1. INTRODUCTION

Samyoga Agrow Private Limited ("we," "us," "our," or the "Company") is committed to protecting your privacy and ensuring transparent data practices. This Privacy Policy explains how we collect, use, process, disclose, and safeguard your information when you access and use the Cultiveda mobile application (the "App"), our website, and related services.This Privacy Policy is governed by the Digital Personal Data Protection Act, 2023 ("DPDP Act"), the Information Technology Act, 2000 ("IT Act"), and the Consumer Protection Act, 2019 ("CPA"), all of which are Indian laws. Please read this Privacy Policy carefully. If you do not agree with our practices, please do not use the App.

2. DEFINITIONS

For the purposes of this Privacy Policy: "Personal Data" means any information relating to a natural person who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, online identifier, or specific physical, physiological, mental, economic, cultural, or social identity factors."Sensitive Personal Data" includes personal data relating to passwords, financial data, health data, official government identifiers, biometric data, genetic data, sex life data, sexual orientation data, or data relating to minors."Data Principal" means the natural person to whom personal data relates and whose identity can be determined directly or indirectly."Data Processor" or "Data Fiduciary" means the entity (in this case, Samyoga Agrow Private Limited) responsible for determining the means and purposes of personal data processing."Processing" means any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, use, disclosure, erasure, or destruction.

3. INFORMATION WE COLLECT

3.1 Information You Provide Directly - We collect personal data that you voluntarily provide to us when you:
‍Account Registration:
- Full name
- Email address
- Phone number
- Agricultural background and experience
- Farm location details (state, district, village)
- Crop types you cultivate
- Land size and farm area
- Username and password
Farm Management Features:
- Field maps and location coordinates
- Crop varieties and planting dates
- Pesticide and fertilizer application records
- Harvest dates and yields
- Equipment and machinery details
- Financial records and costs
- Soil test reports
- Weather observations and notes
Communication:
- Messages sent through the App's community forums
- Support tickets and customer service inquiries
- Feedback and surveys
- Photos of crops, fields, or pest identification
Payment Information:
- Payment method details (credit card, debit card, UPI, bank transfer)
- Transaction history and billing information
- Subscription preferences

3.2 Information Collected Automatically - When you use the App, we automatically collect certain information:
‍Device Information:
- Device type, model, and operating system
- Device identifiers (IDFA, Android ID)
- Mobile network information
- Device settings and specifications
‍Usage Information:
- Features accessed and time spent
- Pages or content viewed
- Clicks and interactions within the AppSearch queries and filters used
- Error messages and troubleshooting information
Location Information:
- GPS coordinates when you enable location services
- Precise location data for field mapping
- Approximate location based on IP address
- Location history for farm management tracking
Technical Information:
- IP addressBrowser type and version
- Referring URL
- Timestamp of access
- Crash reports and performance data
‍Cookies and Similar Technologies:
- First-party cookies for authentication and preferences
- Analytics cookies to understand usage patterns
- Marketing cookies (only with your consent)

3.3 Information from Third Parties - We may collect information about you from:
- Weather data providers (temperature, rainfall, wind patterns)
- Agricultural extension services and government databases
- Market information providers
- Payment processors and financial institutions
- Third-party analytics servicesSocial media platforms
- Publicly available sources

4. PURPOSE OF DATA COLLECTION AND PROCESSING

We collect and process your personal data for the following lawful purposes:

4.1 Core Service Delivery
- Creating and maintaining your account
- Providing farm management features
- Recording and storing your farm data
- Generating reports and analytics
- Enabling field mapping and crop tracking
- Providing weather forecasts and agricultural guidance

4.2 Communication and Support
- Responding to your inquiries and support requests
- Sending service-related announcements and updates
- Notifying you about changes to the App or services
- Administrative communications

4.3 Improvement and Development
- Analyzing usage patterns to improve the App
- Developing new features and functionality
- Conducting research and analytics
- Testing and troubleshooting
- Personalizing your experience

4.4 Legal and Compliance
- Complying with legal obligations
- Enforcing our Terms of Use and other agreements
- Protecting against fraud and illegal activity
- Maintaining records for regulatory purposes
- Responding to government requests

4.5 Marketing and Business Development
- Sending promotional emails and offers (only with your consent)
- Conducting surveys and collecting feedback
- Market research and trend analysis
- Sending newsletters about agriculture topics

4.6 Data Security and Safety
- Detecting and preventing fraud, abuse, and security incidents
- Protecting the App and users from malicious activity
- Maintaining the integrity and availability of the App

5. LAWFUL BASIS FOR PROCESSING

Under the DPDP Act, 2023, we process your personal data only on the following lawful bases:

5.1 Consent - For most processing activities, we collect and maintain your explicit, informed, and voluntary consent. You can withdraw consent at any time through the App settings or by contacting our Data Protection Officer.

