Privacy Policy · Neytiri EywaFarm · Neytiri EywaFarm Agritech

Section 01

Introduction and Scope

This Privacy Policy describes how Neytiri EywaFarm Agritech Private Limited ("Company", "we", "us", "our") collects, uses, processes, stores, shares, and protects personal data and other information in connection with the RootsTalk platform ("Platform").

This Policy applies to all users of the Platform, including farmers, dealers, facilitators, experts, Client representatives, and visitors.
This Policy forms an integral part of the Terms and Conditions governing use of the Platform.
By accessing or using the Platform, Users acknowledge that they have read, understood, and agreed to this Policy.
If a User does not agree to this Policy, such User should refrain from accessing or using the Platform.

Section 02

Legal Framework and Definitions

Applicable Law

This Policy is framed in accordance with:

The Digital Personal Data Protection Act, 2023
The Information Technology Act, 2000
Applicable rules, regulations, and guidelines
Other relevant laws in force in India

Data Fiduciary and Data Processor

Data Fiduciary: The Company acts as a "Data Fiduciary" in relation to Personal Data collected directly by it.

Data Processor: In relation to Client-controlled data, the Company acts as a "Data Processor" on behalf of the Client.

Key Definitions

Personal Data: Any data relating to an identified or identifiable individual.
Sensitive Personal Data: Such data as may be notified under applicable law.
Client Data: Business and operational data provided by Clients.
Usage Data: Anonymised and aggregated data relating to Platform usage.
Processing: Any operation performed on data, including collection, storage, use, disclosure, or deletion.
Consent: Freely given, specific, informed, and unambiguous indication of the User's agreement to data processing.

Section 03

Data We Collect

The Company collects only such data as is reasonably necessary to provide, operate, improve, and secure the Platform.

Personal Identification

Name
Mobile number
Email address (where provided)
Age or date of birth
Profile photographs (voluntary)

Account & Role Information

User role (farmer, dealer, facilitator, expert)
Organisation affiliation
Designation and responsibilities
Account preferences and settings

Agricultural & Farm Information

Crop details
Sowing and harvesting dates
Land and field identifiers
Soil and nutrient information
Pest and disease observations
Farm practice records

Transaction Information

Subscription details
Order and purchase records
Payment confirmations
Allocation and usage history

We do not store full payment card or banking details.

Device & Technical Information

Device type and model
Operating system and app version
IP address
Network connectivity information
System logs and error reports

Media Content

Photos of crops, pests, or fields
Audio recordings for support
Videos (where voluntarily contributed)
Location data (with consent)

Users may grant, withdraw, and restrict consent for media collection.

Data Minimisation Principle

We endeavour to collect only such data as is necessary for the stated purposes and avoid excessive or irrelevant data collection.

Section 04

Purpose of Collection and Use of Data

The Company collects and processes data only for legitimate, lawful, and transparent purposes connected with operation of the Platform.

Provision of Services

Create and manage user accounts
Enable access to Platform features
Deliver agricultural advisories
Manage subscriptions and orders

Personalisation

Tailor advisories to specific crops
Maintain advisory consistency over time
Avoid repetitive recommendations
Align with past actions

Security & Compliance

Ensure system security
Enforce Terms and Conditions
Comply with legal requirements

Business Operations

Manage billing and payments
Maintain records and audits
Conduct internal reporting
Manage contractual relationships

No Unauthorised Commercial Exploitation

We do NOT use Personal Data for:

Third-party advertising
Sale of user profiles
Unsolicited marketing
Behavioural profiling unrelated to Platform services

Section 05

Consent and User Rights

Lawful Basis and Consent

The Company processes Personal Data only on lawful grounds, including user consent, contractual necessity, and legal obligations.
Where required by law, explicit consent is obtained before collecting or processing Personal Data.
Users may withdraw consent at any time, subject to legal and contractual limitations.

Your Rights

RIGHT 01

Right to Access

Request confirmation of whether your Personal Data is being processed and obtain access to such data.

RIGHT 02

Right to Correction

Correct inaccurate or incomplete Personal Data and update outdated information.

RIGHT 03

Right to Erasure

Request deletion of your Personal Data when permitted by law, subject to legal and operational requirements.

RIGHT 04

Right to Grievance Redressal

Raise grievances relating to data processing which will be addressed within reasonable timeframes.

RIGHT 05

Right to Nominate

Nominate another individual to exercise your rights in the event of death or incapacity.

RIGHT 06

Right to Restrict Processing

Request restriction of processing in specific circumstances where permitted by law.

No Retaliation: The Company shall not deny services, impose unreasonable conditions, or discriminate against Users for exercising their lawful data rights.

Section 06

Data Sharing and Disclosure

The Company does not sell, rent, or trade Personal Data to third parties.

We share data only in limited and lawful circumstances:

With Clients and Authorised Participants

Personal Data may be shared with relevant Clients and their authorised ecosystem participants (dealers, facilitators, experts) solely for delivering services through the Platform.

With Service Providers

We may engage trusted third-party providers for cloud hosting, payment processing, messaging, analytics, and customer support. They are contractually bound to process data only in accordance with this Policy.

For Legal and Regulatory Purposes

We may disclose data to comply with laws, respond to lawful requests from authorities, enforce legal rights, or protect safety and security.

