Legal · Privacy · Data Protection

Privacy Policy

This Privacy Policy explains how FildraAI collects, uses, and protects your information when you use our website, FieldVision image analysis, FieldGuide guidance, fieldmap services, and when you sign in with Google Single Sign-On (SSO) through AWS Cognito.

Effective: 2026
Last Updated: 2026
Important Notice

FildraAI is not designed to store highly sensitive personal information such as government ID numbers, passwords, banking details, or medical records about people. Please do not include this type of information in prompts, uploads, or chat messages.

1. Information We Collect

1.1 Authentication & Account Data

When you sign in using Google SSO, authentication is handled by Google and AWS Cognito. We do not receive your Google password. We collect:

  • Basic profile information from Google (name, email address, profile image URL)
  • Authentication identifiers (Google subject ID, Cognito user ID)
  • Account metadata (creation date, plan type, language preference, feature settings)
  • Session tokens for authentication and security

1.2 Usage & Content Data

  • Chat messages, prompts, and AI responses in FieldGuide
  • Agricultural images uploaded to FieldVision with associated metadata (crop type, location, suspected disease)
  • fieldmap inputs and outputs (field descriptions, weather data features, model predictions)
  • Geographic context (country, province, district, crop type, season, management practices)
  • Usage metrics (timestamps, feature usage, error logs, performance data)

1.3 Device & Technical Data

  • IP address and approximate geographic location
  • Browser type, operating system, device information
  • Error logs, timeouts, and performance metrics
  • Cookies and session management tokens

1.4 Organizational Data

  • Organization name, contact person, billing details
  • User lists and access roles for team workspaces
  • Configuration settings (crops of interest, regions, integrations)

2. Where Your Data Lives

FildraAI runs on Amazon Web Services (AWS). We use encrypted storage and managed services. Here's transparency on our main data tables:

2.1 Users Table (Identity & Accounts)

  • Stores core account records: user_id, cognitoSub, email, display name, metadata
  • Includes plan type, language preferences, feature flags
  • Does not store passwords (handled by Google and AWS Cognito)

2.2 Chats Table (Conversations)

  • Stores chat sessions, messages, prompts, and AI responses
  • Includes references to uploaded images, crop context, model selections
  • May use time-to-live (TTL) for automatic cleanup after defined periods
  • Used for history, quality improvement, debugging, and usage analysis

2.3 Context Tables (Personalization)

  • UserContext: Stores farming context (crops, regions, suppliers) for consistent recommendations
  • ContextEvolution: Tracks changes to context over time with timestamps
  • Used only for personalization, not shared with advertisers or third parties
  • May use TTL to clean up inactive profiles per retention policies

2.4 fieldmap Jobs & Artifacts

  • fieldmapJobs: Records each analysis run with job_id, user_id, status, settings
  • fieldmapArtifacts: References to reports, features, outputs stored in S3
  • Used for analysis history, result reproduction, model improvement

2.5 Connections Table (Real-time Sessions)

  • Stores WebSocket connection IDs for live updates
  • Contains minimal information (connectionId, session_id)
  • Short-lived, automatically cleaned up when connections close

3. How We Use Your Information

3.1 Service Operation

  • Authenticating users via Google SSO and AWS Cognito
  • Processing images, text, field data for AI insights
  • Providing localized guidance based on location and weather
  • Maintaining system stability and security

3.2 Model Improvement

  • Debugging and troubleshooting reported issues
  • Improving model performance with de-identified data
  • Updating agronomy knowledge bases
  • Calibrating risk warnings and predictions

3.3 Communication

  • Sending service notices and important updates
  • Sharing product updates and beta features
  • Responding to support requests
  • Educational content (with permission)

3.4 Safety & Compliance

  • Preventing misuse and platform abuse
  • Protecting user rights and security
  • Complying with legal obligations
  • Responding to lawful requests

4. Information Sharing

We Do Not Sell Personal Data

We do not sell, rent, or trade your personal information to third parties for their independent commercial purposes.

We May Share Information With:

  • Service Providers: Cloud providers (AWS), authentication providers (Google, AWS Cognito), analytics, logging, and email services under data protection agreements.
  • Legal Compliance: Authorities or regulators when required by law or necessary to protect rights and safety.
  • Business Transfers: Another entity during mergers, acquisitions, or asset sales, with privacy rights preserved.

5. Data Retention

Early Access Phase

During our pilot and early access phases, we retain data to improve guidance quality, monitor performance, and understand platform usage. You may request deletion of your personal data where technically and legally possible.

We retain data only as long as necessary for the purposes described in this policy or as required by law:

  • Account Information: Retained while account is active and for reasonable period afterward for security and audit.
  • Chat & Image Data: Retained during use and for product improvement; some records may have automated TTL cleanup.
  • Analytics & Logs: Aggregated or pseudonymized where possible, retained for reliability and security.
  • Support Communications: Retained for reasonable period to resolve issues and maintain support history.

6. Your Rights and Choices

6.1 Data Access

Request a summary of personal data we hold about you in our core systems.

6.2 Data Deletion

Request deletion of your personal data and account, subject to technical feasibility and legal obligations.

6.3 Data Correction

Update or correct inaccurate account or profile information.

6.4 Communication Preferences

Opt out of non-essential emails while receiving important service notices.

To exercise these rights, please contact us with details to identify your account. We will respond within a reasonable timeframe per applicable law.

7. Data Security

We use technical and organizational measures to protect your data from unauthorized access, alteration, or destruction. No system is completely secure, but we work to reduce risk and respond quickly to issues.

  • Encryption of data in transit (HTTPS) and at rest in core storage services
  • Access controls and authentication for administrative tools and production environments
  • Logging and monitoring to detect unusual activity or potential abuse
  • Regular updates to infrastructure components and libraries

8. International Transfers & Children

  • Depending on your location, your data may be processed in countries with different data protection laws. We take steps to protect information per this policy and applicable law.
  • FildraAI is not intended for children under the age where they can legally consent to data processing in their country. If a child has provided data without consent, please contact us.

9. Contact Us

If you have questions about this Privacy Policy, our use of Google SSO and AWS Cognito, or how we store data, please contact us:

Contact Methods

Email/Form: Contact Us
Subject: Privacy or Data Protection Question

Policy Updates

We may update this Privacy Policy as we add features or change how FildraAI works. Significant changes will be communicated via email or website notice. Continued use after changes means you agree to the updated policy.

Table of Contents

Related Documents

Legal Note

This Privacy Policy explains our practices clearly but does not constitute legal advice. Organizations using FildraAI should seek their own legal guidance as needed.