Skip to main content

Privacy Policy

Last updated: May 2026. Effective immediately.

EcoShade is a precision agriculture platform based in Tbilisi, Georgia. This policy explains what we collect and how we protect your data when you use the farmer app, partner portals, and public site.

1. Data Controller

EcoShade ("we", "us", "our") operates the EcoShade platform at ecoshade.org. We are based in Tbilisi, Georgia, and act as the data controller for personal data processed through the farmer app, B2B and partner portals, and our public website.
We process data under the General Data Protection Regulation (GDPR), Georgian personal data protection law, and other rules that apply where you live.

2. Data We Collect

We collect data that the product needs to run:
  • Account data: Email, name, country, role (farmer, carbon buyer, insurer, agro-dealer, auditor, agronomist, government, or admin), locale, and optional phone number from sign-up and onboarding.
  • Farm and field data: Farm name, GPS location, field polygons, area, soil type, irrigation type, and crop rotation records.
  • Plant and crop data: Species, variety, planting dates, growth stage, health status, and photos you upload for AI scan analysis.
  • AI analysis data: Model outputs, confidence scores, safety rule results, and treatment recommendations. Scan records are kept for audit and review.
  • Carbon and MRV data: NDVI and related vegetation indices, carbon estimates, MRV project records, evidence uploads, and accreditation readiness checks.
  • Partner and marketplace data: B2B organisation details, marketplace orders, Stripe Connect account identifiers for partner payouts, and API usage where applicable.
  • Usage data (opt-in only): Product analytics through PostHog, only after you accept analytics cookies in the consent banner.

3. How We Use Your Data

  • Core platform: Farm management, AI crop scans, satellite indices, weather forecasts, epidemic forecasting, tasks, irrigation planning, and carbon tracking.
  • Partner services: B2B carbon marketplace access, anonymised risk API responses, and marketplace connections between farmers and agricultural suppliers.
  • Safety and compliance: Running hardcoded treatment safety rules, keeping AI audit logs, and responding to lawful requests.
  • Product improvement: Anonymised and aggregated trends (for example regional disease patterns). We do not sell individual farmer profiles.

4. Lawful Basis (Art. 6 GDPR)

  • Contractual necessity: Account and farm data needed to provide the service you registered for.
  • Legitimate interest: Platform security, abuse prevention, and aggregated analytics that respect your rights.
  • Explicit consent: Analytics cookies (PostHog). These stay off until you opt in through the cookie banner.
  • Legal obligation: Keeping audit and verification records where accreditation partners or law require it.

5. Data Minimisation and Retention

List views in the app use summary fields where possible. Full AI model payloads load when you open a specific scan, not in bulk list queries.
We keep account data while your account is active. When you delete your account from Settings, we remove your profile and linked records through database cascade rules. Some anonymised audit entries may remain where law or accreditation requires it.

6. Your Rights

  • Right of access (Art. 15): Email privacy@ecoshade.org to request a copy of personal data we hold about you.
  • Right to erasure (Art. 17): Delete your account from Settings. We remove personal data and sign-in access. Immutable carbon verification records may be retained in anonymized form where required by regulation.
  • Right to data portability (Art. 20): Download a JSON export from Settings using "Export my data". The file includes your profile, farms, scans, AI logs, carbon and MRV records, orders, audit history, and a storage manifest.
  • Right to withdraw consent (Art. 7): Turn off analytics cookies in the cookie banner or Settings. Withdrawal does not undo processing that was already lawful.
  • Right to object and restrict: Object to processing based on legitimate interest, or ask us to restrict processing while a dispute is reviewed.

7. Security

Data is encrypted in transit (TLS) and at rest on our infrastructure providers. Sign-in uses Supabase Auth (email and password, with optional OAuth). Row-Level Security in Postgres limits each user to their own rows. That enforcement happens on the server, not in the browser alone.

8. Third-Party Processors

  • AI models: OpenAI gpt-4.1-mini, Anthropic claude-sonnet-4-6, Google gemini-2.5-flash-lite for crop scan inference. Images are sent as base64 from our servers (not public URLs). OpenAI requests use store=false so responses are not retained by OpenAI for later retrieval. Anthropic structured-output requests qualify for Anthropic's Zero Data Retention program with limited technical retention. Google Gemini paid API requests are not used to improve Google products; prompts may be logged briefly for abuse monitoring unless you enable Zero Data Retention on your Google AI/GCP project (see https://ai.google.dev/gemini-api/docs/zdr). Failed providers never produce synthetic diagnoses — scans fail or queue for human review instead.
  • Infrastructure: Supabase (database, auth, and file storage — EU region where configured), Vercel (hosting), Sentry (error monitoring when configured), Mapbox (farm maps), Resend (transactional email), Twilio (optional SMS alerts), and Telegram (optional bot alerts).
  • Authentication: Google OAuth when you choose “Continue with Google”. Supabase Auth processes credentials; we do not store Google passwords.
  • Satellite and weather: Copernicus Sentinel Hub (Sentinel-2 vegetation indices), Landsat 8 where applicable, OpenWeatherMap, and Open Data Hub where your farm location falls in a supported region. Requests use coordinates, not your name or email.
  • Analytics (opt-in): PostHog, only after cookie consent.
  • Payments: Stripe for B2B marketplace checkout and partner Connect payouts. EcoShade does not store full card numbers.

9. International Transfers

EcoShade serves farmers across Europe, Central Asia, and the Caucasus. Subprocessors may process data in the United States (for example Vercel, Sentry, PostHog US ingest, Stripe, Mapbox, Resend, Twilio, and AI providers) or other countries where they operate. Where required, we use appropriate safeguards such as Standard Contractual Clauses. You can configure PostHog to the EU ingest host (eu.i.posthog.com) in your deployment environment.

10. Contact

Privacy questions and data rights requests: privacy@ecoshade.org
You may also contact your local data protection authority. In Georgia, complaints can be raised with the Personal Data Protection Service.