Page 1 of 12
Privacy Notice: Version Date: October 1, 2024
1. Introduction
Please take a few minutes to review this Privacy Notice carefully. We reserve the right to make changes
to this Privacy Notice when we release updated versions of the Products or new Products. If we do so,
we will ask you to acknowledge that you have read and understood the updated Privacy Notice before
your first use of the updated version of the Products or new Products.
In this Privacy Notice we use certain defined terms, which we have capitalized. These terms have the
meaning given to them in our Terms & Conditions, which form part of the Agreement between us and
you. You should also review any Commercial Offer Terms that form part of our Agreement.
Data Controller. The data controller is Syngenta Canada, Inc., Research Lane 140, Research Park,
Guelph, Ontario, N1G 4Z3 Canada, referred to as “Syngenta”, “we”, “us”, “our”.
Contact details. You can contact our Data Privacy Lead via email at data.privacy@syngenta.com or
via post at the registered office address for Syngenta given above.
Scope. This Privacy Notice covers personal data that is processed in conjunction with your use of the
Products. Personal data is data that relates to you, where you are an identified or identifiable individual.
The Products are provided to business customers only, subject to our Agreement. Consequently, your
personal data will be processed by us where you are authorized to use a Product on behalf of a Business
(see our Terms & Conditions for more information).
2. Personal data processing:
Syngenta is the ‘data controller’ where we collect and use your personal data for our own purposes, as
set out in the table below. However, the Business is the data controller (and Syngenta is the data
processor) in respect of other data processing activities see the section below the table on Syngenta’s
activities as data processor.
Syngenta’s activities as data controller
Type of personal data
Purposes
Lawful grounds
Your name, email address,
business name, a description
of who you are, business
address, telephone number,
password for your Account.
If you are the Account Holder, we
use this personal data to register
and set up your Account and
provide the Products.
If you are a User, we use this
personal data to set up your access
to an Account (as authorized by the
Account Holder or Master User)
and to provide the Products.
Where you contract with us as an
individual, e.g. as a sole trader the
lawful ground is performance of the
contract.
Where your company or other legal
entity contracts with us the lawful
ground is our legitimate interests in
creating accounts to ensure a user is
authorized, and to distinguish
between users / devices.
Your name, email address,
payment card information,
Our payment services provider
uses this personal data to process
payments securely on our behalf
Where you contract with us as an
individual, e.g. as a sole trader the
lawful ground is taking payment
Page 2 of 12
amount paid, date of
purchase, IP address, country
and to detect and prevent fraud and
unauthorized payment transactions.
under the contract (for example,
under a Commercial Offer).
Where your company or other legal
entity contracts with us the lawful
ground is our legitimate interests in
taking payment under the contract
(for example, under a Commercial
Offer).
Your name, email address,
business name, a description
of who you are, business
address, telephone number.
We use this personal data to
communicate with you via email,
text or in app notifications about
updates to the Product or other
important functional service
messages.
Our legitimate interests in informing
you about matters which are relevant
to your use of the Products.
Your name, email address,
business name, a description
of who you are, business
address, telephone number,
password for the Account.
We use this personal data to
provide technical and customer
support.
Where you contract with us as an
individual, e.g. as a sole trader the
lawful ground is performance of the
contract (specifically resolving your
questions and issues).
Where your company or other legal
entity contracts with us the lawful
ground is our legitimate interests in
resolving questions and issues for
our users.
Your name, email address,
business name, a description
of who you are, business
address, telephone number.
We use this personal data to send
you user satisfactions surveys and
to ask for your feedback about the
Products.
Our legitimate interests in improving
the Products for you and for future
users.
If you use a mobile app
Product, the date and time the
app on your device accesses
our servers and what
information and files have
been downloaded to the app.
We use this information for
maintenance of the app, for
statistical purposes about the
usage of these apps in order to
improve their functionality, to
understand how they are used and
resolve questions regarding their
use and for security purposes.
The developer of your mobile
operating system (e.g. Apple;
Google) may also collect app usage
data. You should refer to their
privacy notices and policies for
more information.
Our legitimate interests in: (i)
understanding how our apps are
used in order to make improvements
to them; and (ii) identifying and
combatting security threats to our
apps and our users.
