Precision Fermentation

Terms of Use

BrewMonitor Console

Effective Date: 2024-10-25

Precision Fermentation, Inc. ("we," "us," "our") is committed to protecting the privacy of users of our BrewIQ mobile application ("App"). This Privacy Policy outlines how we collect, use, disclose, and retain personal and aggregated data when you use the App. We comply with applicable privacy laws, including CCPA, CPRA, GDPR, and other international data protection regulations.

By using the BrewIQ app, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect the following types of information when you use the BrewIQ app:

1.1 Contact Information

  • Name
  • Email address
  • Company information (if applicable)
  • Phone number (used for sending text alerts and notifications)
  • User credentials for app login

1.2 Transaction Data

  • Records of transactions related to app usage, such as service purchases or subscriptions.
  • Payment information, billing address, and service history (for subscription services).

1.3 Technical and Usage Data

  • Device information, including model, operating system, and device identifiers.
  • IP address and browser type (for web interactions).
  • App usage data, such as session duration, feature interactions, and error reports.
  • Telemetry data, including brewing data collected through the app.

1.4 Data Related to Brewing Processes

  • Manual fermentation samples and related brewing data (e.g., temperature, pH levels, fermentation stages) that you input for monitoring and analysis purposes.
  • Other brewing-related data, stored within the app, to track performance and provide insights.

1.5 Aggregated and Anonymized Data

We may collect anonymized and aggregated data derived from your use of the app, including performance metrics, feature usage patterns, and brewing-related data. This data is fully anonymized and cannot be used to identify you personally. Precision Fermentation, Inc. (“PFI”) owns all right to this anonymized and aggregated data, which may be used for purposes such as product development, internal analysis, operational improvements, and industry benchmarking.

1.6 Marketing and Communication Preferences

  • Data about your marketing preferences and communications with us, including any opt-in/opt-out preferences related to promotional materials.
  • Phone number for receiving text alerts and notifications related to app usage, brewing processes, or critical system updates.

2. How We Use Your Data

We use your data for the following purposes:

  • Service Provision: To operate, maintain, and improve our services.
  • Analyze User Behavior: To enhance the user experience, and offer Personalized recommendations based on app usage and data collected.
  • Product Development and Analytics: To analyze product performance, troubleshoot issues, and develop improvements.
  • Research: Aggregated and anonymized telemetry data may be shared with research institutions, including universities, to support scientific research and product development.
  • Compliance: To comply with legal obligations, respond to regulatory authorities, and protect against fraud and abuse.
  • Marketing: We may send promotional updates, offers, and invitations, which you can opt out of at any time.

3. Legal Basis for Data Processing (GDPR)

Under GDPR, we process your data based on the following legal grounds:

  • Consent: When you provide explicit consent for marketing or notifications.
  • Contract: To fulfill our obligations related to the services you request.
  • Legitimate Interest: For analytics and app improvement.

4. How We Share Your Data

We do not sell, rent, or trade personal information collected through the BrewIQ app. We only share your data as described below:

4.1 Service Providers

We share data with trusted third-party service providers for purposes like order fulfillment, customer support, and data processing. These providers are required to follow data protection obligations consistent with our policies.

4.2 Legal Compliance

We may disclose your data as required by law or in response to legal processes, including requests from law enforcement or regulatory authorities.

4.3 Aggregated Data

We retain and may use anonymized and aggregated data for operational purposes, research, and analytics. Additionally, we may share anonymized and aggregated data with research partners, including universities and research centers, to support scientific studies, product development, and industry benchmarks. This data will remain anonymized and cannot identify any individual.

5. Data Security

We take the security of your data seriously and employ measures such as:

  • Encryption: We use industry-standard encryption (TLS 1.2 or higher) for data in transit and AES-256 for data at rest.
  • Access Control: Role-based access controls (RBAC) restrict access to authorized personnel only.
  • Incident Response: We monitor for security threats and will notify you in the event of a confirmed data breach.

We implement technical and organizational measures to protect your data, including encryption, secure server infrastructure, and regular security audits. However, no system is 100% secure.

Your Security Responsibilities:

Access Management:

You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. We strongly advise using strong passwords and ensuring the security of your login credentials.

Notifications:

Informing us immediately if you detect any unauthorized access or misuse of your account.

6. Data Breach Notification

In the event of a data breach, we will:

  • Notify you in accordance with applicable laws. For example, in certain jurisdictions such as California, we may delay notification if doing so would interfere with an ongoing investigation.
  • Provide details on the breach, including its nature, the data affected, and steps taken to mitigate the damage.
  • Conform with privacy regulations that may supersede internal policies regarding notification.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy. Data retention may include:

7.1 Subscriber Data

Upon termination of your account, we may retain your Subscriber Data for a reasonable period to complete billing, reconciliation, or other necessary operational tasks. The data will remain secure and limited to authorized personnel only.

