Privacy Policy

Effective Date: September 9, 2025
Last Updated: September 9, 2025

AgriLinkage LLC ("AgriLinkage," "we," "us," or "our") operates the AgriLinkage platform (the "Platform"), a business-to-business (B2B) service connecting agricultural suppliers worldwide with potential buyers in the agricultural ecosystem, including farming, fishery, food processing, machinery, and related tools and services. We are committed to protecting your privacy and handling your information responsibly. This Privacy Policy describes how we collect, use, disclose, store, and protect information, including Personal Data, in connection with the Platform.

Scope and Application
Legal Framework and Compliance
Definitions
Information We Collect
How We Collect Information
How We Use Information
Legal Bases for Processing
Sharing and Disclosure of Information
International Data Transfers
Data Retention
Data Security
Your Privacy Rights
Cookies and Tracking Technologies
Third-Party Services and Links
AI and Automated Decision-Making
Data Breach Response
Children's Privacy
California Privacy Rights (CCPA/CPRA)
European Union and UK Rights (GDPR)
Other Jurisdiction-Specific Rights
Business Transfers
Data Protection Officer
Dispute Resolution
Changes to This Privacy Policy
Contact Information

1. Scope and Application

This Privacy Policy applies to all users of the Platform, including:

Buyers: Registered account holders who use the Platform to connect with Suppliers
Suppliers: Businesses whose profiles we create, manage, and verify
Visitors: Individuals who browse the Platform without registering
Third Parties: Partners, service providers, and other entities that interact with our Platform

This Privacy Policy incorporates and expands upon the privacy-related provisions in our Terms of Service, which you agree to by using the Platform. If you do not agree with this Privacy Policy, please do not access or use the Platform.

2. Legal Framework and Compliance

We operate as a data controller under applicable laws for the Personal Data we process. In some cases, we may act as a data processor when handling Supplier-submitted Documentation on behalf of verified Buyers. We comply with global privacy laws, including but not limited to:

International Laws:

European Union General Data Protection Regulation (GDPR) and UK GDPR
Brazil's Lei Geral de Proteção de Dados (LGPD)
Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
Australia's Privacy Act 1988 (Privacy Act)
South Africa's Protection of Personal Information Act (POPIA)
India's Digital Personal Data Protection Act (DPDP Act)
China's Personal Information Protection Law (PIPL)
Japan's Act on the Protection of Personal Information (APPI)
Singapore's Personal Data Protection Act (PDPA)
New Zealand's Privacy Act 2020

U.S. Federal and State Laws:

California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)
Virginia Consumer Data Protection Act (VCDPA)
Colorado Privacy Act (CPA)
Connecticut Data Privacy Act (CTDPA)
Utah Consumer Privacy Act (UCPA)
Illinois Biometric Information Privacy Act (BIPA)
Children's Online Privacy Protection Act (COPPA)
Gramm-Leach-Bliley Act (GLBA)
Health Insurance Portability and Accountability Act (HIPAA) where applicable
Fair Credit Reporting Act (FCRA) for background checks
CAN-SPAM Act for email communications
Telephone Consumer Protection Act (TCPA) for phone communications

We regularly review and update our practices to ensure compliance across all jurisdictions where our users reside or operate, including conducting Data Protection Impact Assessments (DPIAs) for high-risk processing and maintaining comprehensive records of processing activities.

3. Definitions

Personal Data means any information relating to an identified or identifiable natural person, including but not limited to name, identification number, location data, online identifier, or factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity.
Processing means any operation performed on Personal Data, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, restriction, erasure, or destruction.
Sensitive Personal Data includes racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, sex life, sexual orientation, criminal convictions, and precise geolocation data.
Data Subject means an identified or identifiable natural person whose Personal Data is processed.
Third Party means any natural or legal person, public authority, agency, or body other than the Data Subject, AgriLinkage, and persons authorized to process Personal Data under our direct authority.

4. Information We Collect

We collect information to operate the Platform, provide services, ensure security, comply with laws, and improve user experience. We adhere to data minimization principles, collecting only information necessary for our stated purposes.