If you use an online service in
connection with a Product, the
following will be collected:
computer type (Windows or
Macintosh), operating system
name and version, language,
internet browser type and
version and the name and
version of the online services
We use this information to provide
the Products to our users, to ensure
they work properly, to calculate
usage level, to help diagnose
server problems, for statistical
purposes about usage of online
services and for security purposes.
Our legitimate interests in: (i)
understanding how our online
services are used in order to make
improvements to them; and (ii)
identifying and combatting security
threats to our online services and our
users.
Page 3 of 12
you are using, IP address, the
page(s) visited, time visited.
Contact information, as well as
information about how you use
the Products.
Customer profiling and marketing -
we will process this data (and other
information that you have provided
to us through using other Syngenta
products or services) to understand
how you have used the Products,
and what your agricultural needs
are. We may then contact you (as a
representative of your Business)
with relevant information about
other Syngenta products and
services we think may be of interest
to your Business. Where required
by applicable law, we will obtain
your consent for marketing
purposes.
In any case, you can stop direct
marketing at any time by contacting
us as set out below, or by using the
unsubscribe link in our emails.
Our legitimate interests in marketing
our products and services.
Consent, where this is required under
applicable law for the purposes of
direct marketing.
Name, email and device
specific identifiers, (computer
type (Windows or Macintosh),
operating system name and
version, language, internet
browser type and version and
the name and version of the
online services you are using,
IP address, the page(s)
visited, time visited
We use "cookies" and other similar
technologies to collect information
and support certain features of our
Products.
We use this information to provide
the Products (including mobile
apps) to our users, for
maintenance, to ensure the
Products work properly, to calculate
usage level, for statistical purposes
about the usage of our Products
and online services in order to
improve their functionality, to help
diagnose server problems, to
understand how our Products are
used, to resolve questions
regarding their use and for security
purposes.
The legal basis for processing
activities related to essential cookies
is our legitimate interest in providing
our Products to our users.
The legal basis for processing
activities related to non-essential
cookies is your consent.
Syngenta as data processor. Please note that when you use a Product as an authorized User on
behalf of a Business, in respect of any personal data that you submit when using the Products (including
as part of Your Inputs), the relevant data controller is the Business. We are the data processor when we
use the personal data you submit to deliver the service and Outputs.
For example, a Product may allow you to enter information about your location, in-field observations or
to upload imagery. Further, a Product may have GPS functionality which can track the location of the
device when the Product is in use or track the location of farm machinery. We use all of this information
as a data processor in order to deliver the service offered by the Product and to produce the Outputs for
the Business (our “customer”). Please refer to the privacy notice(s) of the Business (the data
controller) for more information about this processing, including to exercise your rights.
Page 4 of 12
Syngenta will make notifications of data breaches in accordance with applicable law.
3. How does Syngenta share personal data?
Service providers and partners: We share personal data with companies and organizations that we
work with for the purposes set out above.
These third parties are required by contract to use the personal data we share with them only for the
purposes that we have specified and to take commercially reasonable measures to protect the
confidentiality and security of your personal data.
Transfers outside your country and outside the European Economic Area. We will transfer your
personal data to recipients in countries outside your country and outside the European Economic Area
(“EEA”). We ensure that personal data will be adequately protected, including by ensuring that the
recipient country is deemed to provide an adequate level of protection under applicable data protection
laws and, if that is not the case, ensuring that we put appropriate safeguards in place such as standard
data protection transfer clauses.
For more information on the European Commission’s standard contractual clauses see:
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-
protection/standard-contractual-clauses-scc_en
Intra-group transfers within Syngenta: Our parent company, Syngenta AG, is a Swiss corporation
based in Basel, Switzerland (“Syngenta Parent”). Syngenta Parent has concluded Intragroup Data
Transfer Agreements (IDTAs) with many of its subsidiaries (Syngenta DP Network), including us, to
enable the effective transfer and processing of personal data. We use web servers, store and otherwise
process personal data within the Syngenta DP Network in countries within the EEA and also in countries
outside the EEA, including the UK, Switzerland and the United States.
