Growers Farm Data Privacy and Security Policy

This Farm Data Privacy and Security Policy describes how Growers (“we”, “our”, “us”) collects and uses data about
the farm and farming activities of its customers (“you”, “your”). The terms and requirements of this policy are incorporated into your contract with us.

1. We collect, process and use a variety of data about your farm and farming activities to provide our services to you.

We collect agronomic data, including crop plans, past and current as-planted, as-applied and yield data, soil fertility, soil treatment, and crop care activities; land, climate and weather data, including farm and field boundaries; and farm management data, including equipment, financial and other information about your operation. These are collectively referred to as “Farm Data”.

2. The Farm Data that you provide us or that we otherwise collect under our contract with you belongs to you.

We will manage your Farm Data on your behalf in accordance with this policy and your contract with us.

3. You will supply Farm Data to us lawfully and only if you have obtained any needed consents from relevant persons to do so.

You will secure any permissions that may be needed from other stakeholders or suppliers, and otherwise comply with
the law.

4. We use your Farm Data to provide services to you, and for other related purposes.

We collect, control, process and use your Farm Data to provide our services to you and perform our contract with you; to provide information about our services and activities (including marketing information) to you; to operate, personalize, maintain and improve our services and apps; and to comply with legal and regulatory requirements.

5. We grant some third parties access to your Farm Data to help us provide certain aspects of our services to you.

These may include your business partners (e.g. agronomists, agronomic service providers (ASPs), equipment dealers), our reseller and other business partners working with you, and technology providers (e.g. Cloud data services) that we use to provide our services to you. We will provide access to your Farm Data to our business partners only if they are legally bound by a contract with us to protect your Farm Data in accordance with all terms of this policy and our contract with you. For other third party technology providers, the terms their own specific privacy policy will apply to their protection of your Farm Data, but we will only engage with such service and equipment providers if their terms of protection for your
Farm Data are materially consistent with the terms and protections of this policy.

6. We will not sell or disclose your Farm Data to any third party except as provided in this policy or our contract with you.

We may transfer Farm Data and other data in our possession to a new owner of our business or in connection with a corporate transaction, such as a merger, asset sale, joint venture, bankruptcy or other reorganization or dissolution, so long as the acquirer is legally bound to protect and use your Farm Data only under the terms of this policy and our
contract with you. We also reserve the right to maintain, use or disclose Farm Data and other data if required to do
so by law, or in the good faith belief that such action is reasonably necessary to comply with legal process, respond to claims or protect the rights, property or safety of our company, employees, customers or the public. We will not otherwise disclose or sell your Farm Data without your express written consent; we would give you notice of any such disclosure or sale, and you would have the right to opt out and have your data removed from any such dis- closure or sale.

7. We will not use your Farm Data to engage in a conflict of interest or illegal activity.

We will not, for example, use your Farm Data for speculation in commodity markets.

8. We will use appropriate security safeguards to protect your Farm Data against loss or destruction and unauthorized access, use, disclosure, transfer, or alteration.

We will notify you in not more than forty-eight (48) hours after we learn of any security breach that may result in the loss or destruction or unauthorized access, use, disclosure, transfer, or alteration of your Farm Data, and work with you to respond to and do damage limitation with respect to any such breach.

9. We may anonymize your Farm Data, and aggregate and use this with other anonymized data, so long such data is not identified or identifiable with you or your farm in any way.

We are the owner of all anonymized and aggregated data, which is not included in the definition of Farm Data for purposes of this policy or our contract with you. We may use anonymized and aggregated data for any purpose, and disclose or sell it, at any time.

10. We will provide a copy of your Farm Data to you upon request, or when your contract ends.

We will provide your raw Farm Data to you in a com- pressed machine-readable form compliant with an industry standard format.

11. We will delete your Farm Data within one-hundred eighty (180) days after your contract with us ends, unless you instruct us otherwise, or ten (10) years after collection, or upon your request.

12. Policy changes, contact details.

From time to time we may need to change some of the terms of this policy in order to conform with changes to legal requirements or our services. We reserve the right to make such changes at any time, subject to notice to you and posting of the new policy terms on our website. We will not, however, change any aspect of your ownership of your Farm Data, or our commitments to you in this policy and in our contract with you regarding our use, sale or disclosure of your Farm Data, without your express written consent. You can contact us with inquiries or complaints related to this policy at info@growers.com.

Growers Holdings, Inc – July 2018