Legal

Privacy Policy

Last updated: 25 June 2026

This Privacy Policy explains how Farmso (“we”, “us”) collects, uses and protects personal data when you use our website and platform. Farmso is part of the Petso solution.

Note: This document is a template provided for transparency and must be reviewed by qualified legal counsel before you rely on it.

1. Information we collect

We collect the following categories of data:

  • Account data — your name and email address.
  • Farm & organisation data — animals, premises, movements, health records and documents you enter.
  • Billing data — processed by our payment provider (Stripe); we do not store full card details.
  • Authentication data — email one-time passcodes issued via AWS SES.
  • Usage & device data — log data, IP address and basic analytics needed to operate and secure the service.

2. How we use your information

  • To provide, maintain and secure the platform.
  • To authenticate you and manage your subscription and billing.
  • To deliver compliance features, generate documents and maintain audit trails.
  • To provide support and respond to your enquiries.
  • To improve the product and meet our legal obligations.

3. Legal bases (GDPR)

Where the GDPR applies, we process personal data under one or more of: performance of a contract, our legitimate interests, your consent, and compliance with a legal obligation.

4. Data ownership & our role

For the farm and animal data you enter, you are the data controller and Farmso acts as your data processor. We process that data on your instructions to provide the service.

5. Sharing & sub-processors

We share data only with the sub-processors needed to run the service:

  • Cloudflare — hosting, database (D1) and storage (R2).
  • Stripe — payment processing.
  • AWS SES — transactional email and one-time passcodes.
  • Solana network — public cryptographic hashes only (no personal data).

6. On-chain data

When provenance anchoring is enabled, only a SHA-256 hash of a canonical record is written to the Solana blockchain. No personal data is ever published on-chain, and hashes cannot be reversed to reveal the underlying data.

7. Data retention

We retain personal data while your account is active and for any periods required by law (including statutory traceability record-keeping). You can request export or erasure subject to those obligations.

8. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction or erasure.
  • Export your data (portability).
  • Object to or restrict certain processing.
  • Lodge a complaint with your supervisory authority.

9. Cookies & local storage

Our website uses essential storage only — for example, your theme and language preference. We do not use advertising or cross-site tracking cookies.

10. Security

We use encryption in transit and at rest, role-based access control, and immutable audit logging. No method of transmission or storage is 100% secure, but we work to protect your data using industry practices.

11. Changes to this policy

We may update this policy from time to time and will post the revised version with a new “last updated” date.

12. Contact

For privacy questions or to exercise your rights, contact support@farmso.org.