4.1 Personal Data

Account and Registration Data (Buyers Only):

Business identification (business name, registration number, tax ID, DUNS number)
Contact information (name, title, email address, phone number, mailing address)
Verification documents (business licenses, certificates of incorporation, proof of identity)
Financial information (bank account details for payments, credit history for verification)
Employment information (job title, department, supervisor contact)
Professional certifications and licenses
This may include Personal Data of business representatives, employees, or authorized users

Supplier Profile Data:

Business contact information from publicly available sources
Names and contact details of business representatives
Professional background and experience data
Business registration and licensing information
Financial and credit information (when publicly available)
Product and service offerings
Customer reviews and testimonials
Claimed profiles may include additional submitted Documentation containing Personal Data

Communication Data:

Messages, inquiries, or feedback sent through Platform communication tools
Email communications to contact@agrilinkage.com
Phone call recordings (with consent where required by law)
Live chat transcripts
Support ticket history and resolutions
Survey responses and feedback forms

Payment and Financial Data:

Billing information (name, billing address, tax information)
Payment method information (processed by third-party providers)
Transaction history and payment records
Credit check results and financial verification data
Tax documentation (W-9, 1099 forms)
Banking information for direct deposits or refunds

Verification and Due Diligence Data:

Background check results and criminal history (where legally permitted)
Sanctions screening data (OFAC, EU sanctions lists, UN Security Council lists)
Export control and trade compliance information
Identity verification documents (passports, driver's licenses)
Professional references and employment verification
Insurance certificates and bonding information
Audit reports and compliance certifications

Technical and Device Data:

IP addresses and geolocation information
Device identifiers (UDID, advertising IDs)
Browser fingerprinting data
Network information and connection details
System configuration and performance data

Sensitive Personal Data:

We do not intentionally collect sensitive Personal Data. If such information is inadvertently submitted (e.g., in Documentation), we process it only with explicit consent, as required by law, or for legitimate business purposes with appropriate safeguards.

4.2 Non-Personal Data

Usage and Analytics Data:

Website interaction data (pages viewed, time spent, click patterns)
Search queries and filters used
Feature usage statistics
Performance metrics and error logs
A/B test participation and results
Heat map and user behavior analytics

Business Intelligence Data:

Market trends and industry analysis
Aggregated user behavior patterns
Platform performance metrics
Competitive intelligence (publicly available)
Economic and market indicators

Technical Data:

Server logs and access records
Security event logs and incident reports
System performance and uptime data
API usage statistics
Database optimization metrics

5. How We Collect Information

5.1 Direct Collection:

Account registration and profile creation
Documentation submission and verification processes
Payment processing and billing
Communications and support interactions
Survey participation and feedback submission
Event registration and participation
Webinar and training session attendance

5.2 Automatic Collection:

Cookies, web beacons, and similar tracking technologies
Server logs and access records
Mobile app usage data and push notification interactions
Email open rates and link clicks
Social media interactions and integrations

5.3 Third-Party Sources:

Public records and government databases
Industry directories and trade publications
Social media platforms and professional networks
Business information services and data aggregators
Credit reporting agencies and financial institutions
Verification service providers and background check companies
Marketing partners and lead generation services

5.4 User-Generated Content:

Reviews, ratings, and testimonials
Forum posts and community discussions
User-uploaded documents and media files
Profile information and business descriptions

6. How We Use Information

We use collected information for the following business purposes:

6.1 Core Platform Services:

Account creation, management, and authentication
User verification and identity confirmation
Supplier scoring and ranking algorithms
Matchmaking and connection facilitation
Search functionality and result personalization
Communication tools and messaging services
Payment processing and billing management

6.2 Security and Compliance:

Fraud detection and prevention
Security monitoring and incident response
Sanctions screening and export control compliance
Anti-money laundering (AML) and Know Your Customer (KYC) procedures
Audit trail maintenance and regulatory reporting
Risk assessment and mitigation
Cybersecurity threat detection and response

6.3 Business Operations:

Customer service and technical support
Platform maintenance and optimization
Quality assurance and testing
Business intelligence and market research
Financial reporting and accounting
Legal compliance and regulatory adherence
Insurance claims and risk management

6.4 Marketing and Communications:

Service announcements and platform updates
Newsletter and promotional communications (with consent)
Market research and customer surveys
Event invitations and industry updates
Personalized content recommendations
Targeted advertising (where legally permitted)
Social media marketing and engagement

6.5 Analytics and Improvement:

Usage pattern analysis and optimization
Feature development and enhancement
Performance monitoring and troubleshooting
User experience research and testing
Predictive analytics and forecasting
Machine learning model training and improvement
Competitive analysis and market positioning

7. Legal Bases for Processing

Under applicable privacy laws, we process Personal Data based on the following legal grounds:

