Common use of Personal Data Security Clause in Contracts

Personal Data Security. 13.1. In the course of providing the services and delivering the Products, the Company collects personal data from the Clients and in particular the following data : - names ; - first names ; - e-mail address ; - address ; - phone number ; - details of your correspondence with us, including assistance ; 13.2. The Company invites Customers to refer to the Company's privacy policy available here. 13.3. In this regard, Customers are informed that the Company attaches great importance to privacy and takes all necessary measures to ensure the confidentiality and security of Customers' personal data. Specifically, the Company undertakes to: • to maintain a double authentication security level, • to keep the infrastructures up to date, to limit access to the data according to the needs, • to prohibit the capture of sensitive information, • to securely manage data backup and restoration mechanisms. In addition, the Company is committed to : • Maintain a secure and up-to-date fleet of machines within the entire team. • Train team members to detect risky practices (downloading third-party tools, screen sharing, password management, telephone solicitation). • Ensure maximum discretion regarding exchanges of personal information. • Use secure and standardized means of communication within the team (email client, instant messaging, internal wiki, etc.) 13.4. In the course of providing the Products, Customers are informed that they are using a software application on which personal data may be transmitted : • Data present in the MYFOODHUB application : o By default : sensor values, data sending times, user IDs, SIGFOX IDs, approximate GPS coordinates, greenhouse types, options, greenhouse photos. o For those who have agreed to share information for visits: phone number, email address, preferred time for contact. • Data present in the MYFOODAPP application : o Sensor values, data sending times, technical logs • Data present in the MYFOOD online store : o Identifiers, delivery address, cart contents. • Data present on the internal ERP system : o Customer file, orders, invoices, after-sales service communication history. These applications are secure and the Company makes the following commitments in this regard: • To use and share anonymized data (no reference to the identity of Customers or their location, unless implicitly agreed). • Protect the integrity and content of the database, secure the platform against potential threats. 13.5. Finally, Customers are informed that the Company uses third-party service providers to manage Customer data. The limited choice of these platforms results from a compromise between their functional aspect and their level of maturity in terms of information security. Access to these platforms is done internally via a centralized password manager (double security level). The following platforms are used: SIGFOX BACKEND - SIGFOX message reception Data used: SIGFOX message, SIGFOX identifier, anonymized name, Client number MAILCHIMP - Sending mail campaign Data used: email, name, first name, customer number Used data: activity rate on the mail campaigns, activity rate on the actions (button activation) TYPEFORM - Online form Data used: content entered in the form (identifier, answers) GOOGLE ANALYTICS - ADWORDS - Statistics on the XXXXXX.XX website In a transversal way, we have technical tools allowing to measure the interaction levels on the site in an anonymized way. Types of interaction measured: number of visitors, pages visited, bounce rate, source of traffic etc.

Personal Data Security. 13.1. In the course of providing the services and delivering the Products, the Company collects personal data from the Clients and in particular the following data data: - names • names; - • first names names; - • e-mail address address; - address • address; - • phone number number; - • details of your correspondence with us, including assistance assistance; 13.2. The Company invites Customers to refer to the Company's privacy policy available here. 13.3. In this regard, Customers are informed that the Company attaches great importance to privacy and takes all necessary measures to ensure the confidentiality and security of Customers' personal data. Specifically, the Company undertakes to: • to maintain a double authentication security level, • to keep the infrastructures up to date, to limit access to the data according to the needs, • to prohibit the capture of sensitive information, • to securely manage data backup and restoration mechanisms. In addition, the Company is committed to to: • Maintain a secure and up-to-date fleet of machines within the entire team. • Train team members to detect risky practices (downloading third-party tools, screen sharing, password management, telephone solicitation). • Ensure maximum discretion regarding exchanges of personal information. • Use secure and standardized means of communication within the team (email client, instant messaging, internal wiki, etc.) 13.4. In the course of providing the Products, Customers are informed that they are using a software application on which personal data may be transmitted transmitted: • Data present in the MYFOODHUB application application: o • By default default: sensor values, data sending times, user IDs, SIGFOX IDs, approximate GPS coordinates, greenhouse types, options, greenhouse photos. o • For those who have agreed to share information for visits: phone number, email address, preferred time for contact. • Data present in the MYFOODAPP application application: o • Sensor values, data sending times, technical logs • Data present in the MYFOOD online store : o • Identifiers, delivery address, cart contents. • Data present on the internal ERP system : o • Customer file, orders, invoices, after-sales service communication history. These applications are secure secure, and the Company makes the following commitments in this regard: • To use and share anonymized data (no reference to the identity of Customers or their location, unless implicitly agreed). • Protect the integrity and content of the database, secure the platform against potential threats. 13.5. Finally, Customers are informed that the Company uses third-party service providers to manage Customer data. The limited choice of these platforms results from a compromise between their functional aspect and their level of maturity in terms of information security. Access to these platforms is done internally via a centralized password manager (double security level). The following platforms are used: SIGFOX BACKEND - SIGFOX message reception Data used: SIGFOX message, SIGFOX identifier, anonymized name, Client number MAILCHIMP - Sending mail campaign Data used: email, name, first name, customer number Used data: activity rate on the mail campaigns, activity rate on the actions (button activation) TYPEFORM - Online form Data used: content entered in the form (identifier, answers) GOOGLE ANALYTICS - ADWORDS - Statistics on the XXXXXX.XX website In a transversal way, we have technical tools allowing to measure the interaction levels on the site in an anonymized way. Types of interaction measured: number of visitors, pages visited, bounce rate, source of traffic etc.