DeepLeaf Privacy Policy

a. Image Data

We collect and process plant images submitted through our API by
you or your end users. These images are used for disease
detection and plant health analysis. Images may include metadata
such as timestamps and geolocation data (limited to the second
decimal place to preserve anonymity).

b. API Client Information

When you register for our API services, we collect business
information such as your name, email address, company name,
billing information, and contact details. We also collect
technical information related to your API usage, including API
calls, usage patterns, and performance metrics.

c. Technical Information

We automatically collect certain technical information when you
use our API, including IP addresses, device information, browser
type (for web interfaces), operating system, and other usage
data. This information helps us monitor and improve our services
and troubleshoot technical issues.

b. Improving Our Technology

We use anonymized and aggregated image data to train, test, and
improve our machine learning models. This helps us enhance the
accuracy of our disease detection algorithms and develop new
features. This processing is based on our legitimate interest in
improving our services.

c. Business Operations

We use client information for essential business operations,
including billing, account management, customer support, and
communicating about service updates. This processing is
necessary for our contractual relationship and legitimate
business interests.

d. Research and Analytics

We analyze usage patterns and service performance to optimize
our platform. We may also use anonymized data to conduct
agricultural research and develop industry insights. This
processing is based on our legitimate interest in advancing
agricultural technology.

e. Legal Compliance

We may use your information to comply with applicable legal
obligations, enforce our terms, protect our rights, and ensure
the safety of our users and the public. This processing is based
on our legal obligations and legitimate interests.

a. Data Storage

We store your information on secure servers located in the
European Union and the United States. We implement appropriate
technical and organizational measures to protect your data
against unauthorized access, alteration, disclosure, or
destruction. Image data is stored for processing and model
training purposes, while client account information is retained
for the duration of our business relationship and as required
for legal compliance.

b. Security Measures

We employ industry-standard security measures to protect your
information, including encryption, access controls, regular
security assessments, and employee training on data protection.
We use HTTPS for all data transmission and secure our API with
authentication tokens. While we implement strong security
practices, no method of electronic storage or transmission is
100% secure, and we cannot guarantee absolute security.

c. Data Retention

We retain your information for as long as necessary to provide
our services, comply with legal obligations, resolve disputes,
and enforce our agreements. Image data used for model training
may be retained indefinitely in an anonymized form. Client
account information is retained while your account is active and
for a reasonable period afterward for legal and business
purposes. You can request deletion of your data, subject to our
legal obligations and legitimate business needs.

a. Service Providers

We may share your information with trusted third-party service
providers who help us deliver our services, including:

1. Cloud infrastructure providers who host our platform
2. Payment processors who handle billing transactions
3. Customer support tools and services
4. Analytics providers who help us improve our services

These service providers are contractually obligated to use your
information only for the purposes of providing services to us
and to maintain appropriate security measures.

b. Anonymized and Aggregated Data

We may share anonymized, aggregated data derived from our
services with partners, researchers, and the public. This
information cannot reasonably be used to identify you or your
end users and may include statistics on plant disease
prevalence, geographical trends, and other agricultural
insights.

c. Legal Requirements

We may disclose your information if required to do so by law or
in response to valid requests from public authorities (e.g.,
court orders, subpoenas, or government requests). We may also
share information when we believe disclosure is necessary to
protect our rights, your safety, or the safety of others.

d. Business Transfers

If DeepLeaf is involved in a merger, acquisition, or sale of all
or a portion of its assets, your information may be transferred
as part of that transaction. We will notify you via email and/or
a prominent notice on our website of any change in ownership or
uses of your information.

a. Access and Information

You have the right to request information about the personal
data we hold about you and how we process it.

b. Correction

You have the right to request correction of any inaccurate or
incomplete personal information we hold about you.

c. Deletion

You have the right to request deletion of your personal
information in certain circumstances, subject to our legal
obligations and legitimate business needs.

d. Restriction and Objection

You have the right to request restriction of processing of your
personal information and to object to certain processing
activities.

e. Data Portability

In certain circumstances, you have the right to receive your
personal information in a structured, commonly used, and
machine-readable format.

a. End User Privacy

If you use our API in your applications or services, you are
responsible for providing appropriate privacy notices to your
end users and obtaining any necessary consents for the
collection and processing of their information. You must inform
your end users that their image data will be shared with
DeepLeaf for plant disease detection and analysis purposes.

b. Data Minimization

You should only send us the information necessary for providing
our services. Please ensure that any images and metadata you
submit do not contain unnecessary personal information. We
recommend limiting geolocation data to the second decimal place
to prevent identification of specific individuals.

c. Compliance with Laws

You must comply with all applicable data protection and privacy
laws when collecting, using, and sharing information through our
API. This includes obtaining any required consents from your end
users and implementing appropriate security measures to protect
their information.