Privacidade & cookies

Privacidade e cookies

Agroop recognizes the importance of protecting personal data and is deeply committed to ensuring the privacy, security, and transparency of how it handles the information of its Customers and Users. This Privacy and Cookies Policy describes how we collect, use, store, share, and protect personal data within the Agroop ecosystem — including the Farmoot software, mobile applications, the www.agroop.net website, integrated hardware, and any complementary services.

We recommend that you read this Policy carefully before browsing our website, using our services, or providing any personal data.

1. Introduction and Scope of the Policy

This Policy applies to all Customers and Users who interact with the Agroop System, regardless of the medium used (website, web application, mobile applications, integrated hardware, or electronic communications). By using our services, browsing our website, or providing us with your personal data, you acknowledge that you have read, understood, and accepted the terms described herein.

Agroop operates in compliance with the General Data Protection Regulation (GDPR), applicable Portuguese legislation, and the guidelines of supervisory authorities, namely the Portuguese Data Protection Authority (CNPD).

This Policy also explains the use of cookies and similar technologies, detailing the types of cookies used, their purposes, and the management options available to the User.

Agroop reserves the right to update or amend this Policy whenever necessary to reflect legal, technological, or operational changes. The updated version will always be published on the website. Periodic consultation of this document is recommended.

Last updated: January 12, 2026.

2. Definitions

For the purposes of this Privacy and Cookies Policy, the following definitions apply:

Company: Refers to EAGROOP, Lda., the entity responsible for developing, maintaining, and providing the Agroop System, as well as processing personal data under the terms described herein.

System: The set of solutions provided by Agroop, including the Farmoot software, the website www.agroop.net, mobile applications, integrated hardware, and any associated digital or on-site services.

Software: The digital agricultural management platform provided by Agroop, accessible through the web application (app.agroop.net) and the mobile applications for iOS and Android, collectively referred to as Farmoot.

Service(s): The functionalities, content, data, tools, indicators, and resources made available within the Agroop System, including technical support, consultancy, agricultural monitoring, and any complementary services.

Hardware: Physical devices that can be integrated into the Agroop System, such as sensors, weather stations, flow meters, gateways, and other telemetry equipment, whether owned by Agroop or by its partners.

User: A natural person who holds access credentials to the Software and, by using it, accepts these Terms and Conditions.

Customer: A natural or legal person with full legal capacity to enter into agreements and who acquires or uses the Agroop System or any associated Services.

Partner(s): A natural or legal person authorised by Agroop to sell, represent, integrate, or distribute products and services associated with the Agroop System, nationally or internationally.

Cookies: Small files stored on the User’s device, used to remember preferences, improve navigation experience, personalise content, or collect statistical data.

Other Technologies: Alternative mechanisms to cookies, such as web beacons, pixels, SDKs, local storage, or device identifiers, used for technical, analytical, or marketing purposes.

3. Collection of Personal Data

Agroop collects different categories of personal data to ensure the proper functioning of the Agroop System, improve the quality of the Services provided, and comply with legal obligations. Data may be collected through the website, the web application, mobile applications, forms, electronic communications, or hardware installed in the field.

Data provided directly by the Customer/User, including:

- Full name;
- Email address;
- Telephone number;
- Data related to billing and contractual management (when applicable);
- Information provided when completing forms, requesting support, creating an account, or subscribing to services.

Data collected automatically through the Software or website:

- IP address, browser type, language, operating system;
- Date and time of access, visited pages, and interactions within the website or application;
- Device identifiers;
- Session tokens and technical data required for authentication;
- Cookies and Other Technologies used for functional, analytical, or marketing purposes.

Data collected through integrated hardware, depending on the equipment used:

- Soil sensor data (temperature, humidity, conductivity, etc.);
- Meteorological data (temperature, precipitation, wind, radiation, etc.);
- Flow meter or water meter readings;
- Telemetry signals sent by gateways or associated devices;
- Technical data required for diagnostics, maintenance, and proper functioning of the equipment.

These data are used exclusively within the scope of the Customer’s agricultural operations and in accordance with the purposes defined in this Policy.

Data obtained from third parties or partners, including:

- Providers of meteorological information and satellite imagery;
- Partners supplying compatible hardware;
- Subcontracted entities providing support or data hosting services.

In such cases, data processing always respects contractual limits and the GDPR.

The Customer/User may refuse to provide certain personal data; however, such refusal may prevent access to essential functionalities, the correct provision of services, or the ability to respond adequately to support requests.

4. Purposes of Data Processing

Agroop processes personal data lawfully and transparently, only for specific, explicit, and legitimate purposes. Data will not be used for purposes incompatible with those for which they were collected.