7.1 Contractual Necessity (GDPR Art. 6(1)(b)):

Fulfilling our obligations under Terms of Service
Providing requested Platform services
Processing payments and managing accounts
Delivering customer support and technical assistance

7.2 Legitimate Interests (GDPR Art. 6(1)(f)):

Fraud prevention and security measures
Platform optimization and improvement
Marketing communications to existing customers
Business development and partnership activities
Data analytics for service enhancement

7.3 Legal Obligations (GDPR Art. 6(1)(c)):

Compliance with sanctions and export control laws
Tax reporting and financial record keeping
Response to legal process and government requests
Regulatory reporting and audit requirements

7.4 Consent (GDPR Art. 6(1)(a)):

Marketing communications to prospects
Optional data collection for enhanced services
Cookie placement and tracking (where required)
Processing of sensitive Personal Data

7.5 Vital Interests (GDPR Art. 6(1)(d)):

Emergency situations requiring immediate action
Protection of life, health, or safety of individuals

7.6 Public Task (GDPR Art. 6(1)(e)):

Compliance with regulatory requirements
Supporting law enforcement investigations
Participating in government initiatives

8. Sharing and Disclosure of Information

We share Personal Data only when necessary and with appropriate safeguards:

8.1 Within AgriLinkage:

Authorized employees and contractors with legitimate business need
Subsidiaries and affiliated companies
Business partners in joint ventures or collaborative projects

8.2 Service Providers and Vendors:

Cloud hosting and infrastructure providers (AWS, Microsoft Azure, Google Cloud)
Payment processors and financial institutions (Stripe, PayPal, banks)
Identity verification and background check services
Email marketing and communication platforms
Analytics and business intelligence tools
Legal and professional service providers

8.3 Business Partners:

Verified Buyers for Supplier contact and business information
Integration partners for enhanced platform functionality
Channel partners and resellers
Industry associations and trade organizations

8.4 Legal and Regulatory Requirements:

Law enforcement agencies and government authorities
Courts and legal proceedings
Regulatory bodies and compliance auditors
Tax authorities and revenue services
Sanctions enforcement agencies

8.5 Business Transactions:

Mergers, acquisitions, and corporate restructuring
Asset sales and business transfers
Due diligence for potential investors or acquirers
Bankruptcy or insolvency proceedings

8.6 Emergency Situations:

Protection of rights, property, or safety
Prevention of fraud or illegal activities
Response to security incidents or breaches
Emergency medical or safety situations

We do not "sell" Personal Data as defined under privacy laws. We may share aggregated, anonymized data that cannot reasonably identify individuals for business purposes.

9. International Data Transfers

Personal Data may be processed in countries outside your home jurisdiction, including the United States where our primary operations are located. We ensure appropriate safeguards for international transfers:

9.1 Adequacy Decisions:

We rely on adequacy decisions issued by relevant authorities (e.g., European Commission, UK Information Commissioner's Office) when transferring data to countries with adequate protection levels.

9.2 Standard Contractual Clauses (SCCs):

For transfers to countries without adequacy decisions, we use European Commission-approved SCCs or equivalent mechanisms to ensure appropriate data protection.

9.3 Additional Safeguards:

Binding Corporate Rules (BCRs) for intra-group transfers
Certification schemes and codes of conduct
Technical and organizational security measures
Transfer Impact Assessments (TIAs) for high-risk transfers

9.4 Data Localization:

Where required by local laws, we implement data localization measures, including local data storage and processing restrictions.

10. Data Retention

We retain Personal Data only as long as necessary for the purposes described in this Policy or as required by applicable laws:

10.1 Retention Periods:

Account Data: 7 years after account termination for tax and audit compliance
Transaction Records: 7 years for financial reporting and tax purposes
Verification Data: Duration of business relationship plus 5 years for dispute resolution
Communication Records: 3 years for customer service and legal purposes
Usage Logs: 1 year for security and troubleshooting
Marketing Data: Until consent withdrawal or 3 years of inactivity
Legal Documents: As required by applicable statutes of limitations

10.2 Retention Criteria:

Legal and regulatory requirements
Legitimate business needs and interests
Contractual obligations and dispute resolution
User account status and activity level
Data sensitivity and risk assessment

10.3 Secure Deletion:

Upon expiration of retention periods, we securely delete or anonymize Personal Data using industry-standard methods, including:

Cryptographic erasure for encrypted data
Physical destruction of storage media
Multi-pass overwriting for magnetic storage
Certificate of destruction for third-party disposal

11. Data Security

We implement comprehensive technical, physical, and administrative safeguards to protect Personal Data:

