How StomaSense collects, uses, and protects your data.
StomaSense is an enterprise agricultural intelligence platform developed by Stomata Labs. The application is made available exclusively to authorised users within contracted agricultural organisations. This Privacy Policy explains what data is collected through the StomaSense mobile application, how it is used, and the safeguards in place to protect it.
By using the StomaSense application, you agree to the practices described in this policy. If you do not agree, please discontinue use and contact your organisation's system administrator.
Enterprise use only. StomaSense is not a consumer application. Access is provisioned by your organisation. Stomata Labs does not accept direct public sign-ups or store unsolicited personal data.
We collect only the data necessary to provide the StomaSense service to your organisation.
| Data Type | Description | Collected |
|---|---|---|
| Account credentials | Email address and hashed password used for authentication | Yes |
| Mill & role assignment | Which mill(s) you are associated with and your user role (agronomist, supervisor, admin) | Yes |
| App usage & diagnostics | Crash reports, error logs, and anonymous feature usage events for service improvement | Yes |
| Device location | The app does not request or store GPS location data from your device | No |
| Contacts / camera / microphone | The app does not access device contacts, camera, or microphone | No |
| Payment information | No payment processing occurs within the app | No |
All agricultural imagery, parcel data, and crop statistics displayed within the app are sourced from satellite systems and your organisation's operational records. This data is not personal data under applicable privacy regulations.
Data collected through StomaSense is used solely for the following purposes:
Authentication & access control — Your credentials and role assignment are used to verify your identity and restrict data access to the mills your organisation has authorised for your account.
Service delivery — Mill and role data determines which parcel portfolios, imagery products, and statistics are displayed to you within the application.
Platform reliability — Diagnostic data is used to identify and resolve technical issues, monitor application performance, and improve service stability.
We do not use your data for advertising, profiling, or any purpose unrelated to the delivery of the StomaSense service. We do not sell personal data to any third party.
All user data is stored on infrastructure provided by Supabase (PostgreSQL) and Google Cloud Platform, both of which maintain SOC 2 Type II compliance and employ encryption at rest and in transit.
Access to user records within our systems is restricted to authorised Stomata Labs engineering personnel and is governed by role-based access controls. Passwords are never stored in plain text.
Data is stored in cloud regions within the United States. If your organisation has specific data residency requirements, please contact us prior to deployment.
All data transmission between the StomaSense app and our servers uses TLS 1.2 or higher. Authentication tokens are issued via Supabase Auth and expire automatically per session.
StomaSense integrates with the following third-party infrastructure providers to deliver the service. These providers act as data processors under our instruction and are bound by their respective data processing agreements.
| Provider | Purpose |
|---|---|
| Google Cloud Platform | Cloud compute, object storage (GCS), and container hosting for all processing and tile-serving infrastructure |
| Supabase | Managed PostgreSQL database and authentication services for user and parcel data |
| ESA Copernicus / CDSE | Source of Sentinel-1 and Sentinel-2 satellite imagery. No personal data is transmitted to ESA. |
| Open-Meteo | Public climate data API. No personal data is transmitted. |
We do not integrate with social media platforms, advertising networks, or data brokers.
User account data is retained for the duration of the active service agreement between Stomata Labs and your organisation. Upon termination of the agreement, user records associated with your organisation will be deleted within 90 days unless a longer retention period is required by applicable law.
Diagnostic and usage logs are retained for a maximum of 12 months on a rolling basis.
Depending on your jurisdiction, you may have the right to request access to, correction of, or deletion of personal data we hold about you. You may also have the right to object to or restrict certain processing activities.
To exercise any of these rights, please contact us using the details in the Contact section below. Requests will be responded to within 30 days. Note that some requests may be subject to your organisation's data governance policies, as user accounts are provisioned and managed at the organisational level.
StomaSense is an enterprise application intended solely for professional use by adults within contracted agricultural organisations. We do not knowingly collect data from individuals under the age of 18. If you believe a minor has been granted access to the application in error, please contact your organisation's administrator immediately.
Stomata Labs may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. When material changes are made, the effective date at the top of this page will be updated. Continued use of the StomaSense application following any update constitutes acceptance of the revised policy.
For significant changes, we will notify affected organisations directly via the registered contact email on file.
If you have questions, concerns, or data requests related to this Privacy Policy, please reach out to us directly.
Privacy & data enquiries are handled by our team. We aim to respond to all requests within 5 business days.
rchaitanya@findabilitysciences.com