California’s System for Pesticide Incident Reporting
Privacy Policies
The California System for Pesticide Incident Reporting makes it easy for Agricultural fieldworkers and the general public in California to submit a pesticide-related incident to the correct agency that is responsible to handle it. While the user is able to anonymously submit a complaint, without any personally identifiable information being transmitted, it is up to the user which information (e.g. name, phone number, email address) he/she is comfortable of sharing.
This is a list of categories of Personally Identifiable Information (PII) that an app could potentially collect:
| PII | Collected |
| Unique device identifier | No |
| Geo-location (GPS, WiFi, user-entered) | User Choice (assist in finding incident location) |
| Mobile phone number | User Choice (manually entered) |
| Email address | User Choice (manually entered) |
| User’s name | User Choice (manually entered) |
| Text messages or email | No |
| Call logs | No |
| Contacts/address book | No |
| Financial and payment information | No |
| Health and medical information | No |
| Photos or videos | User Choice |
| Web browsing history | No |
| Apps downloaded or used | No |
Is the data type necessary for your app’s basic functionality (that is, within the reasonably expected context of the app’s functions as described to users)?
The app does not transmit any PII without the knowledge of the user and beyond the extend of what the user actually voluntary enters into the complaint entry form.
Furthermore, the app is fully functional without transmitting or volunteering data with a complaint. It will, however, make the investigation so much harder to perform by the County Agricultural Commissioner or the Agency the complaint will be handled.
Is the data type necessary for business reasons (such as billing)?
The user is able to stay anonymous and able to choose which data he/she is comfortable of sharing. Any detail shared with the complaint is not shared with a third party and stays within the California County Agricultural Commissioner’s office which the complaint got assigned to. With an email or phone number, the investigator can contact the user to get more information about the complaint. A picture would be valuable to document the complaint even further.
How will you use the data?
The data shared within a complaint will only be used to help investigate the complaint. The investigation will be performed by the County Agricultural Commissioner staff and the information of the complaint is not shared with a third party.
Will it be necessary to store data off the device, on your servers?
The complaint data will be stored initially on the CASPIR (California’s System for Pesticide Incident Reports) server where they will be relayed to the County Agricultural Commissioner’s system. Once the county starts an investigation, the complaint data will be transferred to the investigation. The counties have various data retention policies and outside the CASPIR system.
How long will you need to store the data on your servers?
Complaints that have been closed are deleted within 30 days upon closing date.
Will you share the data with third parties (such as ad networks, analytics companies, service providers)? If so, with whom will you share it?
No, none of the complaint data will be shared outside California Agencies:
- DPR (Department of Pesticide Regulation): complaints, where the jurisdiction cannot be determined automatically, will be handled by DPR staff. If DPR staff can find which county is responsible for handling the investigation, the complaint is forwarded to that county for further investigation.
- County Agricultural Commissioner: county staff is performing the investigation and enforcing any kind of violations determined by the investigation.
- CalEPA: non-pesticide related complaints might be forwarded to CalEPA for their investigation.
- Cal/OSHA: other related complaints might be forwarded to the Department of Industrial Relations at Cal/OSHA for their investigation.
How will third parties use the data?
None of the complaint data will be shared with third parties.
Who in your organization will have access to user data?
Only CPCS System Administrators will have access to submitted complaints via a password protected web application.
Is your app directed to or likely to be used by children under the age of 13?
No, the app is directed to agricultural fieldworkers who are working in the state of California.
What parts of the mobile device do you have permissions to access? Can you provide users with the ability to modify permissions?
The app will access these data categories:
- Location: while a location is useful for an investigation, the user can enter the location of an incident without permitting the app to use the device’s location. The location of the device will not be stored and transmitted within a complaint.
- Camera: The user is able to take a picture or video to include in the complaint.
- Photo Album: The user is able to select a picture or video from the photo album in the complaint.
The user can choose to not grant the app permission to access any of the items listed above. All the other complaint fields are text entries (name, phone number, email address) and the user can choose how much or little he/she wants to share to support an investigation.