5.2 Performance of Contract - We process data necessary to provide the App services and fulfill our obligations under the Terms of Use.

5.3 Compliance with Legal Obligation - We process data when required by Indian laws, including the IT Act, CPA, and tax regulations.

5.4 Protection of Vital Interests - We may process data to protect your vital interests or the vital interests of other individuals.

5.5 Performance of Public Function - We may process data when necessary to perform functions in the public interest, such as agricultural development.

6. DATA SHARING AND DISCLOSURE

6.1 We Do NOT Sell Your Data - We do not sell, rent, or trade your personal data to third parties for commercial purposes.

6.2 Sharing with Service Providers - We may share your personal data with third-party service providers who perform services on our behalf, including:
- Cloud storage and hosting providers
- Payment processors and financial institutions
- Email and communication service providers
- Analytics and monitoring services
- Customer support platforms
- Weather data and agricultural information providers
- Data security and encryption providers
- All service providers are bound by confidentiality agreements and Data Processing Agreements in compliance with the DPDP Act.

6.3 Sharing with Agricultural Partners - With your explicit consent, we may share aggregated or anonymized farm data with:
- Agricultural research organizations
- Government agricultural departments
- Agricultural extension services
- University agricultural research programs
- Non-profit agricultural development organizations
Such sharing will be for improving agricultural practices and research purposes only.

6.4 Legal Disclosures - We may disclose your personal data when required by law or in response to:
- Court orders or legal processes
- Government agency requests
- Law enforcement inquiries
- Subpoenas or legal summons
- Protection of legal rights and safety

6.5 Business Transfers - If Samyoga Agrow Private Limited is involved in a merger, acquisition, bankruptcy, or asset sale, your personal data may be transferred as part of that transaction. We will provide notice before your data becomes subject to a different privacy policy.

6.6 Aggregated and Anonymized Data - We may share aggregated, anonymized, or de-identified data that cannot reasonably identify you for:
- Research and analytics
- Market trends and reports
- Benchmarking and comparison studies
- Public agriculture statistics

7. DATA RETENTION

7.1 Retention Period - We retain your personal data for as long as:
- Your account is active
- We need it to provide services to you
- It is required by applicable Indian law
- It is necessary to fulfill the stated purpose

7.2 Account Data Retention
‍Active Account:
- Farm data, records, and account information are retained while your account is active.
‍Inactive Account:
- If your account remains inactive for 24 months, we will notify you.
- Your data will be retained for an additional 6 months, after which we may delete it unless you reactivate your account.
‍Closed Account:
- Upon account closure, we will retain data for 90 days to address any pending issues.
Personal data will then be deleted, except where:
- Retention is required by law
- Data is necessary for legal claims
- Data is used for legitimate business purposes

7.3 Specific Data Categories
‍Payment Information:
- Retained for 7 years for tax and accounting purposes, as required by Indian income tax law
Support Communications:
- Retained for 3 years
‍Usage and Analytics Data:
- Retained for 2 years
Location Data:
- Retained for 1 year after last use
‍Cookies:
- Retained as per cookie-specific settings (typically 1-2 years)

7.4 Deletion Requests - You can request deletion of your personal data at any time. We will delete your data within 30 days, except where:
- Legal obligations require retention
- Data is necessary to prevent fraud or abuse
- Data is needed for legitimate business purposes

8. DATA SECURITY

8.1 Security Measures - We implement comprehensive security measures to protect your personal data:
‍Technical Security:
- End-to-end encryption for sensitive data
- SSL/TLS encryption for data in transit AES-256 encryption for data at rest
- Secure password hashing (bcrypt or similar)
- Regular security audits and penetration testing
- Firewalls and intrusion detection systems
- Secure APIs and authentication protocols
‍Organizational Security:
- Data access restrictions and role-based permissions
- Employee training on data protection
Confidentiality agreements with all staff
- Secure data handling procedures
- Background checks for employees with data access
Secure data handling procedures
- Background checks for employees with data access
Physical Security:
- Secure data centers with access controls
- CCTV monitoring and surveillance
- Environmental controls for equipment protection
- Regular security inspections

8.2 Limitations - While we employ industry-standard security measures, no security system is impenetrable. We cannot guarantee absolute security. Transmission of data via the internet carries inherent risks.