In Corporate Transactions

In the event of merger, acquisition, or sale of assets, data may be transferred. Any recipient shall be bound by similar data protection obligations.

Aggregated and Anonymised Data

We may share anonymised and aggregated data for research and analytical purposes. Such data shall not identify any individual user.

Section 07

Data Storage and Security

Data Storage

Personal Data and Client Data are primarily stored on secure servers located in India. Where required for technical or operational reasons, limited data may be stored or processed outside India in compliance with applicable laws.

Security Safeguards

Access Controls: Authentication mechanisms & need-to-know basis
Encryption: Data encryption where appropriate
Secure Servers: Protected storage environments
Monitoring: System monitoring & intrusion detection
Backups: Regular backups & recovery procedures
Reviews: Periodic security reviews

User Responsibilities

Safeguarding your login credentials
Using secure devices and networks
Promptly reporting suspected misuse

While the Company uses reasonable efforts to protect data, no system can be guaranteed to be completely secure. Users acknowledge and accept residual risks inherent in digital systems.

Section 08

Data Retention and Deletion

The Company retains Personal Data and Client Data only for as long as is necessary to fulfil the purposes for which it was collected.

Retention Principles

Retention periods are determined based on contractual obligations, legal requirements, operational needs, and dispute resolution requirements.

Active Account Retention

Data associated with active user accounts shall be retained for the duration of the account's activity.

Post-Termination Retention

Upon termination, data may be retained for a reasonable period to complete services, comply with legal obligations, resolve disputes, and support audits. Thereafter, data shall be securely deleted or anonymised.

Anonymisation

Where feasible, data may be anonymised and retained for analytical and research purposes. Such data shall not identify individual users.

Backup Data

Deleted data may remain in backup systems for limited periods, securely protected and not used for active processing.

Section 09

Cross-Border Data Transfers

Primary Data Storage in India: The Company stores and processes Personal Data and Client Data primarily on servers located within India, reflecting our commitment to data sovereignty and compliance with Indian law.

Limited Cross-Border Processing

In certain circumstances, limited data may be processed or accessed outside India for technical, operational, or support purposes. Such processing shall occur only where necessary and permissible under applicable law.

Legal and Contractual Safeguards

Where cross-border processing occurs, we ensure appropriate contractual protections, reasonable technical safeguards, and data protection at standards substantively equivalent to Indian law.

Regulatory Compliance

All cross-border transfers comply with the Digital Personal Data Protection Act, 2023 and related regulations. We monitor regulatory developments and update practices accordingly.

Section 10

Children and Minors

The Platform is intended for use by individuals who are legally capable of entering into binding contracts under applicable law. As a general rule, the Platform is designed for adult users.

Processing of Minor Data

Where Personal Data of a minor is collected, it shall be carried out in accordance with the Digital Personal Data Protection Act, 2023. We shall obtain verifiable consent from a parent or lawful guardian where required by law.

Limited Collection

The Company does not knowingly collect Personal Data from minors without appropriate legal basis. Data relating to minors shall be limited to what is strictly necessary for Platform functionality.

Prohibited Uses

The Company does NOT:

Engage in targeted advertising directed at minors
Undertake behavioural profiling of minors
Profile minors for commercial purposes

Parents or lawful guardians may exercise data rights on behalf of minors. If we become aware that Personal Data has been collected in violation of applicable law, we shall take reasonable steps to delete or restrict such data.

Section 11

Grievance Redressal and Contact

In accordance with applicable law, the Company has appointed a Grievance Officer to address concerns relating to data protection and privacy.

Grievance Officer Contact

Designation: Grievance Officer — Data Protection

Company: Neytiri EywaFarm Agritech Private Limited

Email: support@eywa.farm

Address: #1238, 4th Floor, HIG, B Sector, Yelahanka New Town, Bengaluru 560064, Karnataka, India

Phone: 080 4210 7702

Filing a Grievance

Users may submit grievances relating to:

Collection or use of Personal Data
Denial of data rights
Security incidents
Unauthorised disclosures
Policy violations

Response Timeline: Acknowledgement within 7 business days. Resolution within 30 days or as prescribed by law.

No Retaliation: The Company shall not take adverse action against any User for raising a genuine grievance.

Section 12

Policy Updates and Governance

Policy Review and Updates

The Company may review and update this Privacy Policy to reflect changes in law, Platform functionality, technological developments, or business practices. Material changes shall be communicated through the Platform.

Effective Date

This Policy is effective from the date published. Continued use of the Platform after updates constitutes acceptance of the updated Policy.

Internal Governance

The Company maintains internal policies, procedures, and controls to support compliance. Relevant personnel are trained on data protection and privacy obligations.

Consistency with Other Documents

This Policy shall be read in conjunction with the Terms and Conditions. In the event of inconsistency, the Terms and Conditions shall prevail, subject to applicable law.

Governing Law

This Policy shall be governed by and construed in accordance with the laws of India.

Questions about this Privacy Policy?

Neytiri EywaFarm Agritech Pvt. Ltd., #1238, 4th Floor, HIG, B Sector, Yelahanka New Town, Bengaluru 560064, Karnataka, India

Email: support@eywa.farm · Phone: 080 4210 7702

Your Privacy Matters