United Kingdom
Select Location
info@jtcrop.com
+44 1484 848885
Follow us on
United Kingdom
Select Location
Search

Data use and processing policy

JT AGRO LIMITED – DATA USE & PROCESSING POLICY

Last updated: 08-02-2026

1. Introduction

This Data Use & Processing Policy (“Policy”) describes how JT Agro Limited (“JT Agro”, “we”, “our”, or “us”) collects, processes, stores, transfers, and protects personal data under the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the UK Data Protection Act 2018.

It applies to:

  • All customers, partners, suppliers, and website users.
  • All personal data processed by JT Agro within or outside the United Kingdom or European Economic Area (EEA).

2. Purpose and Scope

The purpose of this Policy is to ensure that all data processed by JT Agro is handled lawfully, fairly, transparently, and securely, in accordance with the principles of data protection.

This Policy covers:

  • Data collection, use, and sharing practices.
  • Roles and responsibilities of Data Controllers, Processors, and Sub-Processors.
  • Data transfers to countries outside the UK or EEA (including AWS servers in Mumbai, India).
  • Security and compliance mechanisms for international processing.

3. Company Information

JT Agro Limited

Registered in England and Wales

Company Number: 07433514

Registered Office: Lees Mill Lane, Linthwaite, Huddersfield, West Yorkshire, HD7 5QE, United Kingdom

Email: info@jtcrop.com

Website: https://jtcrop.com

JT Agro acts as:

  • A Data Controller when determining the purpose and means of processing.
  • A Data Processor when processing data on behalf of other controllers (e.g., clients, partners).

4. Definitions

TermDefinition
Personal DataAny information that identifies or can identify a natural person.
Data ControllerThe entity that determines the purposes and means of processing.
Data ProcessorThe entity that processes data on behalf of the Controller.
Sub-ProcessorA third party engaged by the Processor to assist in processing.
ProcessingAny operation performed on personal data (collection, storage, use, deletion, etc.).
Data SubjectThe individual whose personal data is processed.
TransferAny disclosure or movement of personal data outside the UK or EEA.

5. Data Processing Principles

JT Agro complies with the data protection principles set out in Article 5 of the GDPR.
We ensure all personal data is:

  • Processed lawfully, fairly, and transparently.
  • Collected for specified, explicit, and legitimate purposes and not further processed in a way incompatible with those purposes.
  • Adequate, relevant, and limited to what is necessary.
  • Accurate and up to date.
  • Kept only as long as necessary for its intended purpose.
  • Processed securely using appropriate technical and organizational measures.

6. Lawful Basis for Processing

JT Agro processes personal data on one or more of the following lawful bases under Article 6(1) GDPR:

Lawful BasisDescription
Contractual necessityTo perform a contract or take steps before entering a contract.
Legal obligationTo comply with laws and regulatory requirements.
Legitimate interestFor business operations where interests are not overridden by your rights.
ConsentWhere you have explicitly agreed (e.g., marketing, newsletter subscription).
Vital interestsTo protect someone’s life or safety (rare).

7. Categories of Data Processed

JT Agro may process the following data categories:

  • Identity Data: Name, job title, company name.
  • Contact Data: Email, phone, postal address.
  • Account Data: Login credentials, profile settings.
  • Transaction Data: Payment records, purchase history.
  • Technical Data: IP address, browser type, device information.
  • Usage Data: Access logs, website analytics, cookies.
  • Marketing Data: Communication preferences, consents.

8. Data Use Purposes

Personal data is processed for the following purposes:

  • To provide and manage JT Agro products and services.
  • To communicate with customers, vendors, and partners.
  • To process financial transactions and manage billing.
  • To monitor system performance and improve functionality.
  • To comply with legal or regulatory requirements.
  • To send marketing communications (if consented).
  • To secure systems and detect/prevent fraud.

9. Data Retention

JT Agro retains personal data only for as long as necessary for the purpose for which it was collected or to comply with legal obligations.

Data TypeRetention Period
Customer Account Data6 years after last use
Financial/Invoice Data7 years (per UK accounting laws)
Marketing DataUntil consent is withdrawn or 24 months of inactivity
Technical Logs12–24 months for security monitoring

Data is securely deleted, anonymized, or archived when no longer needed.