Provision and management of Services:

- Creation, management, and authentication of User accounts;
- Providing access to the Farmoot Software and its functionalities;
- Integration, display, and processing of data collected through hardware;
- Ensuring the operational functioning of the Agroop System;
- Providing technical support and responding to assistance requests.

Execution of contracts and pre-contractual procedures:

- Processing orders, subscriptions, and renewals;
- Billing, payment management, and fulfillment of financial obligations;
- Evaluation and implementation of hardware acquisition or integration requests.

Essential operational communications:

- Notifications related to the functioning of the System;
- Communication of technical updates, maintenance, feature changes, or important notices;
- Alerts regarding subscription renewal, contractual deadlines, or actions required to ensure service continuity.

These communications do not require additional consent.

Improvement and optimization of the Agroop System:

- Analyzing Software usage to improve performance, stability, and security;
- Developing new features, models, algorithms, and agronomic indicators;
- Internal testing, statistical analysis, and aggregated non-identifiable studies.

Compliance with legal obligations:

- Tax, accounting, or billing requirements;
- Security, audit, or fraud prevention obligations;
- Responses to judicial or regulatory authorities.

Optional marketing communications (subject to consent):

- Informational campaigns;
- Updates about new products, features, or services;
- Educational content and institutional announcements.

Consent may be withdrawn at any time.

Data collected through integrated hardware:

- Calculation of agronomic indicators and analysis of parameters (irrigation, soil moisture, precipitation, etc.);
- Generation of graphs, reports, and alerts for the Customer.

Hardware data may also be used to produce aggregated or anonymized analyses, models, statistics, or indicators for agronomic studies, service improvement, or development of new functionalities. Under no circumstances will data be disclosed that could identify the Customer, the exact location of their farm, or any individualized information.

Sharing with third parties will occur only when data are aggregated or anonymized, or when technically necessary for service provision (e.g., integration with meteorological data providers), always ensuring the protection of the Customer’s identity.

5. Legal Bases for Data Processing

Agroop processes personal data only when there is a valid legal basis under the General Data Protection Regulation (GDPR). Depending on the type of interaction with the Agroop System, processing may rely on one or more of the following legal bases:

Performance of a contract or pre-contractual steps:

Used when data processing is necessary to:

- Create and manage User accounts;
- Provide the contracted Services;
- Process orders, renewals, and billing;
- Integrate and configure hardware.

This basis applies whenever the Customer/User uses the Agroop System under a contractual relationship.

Compliance with legal obligations:

Agroop may process personal data to comply with:

- Tax and accounting obligations;
- Requests from public or judicial authorities;
- Fraud prevention and security requirements.

Agroop’s legitimate interest:

Personal data may be processed when necessary to:

- Ensure the security and proper functioning of the System;
- Improve performance and develop new functionalities;
- Process aggregated and anonymized data for analysis and internal research;
- Send essential operational communications that do not require consent.

Agroop ensures that its legitimate interest never overrides the fundamental rights and freedoms of data subjects.

Explicit consent from the Customer/User:

Required for specific actions such as:

- Marketing communications;
- Participation in studies or research projects;
- Use of non-essential cookies.

Consent may be withdrawn at any time without affecting the lawfulness of prior processing.

6. Data Retention

Agroop retains personal data only for the period strictly necessary to fulfil the purposes for which it was collected, in accordance with applicable legal requirements and the GDPR principles of data minimisation and storage limitation.

Retention periods vary depending on the type of data and its purpose:

Account and authentication data

Retained for as long as the User’s account remains active.

Upon a deletion request, data will be permanently removed within a maximum of 30 days, unless additional retention is legally required.

System and Software usage data

May be retained as long as necessary to:

- Ensure the functioning, security, and maintenance of the System;
- Develop and improve features;
- Comply with operational and contractual requirements.

Technical data may be stored in aggregated or anonymised form after account deletion.

Financial, billing, and transaction data

Retained for the legally required period (10 years) under Portuguese tax and accounting laws.

Data collected through integrated hardware and agronomic data

Retained for as long as the Subscription remains active.

After cancellation:

- The Customer will no longer have access to this data;
- Agroop may retain anonymised or aggregated data for statistical analysis, service improvements, or internal research.

Backup systems

Backup repositories may retain residual copies of deleted data for up to 90 days, strictly for operational recovery in cases of technical failure, incident, or disaster.

Throughout the entire retention period, all data remains subject to the same security measures outlined in this Policy.

7. Rights of Data Subjects

Under the General Data Protection Regulation (GDPR) and applicable Portuguese law, Customers and Users have the right to exercise, at any time, a set of rights concerning the processing of their personal data. Agroop ensures that these rights are exercised transparently, free of charge, and within legally established time limits.