8.3 Your Responsibility - You are responsible for maintaining the confidentiality of your login credentials and password. Do not share your credentials with others, and immediately notify us of any unauthorized access.

9. DATA BREACH NOTIFICATION

9.1 Breach Definition - A data breach means unauthorized access, disclosure, alteration, or destruction of personal data held by us.

9.2 Notification Protocol - In the event of a personal data breach affecting you, we will:
- Notify within 72 hours to the data principal and affected individuals
- Provide details including:Nature and scope of the breach
- Types of personal data affected
- Likely consequences of the breach
- Steps taken to mitigate harm
- Our contact information and remedial measures
- Notify authorities as required by law
- Maintain records of all breaches and notifications

9.3 Breach Investigation
Upon discovering a breach, we will:
- Immediately secure the affected data
- Conduct a thorough investigation
- Implement corrective measures
- Notify relevant authorities
- Preserve evidence for potential legal proceedings

10. YOUR RIGHTS AS A DATA PRINCIPAL

Under the DPDP Act, 2023, you have the following rights:

10.1 Right to Know - You have the right to know whether your personal data is being processed by us. You can request:
- Confirmation of processing
- Categories of data processed
- Purpose of processing
- Duration of retention
- Recipients of your data
‍How to Exercise:
Submit a written request to our Data Protection Officer at legal@cultiveda.com.
‍Response Time:
We will respond within 30 days.

10.2 Right to Access - You have the right to access your personal data. You can request:
- A copy of your personal data in a structured, commonly used format
- Information about our data processing activities
‍How to Exercise:
- Use the "Download My Data" feature in the App, or contact our Data Protection Officer.
‍Response Time:
We will provide your data within 30 days in a portable format.

10.3 Right to Correction - You have the right to correct inaccurate, incomplete, or outdated personal data.

‍How to Exercise: Update your information in the App settings, or submit a correction request to legal@cultiveda.com.
‍Response Time: We will correct your data within 30 days.

10.4 Right to Erasure (Right to Be Forgotten) - You have the right to request erasure of your personal data in certain circumstances:
- Data is no longer necessary for the stated purpose
- You withdraw your consent
- Processing is unlawful
- Legal obligation requires erasure
‍
‍Exceptions: We may retain data if:
- Legal obligations require retention
- Data is necessary for legal claims
- Data is used to prevent fraud or harm
‍
‍How to Exercise: Submit an erasure request to legal@cultiveda.com.Response Time: We will process requests within 30 days.

10.5 Right to Restrict Processing

You have the right to restrict processing of your personal data in certain circumstances, such as when:Accuracy is disputedProcessing is unlawfulData is no longer needed but you need it for legal claimsYou object to processingHow to Exercise: Request processing restriction at legal@cultiveda.com.Effect: Restricted data will be stored but not actively used.

10.6 Right to Withdraw Consent - You can withdraw your consent for data processing at any time. This applies to processing based on your consent only.How to Exercise: Submit a withdrawal request through the App settings or email legal@cultiveda.com.

‍Effect: Withdrawal does not affect processing that occurred before withdrawal.

10.7 Right to Grievance Redressal - You have the right to lodge a grievance with us if you believe your data has been processed inappropriately.

‍How to Exercise: Submit a grievance through the App or email grievance@cultiveda.com.

‍Response Time: We will acknowledge receipt within 5 business days and resolve within 30 days.

10.8 Right to Data Portability - You have the right to obtain and reuse your personal data in a structured, commonly used, machine-readable format.

‍How to Exercise: Request data portability at legal@cultiveda.com.

‍Format: We will provide data in standard formats (CSV, JSON, PDF).

11. CHILDREN'S PRIVACY

The App is not intended for children under 18 years of age. We do not knowingly collect personal data from children. If we become aware that a child has provided personal data, we will promptly delete such information and terminate the child's account.If you believe a child has provided personal data, please notify us immediately at legal@cultiveda.com.