10. Data Processors and Sub-Processors

JT Agro may engage third-party service providers (“Sub-Processors”) to assist with hosting, data management, analytics, communication, and payment processing.

Examples include:

  • Amazon Web Services (AWS) – cloud hosting (Mumbai, India region)
  • Google Analytics – website usage statistics
  • Mailchimp / HubSpot – marketing communications
  • Payment gateways – transaction processing

All Sub-Processors are subject to:

  • Data Processing Agreements (DPAs) that comply with Article 28 GDPR.
  • Security and confidentiality obligations equivalent to those imposed on JT Agro.
  • Ongoing compliance monitoring.

11. Data Transfers Outside the UK and EEA

JT Agro may transfer personal data to third countries (e.g., India) where hosting or service provision occurs.

Safeguards:

In accordance with Articles 44–49 GDPR, such transfers are protected by:

  • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO) and/or European Commission.
  • UK Addendum to the SCCs for international transfers.
  • Technical safeguards – encryption, pseudonymisation, access limitation.
  • Organizational safeguards – restricted access, employee confidentiality obligations.

JT Agro verifies that AWS and other Sub-Processors maintain ISO 27001, SOC 2, and GDPR-compliant frameworks.

12. Security and Data Protection Measures

JT Agro employs multiple technical and organizational measures (TOMs) to protect data integrity and confidentiality, including:

Technical Controls:

  • Data encryption (AES-256 at rest, TLS 1.3 in transit).
  • Network segmentation and firewall protection.
  • Multi-factor authentication and secure access management.
  • Regular vulnerability scanning and penetration testing.

Organizational Controls:

  • Employee training on data protection.
  • Role-based access limitation.
  • Regular audits and compliance checks.
  • Incident management and breach response procedures.

13. Data Subject Rights

Individuals have the following rights under the UK GDPR and EU GDPR:

RightDescription
AccessRequest a copy of your personal data.
RectificationCorrect inaccurate or incomplete data.
ErasureRequest deletion of data (“right to be forgotten”).
RestrictionLimit processing in specific circumstances.
PortabilityRequest transfer of your data to another controller.
ObjectionObject to processing based on legitimate interests or marketing.
Withdraw ConsentWithdraw previously given consent at any time.

Requests can be submitted to info@jtcrop.com.

JT Agro will respond within 30 days as required by law.

14. Data Breach Management

JT Agro may maintain a formal Incident Response Plan.

If a data breach occurs:

  1. The breach will be assessed within 24 hours.
  2. Notification to the ICO (and other authorities if required) will occur within 72 hours.
  3. Affected data subjects will be notified where there is a high risk to their rights or freedoms.
  4. Records of all incidents will be maintained in a Data Breach Register.

15. Customer and Partner Responsibilities

If you (the customer or partner) act as a Data Controller and JT Agro acts as your Processor, you agree to:

  • Ensure you have a lawful basis for processing the data you share with us.
  • Provide accurate and up-to-date data.
  • Notify us of any data protection instructions or restrictions.
  • Cooperate with JT Agro to comply with GDPR obligations.

16. Automated Processing and Profiling

JT Agro does not perform automated decision-making that produces legal or significant effects on individuals. If automated profiling is introduced in future (e.g., analytics or recommendation systems), users will be notified and may opt out.

17. Audits and Compliance

JT Agro may conduct regular internal and third-party audits to verify compliance with:

  • UK GDPR and Data Protection Act 2018
  • ISO 27001 Information Security standards
  • PCI DSS (for payment systems, where applicable)

We cooperate with supervisory authorities and clients in verifying compliance obligations.

18. Changes to This Policy

We may update this Data Use & Processing Policy periodically. Revised versions will be published on our website with the date of the latest update. Where significant changes occur, we will notify affected users or partners directly.

19. Contact Information

For any data protection queries, rights requests, or compliance matters, contact:

Data Protection Officer

JT Agro Limited

Lees Mill Lane, Linthwaite, Huddersfield, West Yorkshire, HD7 5QE, UK

Email: info@jtcrop.uk

Phone: +44 1484 848885

Website: https://jtcrop.uk

If you are dissatisfied with our response, you have the right to lodge a complaint with:

Information Commissioner’s Office (ICO)

Website: www.ico.org.uk

Tel: +44 (0)303 123 1113

Close
Search

Hit enter to search or ESC to close

cookie By using this website, you agree to our cookie policy Close