Data subjects have the right of access, which includes confirming whether their data is being processed, accessing the data, and obtaining additional information about the processing activities.

They also have the right to rectification, allowing them to correct inaccurate data or complete incomplete information.

Users may request the erasure of their personal data when:

- the data is no longer necessary for the purposes for which it was collected,
- the User withdraws the consent on which processing is based,
- the User objects to the processing and no overriding legitimate interests remain, or
- the data has been processed unlawfully.

Erasure may be delayed when retention is legally required, particularly for tax, accounting, or contractual compliance purposes.

Data subjects have the right to restriction of processing in situations such as:

- contesting the accuracy of the data,
- unlawful processing where the individual opposes deletion,
- when Agroop no longer needs the data for its original purposes, but the data subject requires it for legal claims.

Users have the right to object to the processing of their personal data when it is based on Agroop’s legitimate interests, unless compelling legal grounds override those interests or processing is required for legal claims.

When processing is carried out for direct marketing purposes, any objection produces an immediate effect.

Where processing is based on consent, the User has the right to withdraw consent at any time, without affecting the lawfulness of prior processing.

Data subjects also have the right to data portability, allowing them to receive personal data concerning them in a structured, commonly used, and machine-readable format, and to request its transfer to another controller, where technically feasible.

Finally, Users have the right to lodge a complaint with the competent supervisory authority. In Portugal, this authority is the Comissão Nacional de Proteção de Dados (CNPD).

To exercise any of these rights, Customers/Users may contact Agroop through the channels listed in the final section of this Policy.

8. Data Security

Agroop implements appropriate technical, organisational, and administrative measures to protect personal data against unauthorised access, loss, destruction, improper disclosure, or any form of unlawful processing. These measures include, among others, encryption, access controls, internal security policies, data segregation, protected infrastructure, and continuous system monitoring.

Personal data processed within the Agroop System is stored on secure servers hosted by certified infrastructure providers (including Google Cloud), which ensure high standards of security, resilience, redundancy, and service continuity. Access to personal data is restricted to employees, technicians, or service providers who require such information to perform their duties, all of whom are bound by contractual confidentiality obligations.

Despite the measures implemented, no information system is entirely immune to risks. Therefore, while Agroop strives to protect all processed personal data, it cannot guarantee absolute security against cyberattacks, technological failures, unauthorised access, or other unforeseeable incidents. In the event of a personal data breach that may pose a risk to the rights and freedoms of data subjects, Agroop commits to:

- notify the competent supervisory authority (CNPD) within the legally required timeframe;
- inform affected data subjects when legally mandatory;
- adopt immediate corrective measures to mitigate the impact and prevent future occurrences.

The protection of access credentials (such as passwords) is the direct responsibility of the Customer/User. Agroop recommends the use of strong passwords, the non-sharing of credentials, and the adoption of secure practices, including logging out on shared or public devices.

9. Cookies and Similar Technologies

The Agroop website, the Farmoot Software, and the mobile applications use cookies and other technologies to ensure the proper functioning of the System, improve the user experience, analyse navigation patterns, and, where applicable, present personalised content.

What are cookies?

Cookies are small files stored on the User’s device that allow the browser to be recognised, preferences to be saved, sessions to be identified, system performance to be improved, and statistical information to be collected.

Similar technologies — such as web beacons, pixels, SDKs, local storage, or device identifiers — may perform equivalent or complementary functions.

Types of cookies used by Agroop:

- Essential cookies – required for the System to function and to enable core operations such as authentication, session maintenance, security, and access to basic features. Without these cookies, the Software or website may not function properly.
- Performance and analytics cookies – used to measure System usage, identify errors, optimise performance, analyse navigation patterns, and improve stability and functionality. These cookies collect aggregated data and do not directly identify the User.
- Functional cookies – allow the System to remember user-defined preferences, configurations, or parameters (e.g., language, view settings, filters, or interaction preferences), contributing to a more consistent experience.
- Personalisation and marketing cookies (optional) – may be used to display relevant content, informative campaigns, or communications tailored to the User’s interests. These cookies are only activated with prior consent.

Refusing them does not affect access to the System but may limit personalisation.

How to manage cookies

The User may manage, limit, or disable cookies through browser settings or the options provided within the platform (when applicable).

Disabling essential cookies may compromise the website’s operation or prevent access to the Farmoot Software.

Third-party cookies

Some content integrated into the Agroop System (e.g., maps, videos, weather data sources, or analytics components) may use third-party cookies.