7.2 Billing, Sales and Communication Data

We retain billing records, sales records, communication logs, and related data for as long as necessary to comply with legal obligations, such as tax laws and regulatory requirements.

7.3 Aggregated and Anonymized Data

We may retain anonymized and aggregated data indefinitely for operational purposes, including performance analytics, benchmarking, and research. This data may be shared with research partners as outlined in Section 3.3.

e retain your data for as long as necessary to provide our services or as required by law. When your data is no longer needed, we securely delete or anonymize it to ensure your privacy is maintained.

8. Third-Party Links

The BrewIQ app may contain links to third-party websites. Once you leave the app and access these sites, you are subject to the privacy policies of those websites. We are not responsible for the privacy practices of third-party sites and recommend that you review their privacy policies before interacting with them.

We may also share your personal data with trusted third-party service providers for specific purposes, such as:

  • Analytics Providers: For usage analysis.
  • Cloud Services: For secure data storage.
  • Payment Processors: To facilitate transactions.

Each third-party service provider is required to comply with strict data protection standards to ensure the security and confidentiality of your data.

9. International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure it is protected through the use of Standard Contractual Clauses or other legally acceptable safeguards.

10. International Use

The BrewIQ app is hosted in the United States and subject to U.S. laws. For users located outside the U.S., please be aware that your data may be transferred to, stored and processed in the U.S., and by using the app, you consent to such transfers. We comply with international data protection laws, including the GDPR for users in the European Union.

11. Your Privacy Rights

11.1 GDPR (For EU Residents)

You have the following rights under the GDPR:

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Request corrections to inaccurate data.
  • Right to Erasure: Request deletion of your data (subject to legal obligations).
  • Right to Restrict Processing: Limit the processing of your data in certain circumstances.
  • Right to Data Portability: Request a copy of your data in a machine-readable format.
  • Right to Object: Object to data processing based on legitimate interests or marketing.

11.2 CCPA/CPRA (For California Residents)

Residents of California have the following rights:

  • Right to Know: Request disclosure of the categories of personal information we collect and share.
  • Right to Delete: Request deletion of your personal data, subject to exceptions for legal or business needs.
  • Right to Opt-Out: Opt-out of the sale of your personal information (if applicable).
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights under the CCPA/CPRA.

12. Limitation of Liability

To the fullest extent permitted by law, our liability for any data breach or security incident involving your personal data is limited to the total fees paid by you in the six (6) months preceding the incident. We are not liable for:

  • Data breaches caused by your failure to follow security recommendations.
  • Incidents resulting from third-party systems not managed by us.
  • Costs related to third-party expenses, such as legal fees, unless expressly agreed in writing.

13. Children's Privacy

The BrewIQ app is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal data from a child under 13 without verified parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child under 13, please contact us at info@precisionfermentation.com so that we can take appropriate action.

14. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Precision Fermentation, Inc.
Website: http://www.precisionfermentation.com
Email: info@precisionfermentation.com
Phone: +1 (919) 717-3983

Any data subject may, at any time, contact us directly with any questions and suggestions concerning data protection. We encourage interested persons to raise any concerns about the collection, use, or processing of personal data using the contact information provided above. In the event of a privacy-related issue or complaint, we will investigate and attempt to promptly resolve any complaints and disputes regarding the use and disclosure of personal data.

For complaints that cannot be resolved, if your personal data is subject to the GDPR, we commit to cooperating with the panel established by the EU data protection authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner (FDPIC), as applicable, and comply with the advice given by the panel or Commissioner about personal data transferred from the EU or Switzerland. In order to facilitate the handling of complaints, individuals in the EU can choose to contact their national DPA or use the form located at this link: https://ec.europa.eu/newsroom/document.cfm?doc_id=42962

Individuals in Switzerland can contact the Swiss Information Commissioner by visiting: https://www.edoeb.admin.ch/edoeb/de/home.html

This independent dispute resolution process is provided at no cost to the individual.

15. Updates to this Privacy Policy

We may change or update this Privacy Policy or any of our data protection procedures without prior notice, except that if any changes are likely to have an adverse impact on your rights under data protection law, we will use reasonable efforts to notify you of the changes in advance. This notification may be provided through the BrewIQ app or via email, and, where required, we will obtain your consent to any activities affected by such changes.

We will post a notice within the BrewIQ app to advise you of any significant changes to this Privacy Policy and indicate via the “Last Updated” date at the top of this Privacy Policy when it was most recently updated. Your continued use of the BrewIQ app signifies your continued acceptance of the terms of this Privacy Policy, as updated or amended at that time.