The General Data Protection Regulation (GDPR) provides residents of the European Union or the European Economic Area (EU/EEA) with additional data protection rights. This GDPR Privacy Notice for EU/EEA Residents (the “GDPR Notice”) supplements the information contained in Ever.Ag’s general Privacy Policy and applies to all visitors, users, and others who are located in the EU/EEA. Any terms defined in Ever.Ag’s general Privacy Policy have the same meaning when used in this GDPR Notice. The GDPR requires us to provide certain information to you about your personal data, which we refer to in this GDPR Notice as your Personal Information.

Data Controller

The data controller for the Websites and Apps is Ever.Ag Corporation. For contact information, see Section 13 of our general Privacy Policy.

Purposes of the Processing

Our general Privacy Policy describes the Personal Information that we collect, use, share, or otherwise process—and the purposes for that processing—in the course of operating our business. Personal Information gathered through cookies and similar tracking technologies is used for the purposes described in our Privacy Policy.

Lawful Basis for the Processing

Generally, we process Personal Information provided by visitors or users through our Websites, Apps or other interactions with us on the basis our legitimate interests in conducting our business. Where we ask for your consent, we process Personal Information on the basis of that consent.

We may also process Personal Information on other bases permitted by the GDPR and applicable laws, such as when the processing is necessary for us to comply with our legal obligations.

Categories of Personal Information

The categories of Personal Information that we process are described in our general Privacy Policy.

Recipients of your Personal Information

We use various service providers to manage our Websites and Apps and provide services such as event registration or managing e-mail communications. Our service providers change from time to time. Note that our service providers have entered into contracts with us that restrict what they can do with your Personal Information. If you would like specific information about our service providers who have received your Personal Information, please contact us at notices@dairy.com and we will provide that information to you. We may also disclose your Personal Information to other categories of third parties as described in Section 5 of our general Privacy Policy.

Transfers of Personal Data Outside of the EU/EEA

Ever.Ag controls and operates our Websites and Apps from our offices in the United States, and that’s where we process Personal Information collected through our Websites and Apps. When you provide Personal Information to us, we request your consent to transfer that Personal Information to the United States. We safeguard your Personal Information by treating it in accordance with this GDPR Notice. We take appropriate steps to protect your privacy and implement reasonable security measures to protect your Personal Information in storage. We use secure transmission methods to collect personal data through our Websites and Apps. We also enter into contracts with our data processors that require them to treat Personal Information in a manner that is consistent with this GDPR Notice.

Retention Period for Personal Information

How long we retain Personal Information varies according to the type of information in question and the purpose for which it is used. We delete Personal Information within a reasonable period after we no longer need to use it for the purpose for which it was collected (or for any subsequent purpose that is compatible with the original purpose). This does not affect your right to request that we delete your personal data before the end of its retention period. We may archive personal data (which means storing it in inactive files) for a certain period prior to its final deletion, as part of our ordinary business continuity procedures.

Your Data Subject Access Rights

You have the right to request access to your personal data, to have your personal data corrected, restricted or deleted, to withdraw any consent that you have given to the processing of your personal data (without affecting the lawfulness of the processing prior to your withdrawal of consent) and to object to our processing of your personal data. You also have the right of data portability in certain circumstances, which means that you can request that we provide you (or a third party you designate) with a transferable copy of Personal Information that you have provided to us. Your rights may be subject to various limitations under the GDPR. If you wish to exercise any of these rights, or if you have any concerns about our processing of your personal data, please contact us in any of the ways listed in Section 13 of our general Privacy Policy.

The Right to File a Complaint with a Supervisory Authority

You have the right to file a complaint concerning our processing of your personal data with your national (or in some countries, regional) data protection authority. The EU Commission has a list here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

The data protection authority for the United Kingdom is the Information Commissioner’s Office (www.ico.org.uk).

The federal data protection authority for Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/task.html.

No Requirement to Provide Personal Data

You are under no statutory or contractual requirement or other obligation to provide Personal Information to us, but it will not be possible to use our Websites or Apps without doing so.

Changes to Our GDPR Privacy Notice for EU/EEA Residents

Ever.Ag reserves the right to update this GDPR Notice at any time without notice to you. Your continued use of our Websites and Apps following the posting of changes constitutes your acceptance of such changes.