11.1 Technical Safeguards:

Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
Access Controls: Role-based access control (RBAC) and principle of least privilege
Authentication: Multi-factor authentication (MFA) and strong password policies
Network Security: Firewalls, intrusion detection/prevention systems, and VPNs
Application Security: Secure coding practices and regular security testing
Data Loss Prevention: DLP tools and content inspection systems

11.2 Physical Safeguards:

Secure data centers with biometric access controls
Environmental controls and disaster recovery systems
Surveillance and monitoring systems
Clean desk and clear screen policies
Secure disposal of physical media and documents

11.3 Administrative Safeguards:

Information security policies and procedures
Employee security training and awareness programs
Background checks for personnel with data access
Incident response and breach notification procedures
Regular security audits and vulnerability assessments
Third-party security certifications (SOC 2, ISO 27001)

11.4 Ongoing Security Measures:

Continuous monitoring and threat intelligence
Regular penetration testing and security assessments
Security patch management and system updates
Business continuity and disaster recovery planning
Cyber insurance and risk transfer mechanisms

Despite these measures, no system is completely secure, and we cannot guarantee absolute protection against all security threats.

12. Your Privacy Rights

Depending on your jurisdiction and applicable laws, you may have various rights regarding your Personal Data:

12.1 Universal Rights:

Right to Information: Clear information about our data processing practices
Right of Access: Request copies of your Personal Data we hold
Right to Rectification: Correct inaccurate or incomplete Personal Data
Right to Deletion: Request erasure of your Personal Data under certain circumstances
Right to Restrict Processing: Limit how we use your Personal Data
Right to Data Portability: Receive your Personal Data in a portable format
Right to Object: Object to certain types of processing
Right to Withdraw Consent: Withdraw consent for consent-based processing

12.2 Automated Decision-Making Rights:

Right not to be subject to automated decision-making with legal effects
Right to human review of automated decisions
Right to contest algorithmic decisions
Right to explanation of automated processing logic

12.3 Rights Under Specific Laws:

GDPR/UK GDPR: All rights listed above, plus right to lodge complaints
CCPA/CPRA: Right to know, delete, correct, and opt-out of sales/sharing
LGPD: Rights to access, correction, anonymization, and portability
PIPEDA: Right to access and challenge accuracy of Personal Data

12.4 Exercising Your Rights:

To exercise your privacy rights:

Submit requests to contact@agrilinkage.com or through our Privacy Portal
Provide sufficient information to verify your identity
Specify which rights you wish to exercise and the scope of your request
Allow reasonable time for processing (typically 30-45 days)

We may charge reasonable fees for excessive or repetitive requests and may decline requests that are legally unfounded or disproportionate.

13. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar technologies to enhance Platform functionality and user experience:

13.1 Types of Cookies:

Essential Cookies: Required for Platform operation and security
Performance Cookies: Collect usage data to improve Platform performance
Functional Cookies: Remember user preferences and settings
Analytics Cookies: Provide insights into user behavior and Platform usage
Marketing Cookies: Enable personalized advertising and marketing campaigns

13.2 Third-Party Cookies:

We may allow third-party cookies for:

Analytics services (Google Analytics, Adobe Analytics)
Social media integration (LinkedIn, Facebook, Twitter)
Customer support tools (Zendesk, Intercom)
Marketing platforms (HubSpot, Salesforce)

13.3 Cookie Management:

You can control cookie preferences through:

Browser settings and privacy controls
Our Cookie Preference Center
Opt-out mechanisms provided by third parties
Industry opt-out tools (Network Advertising Initiative, Digital Advertising Alliance)

Note that disabling certain cookies may limit Platform functionality.

14. Third-Party Services and Links

Our Platform may integrate with or link to third-party services:

14.1 Third-Party Integrations:

Payment processors (Stripe, PayPal)
Identity verification services (Jumio, Onfido)
Communication platforms (Twilio, SendGrid)
Analytics providers (Google Analytics, Mixpanel)
Social media platforms (LinkedIn, Facebook, Twitter)

14.2 Third-Party Links:

We may provide links to external websites and services for user convenience. We are not responsible for the privacy practices of these third parties and encourage you to review their privacy policies.

