Introduction
FreshData, an initiative of Fresh Markets Australia is a leading platform for daily market analytics in
Australia’s fresh produce wholesale markets. This integrated governance document combines the FreshData Data Governance Policy and FreshData Data Governance Framework. It provides a unified guide for data collection, transmission, management, and security, outlining principles, roles, and responsibilities for all stakeholders to ensure transparency, integrity, and compliance in data handling.
This document does not constitute legal advice. All contributors are advised to seek independent legal counsel regarding their rights and obligations under applicable laws. Compliance with the FreshData Governance Policy and Framework does not imply compliance with any regulatory requirements beyond the scope of FreshData.
1. Data Governance Policy
The FreshData Data Governance Policy establishes the foundation for responsible data management and serves as a guide for data contributors and end users across the platform. The principles outlined in this Policy are intended to promote best practices in data governance while ensuring alignment with industry standards and contributor expectations.
TransparencyFreshData commits to clear and accessible data policies, ensuring that contributors and end users understand how their data is collected, used, and shared. Contributors and end users are notified of any significant changes to data policies that may impact their data or involvement in the FreshData platform.
Equitable Data UseData is used in a manner that creates value for all contributors and does not disadvantage any stakeholder without their informed consent. Traders or State Chamber contributors retain control over their raw data until it has been deidentified and aggregated for analysis. After this process, FreshData has the right to use the aggregated data to generate insights, reports, and industry-level analysis.
Control and Access
- FreshData Contributors Data Control
Data contributors, retain control over their raw data, including the ability to access logs related to their contributions, however once the date is contributed and processed it cannot be modified or deleted. Contributing data to FreshData is an opt-in option. Traders may choose to stop contributing at any time by opting out, but any data that has already been deidentified and aggregated will remain in the system for analysis and reporting purposes. Where data is contributed by State Chambers on behalf of traders, then the State Chamber is responsible for the opt-in option for traders. - End Users’ Access and RegistrationEnd users can access the FreshData platform through a dedicated mobile application or web-based interface, providing flexibility in how they interact with the system. During registration for a free subscription, end users are only required to provide basic information such as their name and email address. For paid subscriptions, additional information, such as credit card details, will be required for payment processing.
- Data Use and Restrictions
After deidentification, FreshData retains full rights to use, distribute, and report on the aggregated data without restrictions from data contributors. While Traders or State Chamber contributors maintain control over their raw data until deidentification, they cannot restrict the use of aggregated data insights for industry-level reporting or analysis. - Privacy and Security of Personal Information
Personal information provided by end users, such as name, email address, and credit card details, is securely stored and processed in compliance with applicable data privacy regulations. FreshData employs industry-standard security measures to ensure that all personal information is protected against unauthorised access and misuse.
- FreshData Contributors Data Control
- Data Quality
FreshData employs automated validation systems to ensure data accuracy, consistency, and completeness. Data contributors are expected to provide accurate and up-to-date data to maintain data quality across the platform. - Data Security
Comprehensive security measures are in place to protect against data loss, unauthorised access, and misuse. Security controls are reviewed regularly to ensure they meet evolving industry standards and regulatory requirements. All data collected and stored by FreshData is housed on AWS (Amazon Web Services) servers and serverless infrastructure, which are maintained in accordance with industry-leading security and compliance standards.
2. Data Governance Framework
The Data Governance Framework supports the principles outlined in the Policy by providing technical standards and procedural guidelines for data management. All data contributors and end users must comply with this Framework to ensure the secure and responsible handling of data within the FreshData platform.
Data Access and Security
- Access to FreshData is managed through role-based permissions, ensuring that only authorised users can view or modify data.
- API Key Authentication and TLS/SSL encryption are required for secure data transmission between contributors’ Point-of-Sale (POS) systems or State Chamber systems and the FreshData platform.
- Multi-factor authentication is used for sensitive data access, with encryption protocols safeguarding data during both transmission and storage.
- All transmitted data is deidentified and aggregated upon receipt to maintain confidentiality and remains deidentified for storage and analysis.
- All data collected and processed by FreshData is stored on secure AWS servers and serverless infrastructure located domestically within Australia. The technology team that supports FreshData work flexibly and remotely. There are times where the infrastructure that supports FreshData including the underlying aggregated data is accessed securely from locations outside of Australia. Where this occurs, access will be managed in accordance with a third-party certified Information Security Management System that is accredited to ISO27001:2022 or an equivalent global standard.
