Privacy Policy

Effective date: 4 September 2025
Last updated: 4 September 2025

1. Introduction / scope

Open Weed Locator (“we”, “us”, “our”, “OWL”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what personal data we collect via https://openweedlocator.org/ (the “Site”), why we collect it, how we use and share it, how long we keep it, and your rights under applicable data protection law.

If you have questions about this policy or our data practices, please contact us via the Site contact form.

PLEASE REVIEW THIS PRIVACY POLICY CAREFULLY. By using our Services, you agree to the collection, disclosure and use of information in accordance with this Privacy Policy.

IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS OR USE THE SERVICES.

2. Information we collect

Contact form (volunteered personal data)

When you use the Site’s Contact form we collect the fields you submit: Name, Email, Phone (if provided), Message and any other optional fields you complete. The contact form also records the explicit consent checkbox if you tick it. We use this data to respond to your enquiry.

Technical and cookie data

We use a consent management platform (Cookiebot) to detect and manage cookies and trackers. Depending on your choices, cookies may include: 

• necessary cookies (site functionality),
• preference cookies,
• statistics/analytics cookies, and 
• marketing cookies. 

Cookiebot records and implements your consent choices, adjustable and revokable via the banner, button or browser.

Third-party services and public contributions

If you use or follow links to third-party services linked from the Site, for example GitHub, or documentation (hosted by ReadTheDocs), those services may collect data about you under their own privacy terms. Content you post to third-party platforms is governed by those platforms’ policies.

3. Legal bases for processing (GDPR)

Where processing is subject to the GDPR, we rely on one or more of the following legal bases:

• Consent, when you provide consent (for example, via the Contact form checkbox or cookie consent banner). You can withdraw consent at any time.
• Legitimate interests, to operate and improve the Site, respond to enquiries, and prevent abuse, provided your interests do not override ours.
• Legal obligation, where required to comply with law.

4. How we use personal data

We use personal data for these purposes:

• To respond to enquiries sent via the Contact form (reply, follow-up, provide support).
• To operate, maintain and improve the Site (analytics, diagnostics), subject to the cookies and consent you allow.
• To comply with legal or regulatory obligations, to protect our rights and safety, and as otherwise communicated at the time of collection.

We do not sell your personal data.

5. Cookies and consent management

We use Cookiebot to scan the Site, identify cookies and trackers, and collect and store consent choices. The cookie categories we may use (depending on your choices) are: Necessary, Preferences, Statistics, and Marketing. You can change or withdraw consent at any time via the Cookiebot banner on the Site or by adjusting your browser settings.

6. Sharing and disclosure (third parties)

We may share personal data with:

• Service providers / processors who perform services on our behalf (e.g., Cookiebot, web hosting, email provider). We contractually require these providers to protect data.
• Third-party platforms you choose to use (e.g., GitHub). Data you post there is governed by those platforms’ own terms and privacy policies.
• Law enforcement, courts or regulators when required by law or to protect safety or rights.

If any processor stores or processes data outside the European Economic Area (EEA), we will ensure lawful transfer mechanisms are in place (for example, Standard Contractual Clauses) or we will inform you.

7. Retention periods

We retain personal data only as long as necessary for the purposes for which it was collected or as required by law:

• Cookies and analytics: retained according to the cookie provider and your consent choices; aggregated/anonymised statistics may be kept longer.

8. Security

We use appropriate technical and organisational measures to protect your data (for example HTTPS/TLS, access controls, and regular updates). No internet transmission is completely secure; if you suspect a breach, contact us at the email address below.

Where required by law, we will notify the supervisory authority of reportable breaches without undue delay and, if necessary, notify affected data subjects.

9. Your rights and how to exercise them (EU/EEA residents)

If you are located in the EU/EEA you have rights including: access, rectification, erasure, restriction, portability, objection, and the right to withdraw consent. 

To exercise your rights or to ask about this Privacy Policy, please contact us at contact[at]openag.tech with “Data Subject Request” in the subject line and include:

• your name 
• email used with us 
• description of the request
• any documents for verification 

We will respond to your request within one month. We may request proof of identity to protect your personal data.
If you remain unsatisfied with our response, you may lodge a complaint with your supervisory authority (in Denmark: Datatilsynet).

10. Children

The Site is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, contact us and we will delete it promptly.

11. Links to other websites

The Site contains links to third-party websites (for example GitHub, documentation or partner sites). This Privacy Policy does not apply to those sites. Please review third-party privacy policies before providing personal data to them.

12. International transfers

Our processors or third-party services may transfer data outside the EEA. Where transfers occur, we rely on appropriate safeguards (adequacy decisions, Standard Contractual Clauses, or other lawful mechanisms) or will obtain appropriate consent.

13. Changes to this policy

We may update this Privacy Policy to reflect legal, technical or business changes. We will publish the updated version on the Site and update the “Last updated” date.

14. Supervisory authority