Transfers to Third parties: We transfer or otherwise make personal data available to service providers,
who process your personal data under our instructions to help us to deliver the services offered by our
Products, and to carry out the purposes listed in section 2 above. These service providers include, :
Amazon Web Services, Inc (AWS), 410 Terry Avenue North, Seattle, WA 98109-5210, USA
provides hosting services in the USA that support the underlying infrastructure for our platform and
products. The appropriate safeguard in place is the adequacy decision adopted by the European
Commission (“the EU-U.S. Data Privacy Framework”) for transfers outside the EEA. Amazon Web
Services complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to
the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department
of Commerce (as applicable). For more information, please see the following links:
https://aws.amazon.com/compliance/gdpr-center/ .
Amplitude Inc., 631 Howard St., Floor 5, San Francisco, CA 94105, USA provides usage analysis
services by processing device data (device model, OS version, country and region) in the USA. The
appropriate safeguard in place is the adequacy decision adopted by the European Commission (“the
EU-U.S. Data Privacy Framework”) for transfers outside the EEA. Amplitude complies with the EU-
U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the
Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce (as
applicable). For more information, please see this link: https://amplitude.com/blog/data-minimization.
Braintree, a PayPal Service, PayPal (Europe) S.à r.l. et Cie, S.C.A.22-24 Boulevard Royal, L-2449
Luxembourg. PayPal provides us with payment services and is an independent controller alongside
us. The appropriate safeguards in place are the EU standard contractual clauses (“EU Standard
Contractual Clauses”) or standard data protection clauses specified in regulations made by the
Secretary of State under section 17C(b) of the 2018 Data Protection Act and for the time being, in
force in the United Kingdom (the "UK Standard Contractual Clauses) where the third country is not
subject to an adequacy decision by the European Commission. For more information, please see the
PayPal Data Protection Addendum For Card Processing Products:
https://www.braintreepayments.com/be/legal/data-protection-addendum.
Datadog Inc., 620 8
th
Ave., 45
th
Fl., New York, NY 10018 USA, a Delaware corporation. We subscribe
to Datadog’s services (under their standard Master Subscription Agreement) for business and
Page 5 of 12
technical event tracking of our cloud-based applications to help us understand usage and improve
our users’ experience with our Products. For these purposes, we may send Datadog the following
account information such as name, pseudonymized user ID and IP address which they may process
in the USA. Processing of personal data will be in accordance with Datadog’s standard Data
Processing Addendum. The appropriate safeguard in place is the adequacy decision adopted by the
European Commission (“the EU-U.S. Data Privacy Framework”) for transfers outside the EEA and
the UK. Datadog complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK
Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S.
Department of Commerce (as applicable). For more information, please see:
Datadog’s Master Subscription Agreement - https://www.datadoghq.com/legal/msa/
Datadog’s Data Processing Addendum - https://www.datadoghq.com/legal/data-processing-
addendum/
Google Cloud provided by https://cloud.google.com/terms/google-entity provides hosting services
that support the underlying infrastructure for our platform and products. The appropriate safeguards
in place for transfers of personal data to any other country than those within the EU/EEA or subject
to an adequacy decision by the European Commission are the EU Standard Contractual Clauses as
specified in the Cloud Data Processing Addendum. For more information please see this link
https://cloud.google.com/terms/data-processing-addendum .
OneSignal a U.S. company located at 2850 S Delaware St Suite 201, San Mateo, CA 94403.
OneSignal provides business and technical event tracking of applications to understand usage and
improve our users’ experience with our Products. The appropriate safeguard in place is the adequacy
decision adopted by the European Commission (“the EU-U.S. Data Privacy Framework”) for transfers
outside the EEA or UK. OneSignal complies with the EU-U.S. Data Privacy Framework (“EU-U.S.
DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set
forth by the U.S. Department of Commerce (as applicable). For more information, please see this
link: https://onesignal.com/privacy_policy
Pendo.io Inc. 301 Hillsborough St, Suite 1900, Raleigh, NC 276031, USA processes device data in
order to provide us with usage statistics for the platform which hosts our Products. The appropriate
safeguards in place include the standard contractual clauses approved by the European Commission
for transfers outside the EEA or the UK and/or other adequate safeguards. For more information,
please see these links: https://www.pendo.io/legal/privacy-policy/
and https://www.pendo.io/legal/data-processing-addendum/
ProPad by CreateShift Ltd (a UK registered company (8092272) with the registered office 11
Kingsley Court, 142 Kings Road, Brighton, BN1 2LP) is used by us to review and understand
customer feedback and plan Product improvements. Personal data is processed in the EEA. For
more information, please see these links: Privacy Policy and Customer Data (prodpad.com) and
https://www.prodpad.com/terms-of-service/#data-processing-schedule within the Terms of Service |
ProdPad .