14.3 Data Sharing Controls:

We implement contractual and technical controls for third-party data sharing:

Data Processing Agreements (DPAs) with service providers
Limited data sharing based on business need
Regular audits of third-party compliance
Incident notification and breach response procedures

15. AI and Automated Decision-Making

We may use artificial intelligence and automated systems for various purposes:

15.1 AI Applications:

Supplier scoring and ranking algorithms
Fraud detection and risk assessment
Content moderation and spam filtering
Personalized recommendations and matching
Customer service chatbots and virtual assistants
Data analysis and business intelligence

15.2 Automated Decision-Making:

When we make automated decisions that produce legal or similarly significant effects:

We provide meaningful information about the decision logic
You have the right to human review and contest decisions
We implement regular testing for bias and discrimination
We provide alternative processing methods when requested

15.3 AI Governance:

Regular audits of AI systems for fairness and accuracy
Human oversight and intervention capabilities
Transparency reporting on automated decision-making
Compliance with emerging AI regulations and guidelines

16. Data Breach Response

In the event of a data breach affecting Personal Data:

16.1 Detection and Assessment:

Continuous monitoring for security incidents
Immediate containment and mitigation measures
Assessment of breach scope and potential impact
Documentation of incident details and response actions

16.2 Notification Procedures:

Regulatory Notification: Within 72 hours to supervisory authorities (where required)
Individual Notification: Without undue delay when high risk to rights and freedoms
Third-Party Notification: To affected partners and service providers
Public Disclosure: When required by law or in the public interest

16.3 Breach Response:

Investigation and forensic analysis
Implementation of additional security measures
Coordination with law enforcement when appropriate
Provision of support and resources to affected individuals

16.4 Post-Incident Actions:

Review and improvement of security measures
Update of incident response procedures
Staff training and awareness programs
Regular testing of breach response capabilities

17. Children's Privacy

The Platform is designed for business users and is not intended for individuals under 18 years of age (or the applicable age of majority in their jurisdiction):

17.1 Age Verification:

Age confirmation during account registration
Terms of Service restrictions on underage use
Parental consent mechanisms where required by law
Regular monitoring for underage account creation

17.2 COPPA Compliance:

For U.S. users under 13:

No knowing collection of Personal Information
Immediate deletion of identified underage accounts
Parental notification and consent procedures
Safe harbor provisions for inadvertent collection

17.3 International Standards:

Compliance with international children's privacy laws:

GDPR Article 8 (EU users under 16)
UK GDPR provisions for children
LGPD children's data protection (Brazil)
Privacy Act provisions for children (Australia)

18. California Privacy Rights (CCPA/CPRA)

For California residents, we provide enhanced privacy rights under CCPA/CPRA:

18.1 Personal Information Categories:

In the past 12 months, we have collected the following categories:

Identifiers (names, email addresses, IP addresses)
Commercial information (transaction records, preferences)
Internet/network activity (browsing behavior, interactions)
Professional information (business details, employment)
Inferences (preferences, characteristics, behavior)

18.2 Sources and Purposes:

Sources: Direct collection, automatic collection, third parties
Business Purposes: As described in Section 6 (How We Use Information)
Commercial Purposes: Service provision, marketing, analytics

18.3 CCPA Rights:

Right to Know: Categories and specific Personal Information collected
Right to Delete: Request deletion of Personal Information
Right to Correct: Request correction of inaccurate Personal Information
Right to Opt-Out: Of sale, sharing, or targeted advertising
Right to Limit: Sensitive Personal Information use
Right to Non-Discrimination: No penalties for exercising rights

18.4 Sale and Sharing Disclosure:

We do not "sell" Personal Information as defined by CCPA. We may "share" Personal Information for cross-context behavioral advertising with your consent.

18.5 Sensitive Personal Information:

We may process Sensitive Personal Information for:

Performing services requested by consumers
Ensuring security and integrity
Short-term, transient use
Quality and safety maintenance
Legal compliance

19. European Union and UK Rights (GDPR)

For EU and UK residents, we provide comprehensive data protection rights:

19.1 Lawful Basis:

We process Personal Data based on the legal grounds described in Section 7.

19.2 GDPR Rights:

All rights described in Section 12.1, with specific procedures:

Access Requests: Comprehensive data copies and processing information
Rectification: Prompt correction of inaccurate data
Erasure: Right to be forgotten with specific exceptions
Restriction: Temporary limitation of processing
Portability: Machine-readable data formats
Objection: Opt-out of direct marketing and other processing

19.3 Special Category Data:

For sensitive Personal Data, we rely on:

Explicit consent (Article 9(2)(a))
Legal obligations (Article 9(2)(b))
Legitimate interests (Article 9(2)(f))
Other applicable exemptions

19.4 Data Protection Impact Assessments:

We conduct DPIAs for high-risk processing activities and consult with supervisory authorities when required.

