounting records will be retained for seven years in accordance with the law.
If Natufia sends personal information to another controller, the data retention periods will be determined by the recipient of the data.
The Site is not intended for individuals under the age of 13.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org or by mail using the details provided below:
Natufia Saudi Arabia LLC
[Re: Privacy Compliance Officer]
KAUST – Innovation Cluster, 25 Unity Blvd, Thuwal 23955, K.S.A.