Sentry, Functional Software Inc., 132 Hawthorne St. San Francisco, CA 94107, USA provides usage
analysis services by processing device data (device model, OS version, country and region) in the
USA. The appropriate safeguard in place is the adequacy decision adopted by the European
Commission (“the EU-U.S. Data Privacy Framework”) for transfers outside the EEA or UK. Sentry
complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-
U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of
Commerce (as applicable). For more information please see this link:
https://sentry.io/legal/dpa/5.0.0/
Smartlook.com, s.r.o. ID No.: 095 08 830, registered office at: Šumavská 524/31, Veveří, 602 00
Brno, Czech Republic . Smartlook provides qualitative website and mobile app analytics and the
Service with various modules which include, but are not limited to visitor recordings (user replay),
automatic event tracking, conversion funnels, and heatmaps for websites. Data is stored in EU. For
more information, please see this link: Terms of Service | Smartlook Help Center .
Google Ireland Limited, incorporated and operating under the laws of Ireland (Registered Number:
368047), Gordon House, Barrow Street - Dublin 4, Ireland. We use Firebase to track, prioritize, and
fix stability issues that impact app quality, collecting device and application data, to improve the
service provided to the user. For more information, please see this link: Crashlytics and App
Distribution Data Processing and Security Terms (google.com) .
Yara, Yara International ASA, Drammensveien 131, 0277 Oslo, Norway. We use Yara to integrate
the crop nutrition expertise offered by them into our service to provide field-specific advice throughout
Page 6 of 12
the crop cycle. The appropriate safeguards in place are the EU Standard Contractual Clauses where
a transfer takes place to a country outside the EEA that is not subject to an adequacy decision by
the European Commission. For more information, please see the following links: Privacy Policy Yara
Digital Farming privacy policy | Yara International and Yara Data Processor Agreement.
Zendesk Inc, a Delaware corporation. Zendesk provides us with software which is designed to
improve customer relationships through management and resolution of user queries and issues
(customer service ticketing). The appropriate safeguard in place is the adequacy decision adopted
by the European Commission (“the EU-U.S. Data Privacy Framework”) for transfers outside the EEA
or UK. Zendesk complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK
Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S.
Department of Commerce (as applicable). For more information, please see this link:
https://www.zendesk.co.uk/company/agreements-and-terms/privacy-notice/#georedirect
Business transfers. Your personal data may be transferred to a company that acquires, or considers
acquiring, the stock or assets of, or invests in, Syngenta, the Syngenta Parent, one of its affiliates, or
one of our businesses (or that company’s advisors, lenders or auditors), for example, as the result of a
sale, merger, reorganization or liquidation. The legal basis for this data processing is that we have a
legitimate interest in being able to sell or acquire investment in our business. If such a transfer occurs,
the acquiring company's use of your personal data would still be subject to this Privacy Notice and the
privacy preferences you have expressed to us.
Compliance with laws and protection of our rights and the rights of others. We may disclose
personal data when this is necessary to comply with the law, a court order, a request from a regulator
or a subpoena. The legal basis for this data processing is that it is necessary for compliance with a legal
obligation to which we (the data controller) are subject, otherwise that we have a legitimate interest in
complying with lawful requests from public authorities. Before disclosing personal data, or making
personal data available to, public authorities in third countries, we will consider our obligations to provide
an adequate level of protection for the data, except where relevant derogations exist.
We may also disclose personal data: (i) to prevent or investigate a possible crime, such as fraud or
identity theft (the legal basis being that we have a legitimate interest in protecting ourselves from crime
and enforcing or defending our rights); (ii) to enforce or apply our online terms of use or other contractual
relationship with you (the legal basis being that it is necessary for the performance of a contract with
you (where we contract with you as a sole trader) or it is otherwise in our legitimate interest to do so; or
(iii) to protect our own rights or property or the rights, property or safety of our users or others (the legal
basis being that we have a legitimate interest in doing so).
In relation to user-entered data, Syngenta will obtain the user’s consent before sharing such data in a
manner not described in this Privacy Notice or the Terms and Conditions.