- Audit logging is implemented to track all data transactions, with compliance reports generated regularly. Logs are retained in accordance with legal and compliance requirements.
- Access to data is limited to authorised personnel based on role-based access permissions. FreshData does not share identifying information with third parties except as required by law or with explicit consent from data contributors and end users.
Technical Specifications for Data Integration
- Data contributors must register and generate an API key during the onboarding process.
- Data is transmitted using a RESTful API, with real-time transmission and validation protocols ensuring data accuracy and availability.
- The onboarding process includes mapping POS products to standardised product naming conventions, facilitating consistent data classification.
Personal Information Handling for End Users
End users access the FreshData platform through a dedicated mobile application or web-based interface. To complete registration for free subscriptions, end users are required to provide only basic information, such as their name and email address. FreshData uses industry-standard security protocols to protect personal data and complies with applicable data privacy regulations. For paid subscriptions, where credit card details are provided, these are stored by FreshData’s third-party processors such as Stripe, Apple and Google. Storage of these payments are not managed by FreshData.
3. Data Warehouse and Subscription-Based Access
FreshData may provide access to a Data Insights Hub or equivalent repository, where more detailed and comprehensive analysis of deidentified and aggregated data is made available. This service will offer end users advanced insights and in-depth market analysis, enabling them to leverage FreshData’s robust datasets for strategic decision-making.
- Access and Use
Access to the Data Insights Hub will be granted based on bespoke requirements, tailored to the specific needs or requests of the end users. End users can request specific types of analysis or insights based on their unique requirements, and FreshData will work with them to develop a customised data solution. - Data Ownership and Use
While Traders or State Chamber contributors retain ownership of their raw data until it is deidentified, FreshData retains the right to use, aggregate, and analyse deidentified data to create insights for the Data Insights Hub. Traders or State Chamber contributors cannot place restrictions on how these insights are used or distributed.
4. Roles and Responsibilities
Each stakeholder group has defined roles and responsibilities in maintaining data governance within the FreshData platform.
- Data Custodian (Fresh Markets Australia)
Fresh Markets Australia, as the Data Custodian, is responsible for managing the governance of the FreshData platform and ensuring compliance with data management standards and protocols. - Data Contributors (Traders or State Chamber contributors))
Data Contributors, such as Traders (wholesalers) and State Chamber contributors, are responsible for providing accurate sales data through integrated POS or other systems. They retain ownership of their raw data until it is deidentified and are responsible for its accuracy and timeliness. - Data Users (End Users)
Data Users include industry analysts, researchers, and government bodies who access anonymised and aggregated data for market analysis. End users, such as customers using the dedicated mobile application or web-based interface, must provide personal information during registration and adhere to FreshData’s Terms of Use.- Insights Provided Through the App and Web Interface
FreshData provides aggregated and deidentified insights through its dedicated mobile app and web interface. These insights are surfaced in a clear, user-friendly format, allowing end users to access valuable information on market trends, pricing, and industry analysis. All insights are generated from deidentified data, ensuring that no specific trader or contributor is identifiable. FreshData aims to offer these insights in a manner that supports decision-making and strategic planning for users, while maintaining data integrity and privacy.
- Insights Provided Through the App and Web Interface
5. Data Portability and Deletion
Data contributors retain control over their raw data until it is deidentified and aggregated for insights.
6. Legal Disclaimers and Limitations of Liability
This Data Governance Policy and Framework is intended to provide a general understanding of FreshData’s data management practices. It is not intended to provide legal advice or create legal obligations on Fresh Markets Australia, its contributors, or end users, except as otherwise required by law or specific contractual agreement.
- Non-Control of Aggregated Data Use
Once raw data is deidentified and aggregated, FreshData retains the right to use, distribute, and report on aggregated data outputs for market analysis, industry reporting, and other purposes that align with its mission to support the fresh produce industry. Data contributors cannot restrict or dictate the specific uses of aggregated data outputs. FreshData will handle all data in accordance with established principles of transparency, fairness, and equitable use.
Compliance with this document does not guarantee compliance with all applicable laws or regulations. Contributors and end users should seek independent legal advice to understand their legal rights and obligations concerning data privacy, data management, and any other applicable regulations.
Fresh Markets Australia is not liable for any loss, damage, or injury arising from the use of the FreshData platform or any reliance on data provided, except as required under Australian law.
7. Contact Information
For any questions or concerns related to data governance, integration, or security policies, please contact the FreshData support team at [email protected].
Document Number CH07-001
Document Date: I November 2024