19.5 Complaints:

You may lodge complaints with your local Data Protection Authority:

EU: European Data Protection Board (EDPB) member authorities
UK: Information Commissioner's Office (ICO)
Germany: Federal Commissioner for Data Protection and Freedom of Information
France: Commission Nationale de l'Informatique et des Libertés (CNIL)

20. Other Jurisdiction-Specific Rights

20.1 Brazil (LGPD):

Rights to confirmation, access, correction, anonymization, portability
Right to information about public/private data sharing
Right to review automated decisions

20.2 Canada (PIPEDA):

Right to access Personal Information
Right to challenge accuracy and completeness
Right to withdraw consent for non-essential purposes

20.3 Australia (Privacy Act):

Rights to access and correction of Personal Information
Right to make privacy complaints
Notifiable data breach protections

20.4 South Africa (POPIA):

Rights to access, correction, and deletion
Right to object to direct marketing
Right to file complaints with Information Regulator

20.5 Other Jurisdictions:

We comply with applicable privacy laws worldwide and provide rights as required by local legislation.

21. Business Transfers

In the event of a merger, acquisition, sale of assets, or other business transaction:

21.1 Data Transfer:

Personal Data may be transferred as part of business assets, subject to:

Continuation of privacy protections
Notice to affected individuals (where required)
Opportunity to opt-out or delete data
Regulatory approval (where required)

21.2 Due Diligence:

We ensure acquiring parties commit to:

Maintaining equivalent privacy protections
Honoring existing privacy commitments
Complying with applicable privacy laws
Providing appropriate data security measures

21.3 Post-Transaction:

Following business transfers:

Updated privacy notices (if practices change)
Contact information for new data controller
Procedures for exercising privacy rights
Dispute resolution mechanisms

22. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee privacy compliance:

22.1 DPO Responsibilities:

Monitoring privacy law compliance
Conducting privacy impact assessments
Serving as point of contact for supervisory authorities
Providing privacy guidance and training
Handling data subject requests and complaints

22.2 DPO Contact:

Email: contact@agrilinkage.com Address: 1 Erie St, Suite 525, Chicago, Illinois 60611

22.3 Independence:

Our DPO operates independently and reports directly to senior management to ensure unbiased privacy oversight.

23. Dispute Resolution

For privacy-related disputes, we provide multiple resolution mechanisms:

23.1 Internal Resolution:

Contact our Privacy Team: contact@agrilinkage.com
Senior management review for unresolved issues
Response within 30 days of complaint receipt

23.2 External Resolution:

Regulatory complaints to applicable supervisory authorities
Industry arbitration services (where available)
Legal proceedings in appropriate jurisdictions
Alternative dispute resolution mechanisms

23.3 Cross-Border Disputes:

For international users, we participate in:

EU-U.S. Privacy Shield (if certified)
Standard Contractual Clauses dispute resolution
Binding arbitration for certain data transfer disputes
Local dispute resolution mechanisms as required

24. Changes to This Privacy Policy

24.1 Policy Updates:

We may update this Privacy Policy to reflect:

Changes in business practices or services
New legal requirements or regulations
Technological developments and security improvements
User feedback and privacy best practices

24.2 Notification Methods:

Material changes will be communicated through:

Platform announcements and notifications
Email notices to registered users
Website banners and pop-up notifications
Social media and other communication channels

24.3 Effective Date:

Changes become effective:

30 days after notification (for material changes)
Immediately (for minor updates or clarifications)
Upon continued use of Platform (implied consent)
Upon affirmative consent (where required by law)

24.4 Version Control:

We maintain historical versions of our Privacy Policy for reference and compliance purposes.

25. Contact Information

25.1 General Privacy Inquiries:

AgriLinkage LLC
1 Erie St, Suite 525
Chicago, Illinois 60611
Email: contact@agrilinkage.com

25.2 Privacy Rights Requests:

Submit requests through:

Email: contact@agrilinkage.com
Written notice to our Chicago address

25.5 Security Incidents:

Report security concerns to: Email: contact@agrilinkage.com

25.6 Governing Law:

This Privacy Policy is governed by Illinois state law and applicable federal laws. For international users, applicable local privacy laws also apply to the extent they provide greater protection.

Document Classification: Public
Review Frequency: Annual
Next Review Date: September 9, 2026
Approval Authority: Chief Privacy Officer / Data Protection Officer