4. How can you exercise your rights in relation to your personal data?
We strive to maintain a high level of transparency about the data we process. As regards our processing
of your personal data described in this Privacy Notice, you have the following rights:
To confirm Syngenta is processing your personal data, to get access to or receive a copy of the
personal data we may have about you;
To require us to rectify or update any inaccurate personal data, or complete any incomplete
personal data;
To require us to delete or erase your personal data;
To restrict our processing of your personal data;
To require us to transmit certain of your personal data to you or to transfer or have them
transferred to another data controller (data portability);
To object to our processing of your personal data on a legitimate interests basis. If we agree
with your objection then, subject to other legitimate interests which we may be able to rely on
(e.g. in the context of legal claims pending or threatened against us), we will then no longer be
allowed to process your personal data;
Page 7 of 12
To require that we stop processing your personal data for direct marketing purposes; and
To withdraw your given consent at any time without affecting the lawfulness of the processing
based on consent until withdrawal.
Certain rights are subject to restrictions or limitations, and their availability may depend on the lawful
basis we rely on to process your personal data (see section 2 above). Further, we may rely on applicable
exemptions under applicable law in order to deny part or all of your request. If we do so, we will inform
you when responding to your request.
If you wish to exercise any of your above rights, you can contact us as follows:
Please complete the Individual Privacy Rights Request Self-Service Form and describe your request.
We will respond to your reasonably specified request as quickly as possible after validating the request.
5. How to delete your Account? How long does Syngenta store your personal data?
Subject to the below, we intend to store your personal data only for so long as you have an Account (if
your Business is an Account Holder) or for so long as you are an authorized User of an Account.
Syngenta will delete Accounts if the Products are not used for thirty-six months, unless applicable law
requires a longer data retention period.
Please note that removing the Products from your device will not delete the Account. The Account
will remain active unless the Account Holder asks for deletion by emailing support@cropwise.com.
Subject to the below, deletion of an Account Holder’s Account will delete the personal data of Users.
However, we may retain non-personal data after the Account has been deleted.
For evidentiary purposes, in particular to be prepared for legal disputes or complaints, we may store
certain personal data (such as a record of your identity and the fact that you were a User of our Products)
for a period of time after deletion of an Account that you had access to as a User as long as this is
permissible and necessary given the statutes of limitations in your country, so our retention period may
vary depending on the circumstances. However, in such cases we will no longer actively process the
personal data for the originally specified purpose, but only for the purpose mentioned above. Further
we will limit access to your personal data on that basis. The legal basis for such processing is that is it
necessary for our legitimate interest in establishing, exercising or defending our rights. We may also
retain your personal data after deletion of your Account, if necessary, to comply with an applicable legal
obligation.
6. Questions, concerns and complaints concerning our privacy practices.
Should you have any questions, you can contact our Data Privacy Lead via email at
data.privacy@syngenta.com or by writing to the address for Syngenta given in the Introduction section
at the beginning of this Privacy Notice. You also have a right to lodge a complaint with the relevant
supervisory authority.
Additional Information for Regional U.S. Consumers (“Notice”)
This Notice further explains how we collect, use, and disclose your Personal Information. It also
describes how to exercise your rights under the California Consumer Privacy Act (“CCPA”), the
Colorado Privacy Act, the Connecticut Act Concerning Personal Data Privacy and Online Monitoring,
the Utah Consumer Privacy Act, the Virginia Consumer Data Protection Act and other similarly
applicable state privacy legislation. Syngenta refers to those laws collectively the “U.S. Privacy Laws”.
When Syngenta references “Personal Information” in this Notice, that is information that identifies,
relates to, describes, is reasonably capable of being associated with, or could reasonably be linked
with consumers, directly or indirectly. Personal Information does not include information that cannot
be reasonably linked to you. In addition, in this Notice we use certain defined terms, which we have
capitalized. These capitalized terms have the meaning given to them in our Terms & Conditions, which
form part of the Agreement between us and you.
Page 8 of 12
How Syngenta may collect, use, and disclose Personal Information
The chart below shows the categories of Personal Information we may collect through Cropwise,
examples of the types of Personal Information in each category; the types of sources from which each
category of Personal Information is collected; the business purpose(s) for which that category of
Personal Information is collected as well as the types of third parties with whom that category of
Personal Information is disclosed. This information covers the past 12 months.
