The Banana Fiber Company (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how information is collected, used, stored, and safeguarded when you access our websites, portals, and services (collectively, the “Services”).
2. Information We Collect
Information You Provide
- Name, email address, and contact details
- Account credentials and authentication data
- Investor, supplier, employee, or partner information
- Submitted forms, documents, and communications
Automatically Collected Information
- IP address and device information
- Browser type and access timestamps
- Usage logs and security events
- Portal activity and audit records
Operational & Supply-Chain Data
- Pickup, logistics, and production records
- Fiber processing and quality metrics
- System-generated identifiers
3. How Information Is Used
We use collected information to:
- Provide, operate, and maintain the Services
- Authenticate users and enforce access controls
- Support investor, supplier, and partner workflows
- Improve system performance and security
- Comply with legal and regulatory obligations
4. Legal Basis for Processing
Information is processed based on one or more of the following:
- Your consent
- Performance of contractual obligations
- Compliance with legal requirements
- Legitimate business interests, including security and fraud prevention
5. Data Sharing & Disclosure
We do not sell personal data. Information may be shared only when necessary with:
- Authorized service providers (hosting, security, e-signature)
- Legal, regulatory, or law enforcement authorities when required
- Business partners under confidentiality obligations
6. Data Security
We implement administrative, technical, and organizational safeguards including:
- Encrypted communications (HTTPS/TLS)
- Role-based access controls
- Multi-factor authentication (MFA)
- Audit logging and monitoring
While we strive to protect data, no system can be guaranteed 100% secure.
7. Data Retention
Information is retained only as long as necessary to:
- Provide Services
- Meet contractual obligations
- Comply with legal and regulatory requirements
8. Cookies & Tracking
Cookies and similar technologies may be used to:
- Maintain sessions and authentication state
- Improve user experience
- Support security and abuse prevention
You may control cookies through your browser settings; however, some portal features may not function properly if disabled.
9. Role-Based & Portal Data
Portal access is governed by role-based permissions. Data visibility may depend on:
- User role (investor, supplier, employee, administrator)
- Verification status (email, MFA)
- Executed agreements (e.g., NDAs)
Activity within secure areas is logged for compliance and security purposes.
10. Your Rights
Subject to applicable law, you may have the right to:
- Request access to your personal information
- Request correction or deletion
- Withdraw consent where applicable
- Object to certain processing activities
11. International Use
The Services may be accessed globally. Information may be processed or stored in jurisdictions with different data protection laws.
12. Children’s Privacy
The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
13. Policy Updates
We may update this Privacy Policy from time to time. Continued use of the Services after changes constitutes acceptance of the revised policy.