spa

CropConnect

Privacy Policy

Last updated: April 7, 2026

1. What We Collect

When you use CropConnect, we collect the following:

Information you provide:

  • Account details: name, email, password, role (farmer/buyer)
  • Profile info: farm name, location, crops, bio, profile photo
  • Transaction data: orders, payment amounts, shipping details
  • Communications: messages sent through the Platform
  • Reviews and ratings you leave for other users

Information collected automatically:

  • Device and browser information
  • IP address and approximate location
  • Pages visited and actions taken on the Platform
  • Cookies and similar tracking technologies

2. How We Use Your Data

  • Process transactions and facilitate the escrow payment flow
  • Verify your identity and prevent fraud
  • Calculate and display your CropScore reputation
  • Send order updates, shipping notifications, and account alerts
  • Improve the Platform, fix bugs, and develop new features
  • Enforce our Terms of Service and resolve disputes
  • Comply with legal obligations

3. Payment Data & Stripe

We use Stripe to process payments. When you pay for an order or set up payouts as a Farmer:

  • Your card details are sent directly to Stripe — we never see or store your full card number.
  • Stripe processes and stores your payment information under their Privacy Policy.
  • We store transaction metadata: amounts, order IDs, payment status, and Stripe reference IDs.
  • Farmers using Stripe Connect share business verification data directly with Stripe.

Stripe is PCI DSS Level 1 certified — the highest level of payment security certification.

4. Data Storage

Your data is stored in Supabase (PostgreSQL) with row-level security policies that ensure users can only access their own data. Uploaded images are stored in Supabase Storage with access controls.

We use industry-standard encryption for data in transit (TLS) and at rest. Passwords are hashed and never stored in plain text.

5. What We Share

We don't sell your personal data. We share information only in these cases:

  • With other users: Your public profile (name, location, bio, CropScore, listings) is visible to other users. Email and phone are never shared publicly.
  • With Stripe: Transaction and identity data needed to process payments.
  • For legal compliance: When required by law, court order, or to protect our rights.
  • With service providers: Hosting, analytics, and error monitoring services that help us run the Platform, under strict data processing agreements.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data via your profile settings
  • Delete your account and associated data (email us)
  • Export your data in a portable format
  • Opt out of marketing communications

California residents have additional rights under the CCPA. EU residents have additional rights under the GDPR. Contact us to exercise these rights.

7. Cookies

We use essential cookies for authentication and session management. We don't use third-party advertising cookies. Analytics cookies are used to understand how the Platform is used and improve the experience.

8. Data Retention

We keep your data as long as your account is active. Transaction records are retained for 7 years for tax and legal compliance. If you delete your account, we remove personal data within 30 days, except where retention is required by law.

9. Children

CropConnect is not intended for anyone under 18. We don't knowingly collect data from minors. If we learn we've collected data from someone under 18, we'll delete it promptly.

10. Changes

We may update this policy as the Platform evolves. Material changes will be communicated via email or a prominent notice on the Platform. Your continued use after changes constitutes acceptance.

11. Contact

Privacy questions or data requests? Email us at privacy@cropconnect.com.

Terms of ServiceBack to CropConnect