Categories of
Personal
Information
Collected
Examples of
Personal
Information
Collected
Categories of
Sources from
which personal
information is
collected
Categories of third
parties to whom
Personal
Information is
disclosed
Intended Data
Retention Period
Identifiers
Your real name, alias,
email address,
business name, a
description of who
you are, postal
address, telephone
number, password for
your Account.
Directly from a
consumer
As described in the
section entitled “How
does Syngenta
share personal
data?”
As long as required
for the business
purpose or as legally
required
Identifiers
Your real name, alias,
email address,
business name, a
description of who
you are, address,
telephone number.
Directly from a
consumer
As described in the
section entitled “How
does Syngenta
share personal
data?”
As long as required
for the business
purpose or as legally
required
Internet
Activity
If you use a mobile
app Product, the
information regarding
your interaction with
the application,
including the date and
time the app on your
device accesses our
servers and what
information and files
have been
downloaded to the
app.
Directly from a
consumer or
acquired via digital
process
As described in the
section entitled “How
does Syngenta
share personal
data?”
As long as required
for the business
purpose or as legally
required
Internet
Activity and
Identifiers
If you use an online
service in connection
with a Product, the
following will be
collected: computer
type (Windows or
Macintosh), operating
system name and
version, language,
internet browser type
Directly from a
consumer or
acquired via digital
process.
From Service
Providers or from
As described in the
section entitled “How
does Syngenta
share personal data”
As long as required
for the business
purpose or as legally
required
Page 9 of 12
and version and the
name and version of
the online services
you are using,
Internet Protocol
address,
browsing/search
history (page(s)
visited and time).
publicly-available
information.
Internet
Activity,
Customer
Records,
Inferences
and
Identifiers
Contact information,
as well as information
about your interaction
with the Products.
Directly from a
consumer or
acquired via digital
process.
From Service
Providers or from
publicly-available
information.
Internal
As described in the
section entitled “How
does Syngenta
share personal data”
As long as required
for the business
purpose or as legally
required
Internet
Activity and
Identifiers
Your real name, alias,
email address and
device specific
identifiers, (computer
type (Windows or
Macintosh), operating
system name and
version, language,
internet browser type
and version and the
name and version of
the online services
you are using,
Internet Protocol
address,
browsing/search
history (the page(s)
visited and time
visited).
Directly from a
consumer or
acquired via digital
process.
From Service
Providers or from
publicly-available
information.
As described in the
section entitled “How
does Syngenta
share personal data”
As long as required
for the business
purpose or as legally
required
We do not sell or disclose your Cropwise personal information in exchange for money, and we have not
‘sold’ or ‘shared’ (as those terms are defined by the CCPA) your Cropwise personal information in the
Page 10 of 12
preceding 12 months. Our use of sensitive personal data collected through Cropwise (if any) is limited
to use which is necessary to provide the Products.
How can you exercise your rights provided under the U.S. Privacy Laws?
Depending on where you live, and subject to certain exceptions, you may have some or all of the
following rights:
Right to Know and Access: The right to request that we disclose to you the Personal
Information about you that we collect, use, or disclose, and information about our data practices.
This includes (i) the right to confirm whether or not we are processing your Personal Information
and to access such data; (ii) the right to know what personal information has been collected
about you, including the categories of Personal Information, the categories of sources from
which the Personal Information is collected, the business or commercial purpose for collecting,
selling, or sharing Personal Information, the categories of third parties to whom the Personal
Information is disclosed, and the specific pieces of Personal Information that have been
collected about you.
Right to Request Correction: The right to request that we correct inaccurate Personal
Information that we maintain about you.
Right to Request Deletion: The right to request that we delete your Personal Information that
we have collected from or about you.
Right to Opt Out of Targeted Advertising: The right to opt out of the processing of your
Personal Information obtained from your activities on nonaffiliated websites or online
applications for the purposes of targeted advertising.
Right to Non-Discrimination: The right not to receive discriminatory treatment for exercising
your privacy rights.
Right to Data Portability: The right to have certain of your Personal Information transmitted to
you or to transfer or have the information transferred to another data controller.
