Indigo places the greatest priority on the privacy and protection of our customers’ and users’ data. We recognize that when you share information with us, you are entrusting us with something valuable and significant. We appreciate your trust and honor that trust by managing your information with the highest standards of care. Our policies and practices are designed to give you control over how your data is used and to safeguard your data against security threats.
- Farmers and other Indigo customers and users can decide what organizations to share their personal data with. (See note 1.) Personal data that an individual shares with Indigo will never be shared by Indigo with another organization, without the
- Farmers and other customers and users have the right to know how their data is being used by Indigo, the right to export their data from Indigo, and the right to request that Indigo delete their data. (See note 2.)
- With consent from an individual, Indigo may grant a collaborating organization the right to access and manage the individual’s data on their behalf in order to maximize business opportunities and improve customer experience for that individual. (See note 3.)
- The data integrity policy for our Carbon by Indigo program has been vetted by a respected independent organization: Ag Data Transparent. Their guidelines for collecting, analyzing, storing, and using farmer data, Privacy & Security Principles
for Farm Data, are an important benchmark. We are proud to be Ag Data Transparent (ADT)-certified, along with companies like John Deere and Nutrien Ag Solutions.
- Indigo complies with all applicable data privacy and security regulations, including the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Brazil General Data Protection Law (LGPD).
- Indigo employs a wide set of modern information security policies and practices for the protection of user data and Indigo systems. These include multi-factor authentication, data encryption, the use of firewalls, and many other safeguards. In
addition, we require the use of secure browsers to access user accounts and our networks are monitored 24/7.
- Indigo uses encryption to protect user information both when it is stored in our systems and while moving across our
network between systems.
- Indigo maintains stringent physical, administrative, and technical safeguards to protect user information. Our employees
and third-party service providers have access to user information only on a “need to know” basis. We conduct regular internal audits of our business practices and procedures to protect user information.
- Indigo’s information security controls are validated through annual, independent third-party security reviews as well as regular penetration tests.
- Indigo conducts regular employee education to guide our employees on security policies and practices. We require periodic training for all personnel, and those who collaborate directly with customers and other users receive additional training on the latest methods used by criminals to attack information systems or attempt to take over users’ accounts.
- This excludes entities that provide processing, analytical, and computational services. Like any modern company, Indigo relies on third parties to provide services such as cloud computing services.
- In some cases, where data is required for a farmer or other user to participate in an Indigo program, deletion of certain data may affect continued eligibility for the program or may not be possible.
- Collaborating organizations include organizations (such as cooperatives, retailers, and other product and service providers) that work with Indigo to provide solutions and services to farmers, agribusinesses, and other industry participants.