These third parties are responsible for their own privacy practices, and the User should consult their respective policies when applicable.

Other Technologies

In addition to cookies, the System may use technologies such as web beacons or persistent identifiers to:

- measure interaction with pages and emails;
- ensure authentication and security;
- collect statistical data;
- detect errors or abnormal behaviour;
- improve mobile application performance.

The use of these technologies complies with GDPR principles and will never be employed to collect personal data without a lawful basis or, when required, without the User’s consent.

10. International Data Transfers

Agroop may transfer personal data outside the European Economic Area (EEA) when necessary for the operation of the Agroop System—namely when using service providers for infrastructure, storage, processing, or support located in third countries.

Whenever such transfers occur, Agroop ensures full compliance with the General Data Protection Regulation (GDPR), guaranteeing that:

- Data is transferred only to countries for which the European Commission has issued an adequacy decision; or
- When no adequacy decision exists, appropriate safeguards are implemented, such as Standard Contractual Clauses approved by the European Commission, certification mechanisms, binding rules applicable to processors, or other protections recognised by the GDPR.

Agroop ensures that all providers involved in personal data processing offer levels of security and protection equivalent to those required within the European Union, particularly regarding confidentiality, integrity, availability, and protection against unauthorised access.

When necessary, additional security measures may be implemented, including encryption, pseudonymisation, data minimisation, and reinforced access controls.

The User may request additional information about international transfers, including the list of countries involved and the safeguards applied, by contacting Agroop using the contact details provided in this Policy.

11. Data Sharing with Third Parties and Subprocessors

Agroop may share personal data with third parties only when necessary to ensure the operation of the Agroop System, comply with legal obligations, or deliver services contracted by the Client. Any such sharing is carried out in strict accordance with the GDPR and follows the principles of necessity, proportionality, and data minimisation.

Agroop may engage subprocessors that provide services such as data hosting, technical maintenance, cloud infrastructure, IT support, payment processing, hardware integration, or communication delivery. In these cases, personal data processing is governed by a written contract ensuring that the subprocessor:

- acts solely on Agroop’s documented instructions,
- implements appropriate security measures, and
- does not use the data for any purposes other than the contracted services.

Personal data may also be shared with providers of meteorological data, partners responsible for hardware integration, or entities supplying components or content required for the operation of the Agroop System. Where applicable, these third parties receive only the data strictly required and are prohibited from using it for unrelated purposes.

Agroop may also disclose personal data when required by law, by court order, or by request of competent public authorities, limiting the disclosure to what is strictly necessary.

Whenever data is shared with third parties located outside the European Economic Area, the safeguards described in the section on international data transfers apply.

Agroop does not sell personal data to third parties, nor does it use such data for commercial purposes outside the scope defined in this Policy.

12. Data Controller and Data Protection Officer (DPO)

The entity responsible for the processing of personal data described in this Policy is:

EAGROOP, Lda.

Elospark II, Estrada de São Marcos 33, Escritório 11

2735-521 Sintra, Portugal

Agroop ensures the management and protection of all personal data processed within the Agroop System, guaranteeing full compliance with the General Data Protection Regulation (GDPR) and applicable Portuguese legislation.

Where legally required, or whenever the nature of its operations justifies it, Agroop may appoint a Data Protection Officer (DPO). When designated, the DPO is responsible for monitoring compliance with data protection practices, responding to inquiries from data subjects, and cooperating with the supervisory authority.

Contact for the Data Protection Officer (when applicable): info@agroop.net

(If this address does not yet exist, this section can be adapted or a placeholder may be defined.)

13. Contact Details for Exercising Rights

Users and Clients may exercise their rights of access, rectification, erasure, restriction, objection, data portability, or withdrawal of consent through the following channels:

Email (privacy and general inquiries): info@agroop.net

Technical support email: support@agroop.net

Postal Address (Office):

Agroop – Elospark II

Estrada de São Marcos 33, Escritório 11

2735-521 Sintra, Portugal

Telephone: (+351) 934 691 703

All requests will be reviewed and answered within a maximum of 30 days, which may be extended when necessary due to the complexity of the request. Agroop may request additional information to verify the identity of the data subject before responding.

14. Changes to This Policy

Agroop reserves the right to update or amend this Privacy and Cookies Policy at any time whenever necessary to reflect legal, technological, operational, or functional changes within the Agroop System.

Whenever significant changes occur, Agroop will:

- Publish the updated version on the website www.agroop.net;
- Notify Users/Clients by email or through the Farmoot Software when relevant.

Continued use of the Agroop System after the publication of a new version of this Policy will be considered acceptance of its terms.

The version in force is always the one whose update date appears at the beginning of this document.