If you are a California resident or otherwise have rights under U.S. Privacy Laws and you would like
to exercise any of your rights pursuant to this Privacy Statement, please complete the Individual
Privacy Rights Request Self-Service Form and describe your request, or call 1-800-334-9481.
Verification Process
After we receive your request, to ensure the security of the information we store and consumers’ privacy,
we will verify that you are appropriately affiliated with the subject of the request, either as the consumer
or as an authorized agent or guardian of the consumer. We may ask you to provide a few pieces of
information to confirm your identity in our records.
Non-Discrimination
Please note that a legitimate denial of a request for information, deletion, or to opt-out is not
discriminatory, nor is charging a fee for excessive or repetitive consumer requests as permitted by the
CCPA.
Page 11 of 12
Authorized Agents
You may designate an authorized agent to exercise your rights under the CCPA (or other US Privacy
Laws if such laws permit) on your behalf.
Pursuant to the CCPA:
Only a business entity or natural person registered with the California Secretary of State may
act as an authorized agent.
You must provide the authorized agent written permission to exercise your rights under the
CCPA on your behalf.
We may deny a request from an authorized agent on your behalf if the authorized agent does
not submit proof that he, she, or it has been authorized by you to act on your behalf if we request
such proof, as permitted by the CCPA.
Even if you use an authorized agent to exercise your rights under the CCPA on your behalf, pursuant to
the CCPA we may still require that you verify your own identity directly to us.
Personal Information of Minors
Our operation of this website, our activity on social media, and our services are not intended for children
or minors under the age of 16 years old. Accordingly, we do not knowingly collect, store, share or sell
information about minors under the age of 16. If you believe that we have unintentionally received
personal information about a minor under the age of 16 years old, please contact us
at data.privacy@syngenta.com.
Changes
Syngenta reserves the right to amend this Statement, including the Notice, at our discretion and at any
time.
Additional Information for Canadian Residents
This section is applicable to you if you are a Canadian resident. "Personal Information" (referred to
elsewhere in this document as “personal data”) is information that identifies you personally, either alone
or in combination with other information available to us. It further explains how we collect, use, and
disclose your Personal Information.
Your Consent
By accessing or using a Product, you are consenting to the collection, use and disclosure of your
Personal Information as set forth in this Privacy Notice. If you do not consent to the collection, use and
disclosure of your Personal Information as set forth in this Privacy Notice, you may not use the Product.
How Does Syngenta Protect Personal Information?
We maintain a comprehensive data security program, including commercially reasonable administrative,
physical and technological security measures, to protect your Personal Information from unauthorized
access, unauthorized use, and unauthorized or accidental destruction, modification or disclosure.
Although we take commercially reasonable precautions to provide a level of security appropriate to the
sensitivity of the Personal Information we collect, we cannot guarantee the security of information
provided over the Internet or stored in our databases.
Process for destroying Personal Information
After Personal Information has been used for its intended purpose and/or retention period, electronic
copies are deleted or anonymized and paper copies are destroyed.
Page 12 of 12
Children
Our sites are not directed nor targeted to children under the age of 16. We do not use our sites to
knowingly solicit data from or market to children under the age of 16. If you are under the age of 16, do
not provide us with any Personal Information. If we learn that someone under 16 has provided personally
identifiable information through one of our sites, we will use reasonable efforts to remove such
information from our databases.
Transfers outside of Canada
We may transfer your Personal Information to our service providers and others located outside of
Canada for the purposes described in this Privacy Notice. Different countries have different privacy laws
and requirements, and some provide less legal protection for your Personal Information than others.
Please know, however, that no matter where your personal information is collected, used, transferred or
stored, if it was collected through a Product (to which this Privacy Notice applies), it will be protected by
the terms of this Privacy Notice. By using a Product, you are consenting to the collection, use, and
transfer of your Personal Information in or to Canada, the United States or any other country in the world.
*Questions from Canadian Residents Concerning Our Privacy Practices and/or Complaints
If you are a Canadian resident and have questions about this policy or our privacy practices and/or
complaints, please send an email or write to our data privacy officer:
Write to us at:
Data Privacy Officer: Lynn Schmidt
Lead Counsel
lynn.schmidt@syngenta.com
Syngenta Canada Inc.,
140 Research Lane,
Guelph, ON N1G 4Z3
This Privacy Notice is effective and was last updated as of the version date specified above.