DeepLeaf Privacy Policy
| Last modified | Version No. |
|---|---|
| 09/03/2025 | 2025/3_v.1.0 |
At DeepLeaf, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our websites, our apps, and our image recognition and plant disease detection API services. By accessing or using our services, you agree to the collection and use of information in accordance with this policy. DeepLeaf, Co., with offices at 78 Lotissement El Widad, Sidi Bennour, Morocco, North Africa, acts as the data controller for the personal information collected through our services. We may refer to “DeepLeaf” as “DeepLeaf, Co.”, “we”, “our”, or “us” in this Privacy Policy.
Section 1: Information We Collect
a. Image Data
We collect and process plant images submitted through our API by you or your end users. These images are used for disease detection and plant health analysis. Images may include metadata such as timestamps and geolocation data (limited to the second decimal place to preserve anonymity).
b. API Client Information
When you register for our API services, we collect business information such as your name, email address, company name, billing information, and contact details. We also collect technical information related to your API usage, including API calls, usage patterns, and performance metrics.
c. Technical Information
We automatically collect certain technical information when you use our API, including IP addresses, device information, browser type (for web interfaces), operating system, and other usage data. This information helps us monitor and improve our services and troubleshoot technical issues.
Section 2: How We Use Your Information
a. Primary Service Provision – We use the collected image data to provide our core service: identifying plant diseases and health issues through our AI-powered analysis. This processing is necessary for fulfilling our contractual obligations to you.
b. Improving Our Technology
We use anonymized and aggregated image data to train, test, and improve our machine learning models. This helps us enhance the accuracy of our disease detection algorithms and develop new features. This processing is based on our legitimate interest in improving our services.
c. Business Operations
We use client information for essential business operations, including billing, account management, customer support, and communicating about service updates. This processing is necessary for our contractual relationship and legitimate business interests.
d. Research and Analytics
We analyze usage patterns and service performance to optimize our platform. We may also use anonymized data to conduct agricultural research and develop industry insights. This processing is based on our legitimate interest in advancing agricultural technology.
e. Legal Compliance
We may use your information to comply with applicable legal obligations, enforce our terms, protect our rights, and ensure the safety of our users and the public. This processing is based on our legal obligations and legitimate interests.
Section 3: Data Storage and Security
a. Data Storage
We store your information on secure servers located in the European Union and the United States. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. Image data is stored for processing and model training purposes, while client account information is retained for the duration of our business relationship and as required for legal compliance.
b. Security Measures
We employ industry-standard security measures to protect your information, including encryption, access controls, regular security assessments, and employee training on data protection. We use HTTPS for all data transmission and secure our API with authentication tokens. While we implement strong security practices, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.
c. Data Retention
We retain your information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Image data used for model training may be retained indefinitely in an anonymized form. Client account information is retained while your account is active and for a reasonable period afterward for legal and business purposes. You can request deletion of your data, subject to our legal obligations and legitimate business needs.
Section 4: Sharing Your Information
a. Service Providers
We may share your information with trusted third-party service providers who help us deliver our services, including:
- Cloud infrastructure providers who host our platform
- Payment processors who handle billing transactions
- Customer support tools and services
- Analytics providers who help us improve our services
These service providers are contractually obligated to use your information only for the purposes of providing services to us and to maintain appropriate security measures.
b. Anonymized and Aggregated Data
We may share anonymized, aggregated data derived from our services with partners, researchers, and the public. This information cannot reasonably be used to identify you or your end users and may include statistics on plant disease prevalence, geographical trends, and other agricultural insights.
c. Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests from public authorities (e.g., court orders, subpoenas, or government requests). We may also share information when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
d. Business Transfers
If DeepLeaf is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your information.
Section 5: Your Data Rights
Depending on your location, you may have certain rights regarding your personal information. These may include:
a. Access and Information
You have the right to request information about the personal data we hold about you and how we process it.
b. Correction
You have the right to request correction of any inaccurate or incomplete personal information we hold about you.
c. Deletion
You have the right to request deletion of your personal information in certain circumstances, subject to our legal obligations and legitimate business needs.
d. Restriction and Objection
You have the right to request restriction of processing of your personal information and to object to certain processing activities.
e. Data Portability
In certain circumstances, you have the right to receive your personal information in a structured, commonly used, and machine-readable format.
To exercise these rights, please contact us using the information provided in the “Contact Us” section. We will respond to your request within the timeframe required by applicable law. Note that certain exemptions may apply, and we may request specific information to verify your identity before processing your request.
Section 6: API Client Responsibilities
a. End User Privacy
If you use our API in your applications or services, you are responsible for providing appropriate privacy notices to your end users and obtaining any necessary consents for the collection and processing of their information. You must inform your end users that their image data will be shared with DeepLeaf for plant disease detection and analysis purposes.
b. Data Minimization
You should only send us the information necessary for providing our services. Please ensure that any images and metadata you submit do not contain unnecessary personal information. We recommend limiting geolocation data to the second decimal place to prevent identification of specific individuals.
c. Compliance with Laws
You must comply with all applicable data protection and privacy laws when collecting, using, and sharing information through our API. This includes obtaining any required consents from your end users and implementing appropriate security measures to protect their information.
Section 7: Children’s Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers. If you believe we might have any information from or about a child under 16, please contact us using the information provided in the “Contact Us” section.
Section 8: International Data Transfers
We operate globally and may transfer your information to countries other than your country of residence, including the United States and countries in the European Union. These countries may have data protection laws that differ from those in your country. When we transfer personal information across borders, we take appropriate safeguards to ensure that your information is protected in accordance with this Privacy Policy and applicable data protection laws.
For transfers from the European Economic Area (EEA) to countries not deemed to provide an adequate level of data protection, we implement measures such as standard contractual clauses approved by the European Commission or other appropriate safeguards to protect your personal information. You may contact us as described in the “Contact Us” section to obtain a copy of the safeguards we use to transfer personal information outside of the EEA.
Section 9: Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the “Last modified” date at the top of this page. We may also provide notification via email if there are significant changes that affect how we use your information.
We encourage you to periodically review this Privacy Policy to stay informed about our information practices. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated terms.
Section 10: Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
DeepLeaf, Co.
78 Lotissement El Widad
Sidi Bennour, Morocco
Email: hello@deepleaf.io
Phone: +212-7-08-76-5350