12. COOKIES AND TRACKING TECHNOLOGIES

12.1 Types of Cookies - We use the following types of cookies:
Essential Cookies:
- Authentication and login
- Session management
- Security and fraud prevention
- User preferences
Analytical Cookies:
- Usage statistics and analytics
- Feature performance
- User behavior analysis
Marketing Cookies:
- Personalized advertising (only with consent)
- Campaign effectiveness

12.2 Cookie Management - You can control cookies through your device settings:
- Accept or reject cookies
- Delete cookies
- Set cookie preferences
However, disabling essential cookies may affect App functionality.

12.3 Third-Party Tracking - Third-party services may use cookies and tracking pixels. You can opt-out of third-party tracking through:Your device privacy settingsThird-party opt-out mechanismsOur App settings

13. LOCATION INFORMATION

13.1 Location Data Collection - We collect location data to provide farm mapping and field management features. Location data includes:
- GPS coordinates of your farm
- Precise location of fields
- Location history for field tracking

13.2 Location Permissions - Location data is collected only when:
- You grant location permissions in your device settings
- You explicitly enable location services in the App
- You are actively using location-based features

13.3 Location Data Use - We use location data to:
- Create field maps and boundaries
- Provide location-specific weather data
- Track field activities
- Generate location-based reports

13.4 Location Data Sharing - We do not share your precise location with third parties without your explicit consent, except:
- Anonymized location data for agricultural research
- Aggregated location data for market trends
- Law enforcement requests

13.5 Location Privacy Controls
You can:
- Disable location services in the App anytime
- Restrict location sharing to specific features
- Delete location history
- Request location data erasure

14. THIRD-PARTY SERVICES AND LINKS

14.1 Third-Party Integrations - The App may integrate with third-party services for:
- Weather data
- Agricultural information
- Market prices
- Payment processing
- Social media

14.2 Third-Party Privacy - We are not responsible for the privacy practices of third-party services. Please review their privacy policies before using their services.

14.3 Third-Party Links - The App may contain links to external websites. We are not responsible for the privacy practices of external sites. Always review their privacy policies.

15. INTERNATIONAL DATA TRANSFERS

15.1 Data LocationYour personal data is primarily stored and processed in India, in accordance with Indian law.

15.2 Cross-Border TransfersWe do not transfer personal data outside India unless:Required by lawYou explicitly consentNecessary for service provisionInternational data processing agreements are in place

15.3 Data ProtectionAny international transfers will be subject to appropriate safeguards under the DPDP Act and applicable laws.

16. GRIEVANCE REDRESSAL AND DISPUTE RESOLUTION

16.1 Internal Grievance Mechanism
‍Step 1 - Lodge a Grievance:
- Submit your grievance to our Grievance Officer
- Email: grievance@cultiveda.com
- Phone: +91 98208 09527
- In-App: Grievance section in settings
‍Step 2 - Acknowledgment:
- We will acknowledge receipt within 5 business days
- Provide you with a grievance reference number
Step 3 - Investigation:
- Our team will investigate within 20 business days
- May request additional information
‍Step 4 - Resolution:
- We will provide our response within 30 days
- Explain remedial measures taken

16.2 Data Protection Officer - Concerns about data protection practices can be directed to:
Data Protection Officer:
‍Email: legal@cultiveda.com
‍Phone: +91 98208 09527
Address: 17, 2nd Floor, 7th Main Road, II Stage, Indiranagar, Bangalore - 560038

16.3 Regulatory Authorities - If you are not satisfied with our response, you can:
- File a complaint with relevant data protection authorities
- Approach consumer protection commissions
- Seek legal recourse under applicable laws

16.4 Dispute Resolution - Disputes regarding privacy practices will be resolved through:
- Mutual discussion (30 days)
- Arbitration under the Arbitration and Conciliation Act, 1996
- Consumer commissions (for consumer protection matters)
- Courts of competent jurisdiction in Bangalore, India

17. SPECIAL CATEGORIES OF DATA

17.1 Sensitive Personal DataCertain data you may provide is considered sensitive:
- Health and wellness information (crop diseases)
- Financial data (costs, yields, income)
- Farm-specific location data
- Government identifiers

17.2 Enhanced Protection - Sensitive data receives enhanced protection:
- Higher encryption standards
- More restricted access
- Additional security measures
- Explicit consent requirements

17.3 Sensitive Data Use - We use sensitive data only for:
- Providing essential services
- Compliance with legal obligations
- Protection of vital interests
- Your explicit request

18. POLICY UPDATES AND CHANGES

18.1 Amendments - We may update this Privacy Policy to reflect:
- Changes in our practices
- New legal requirements
- Technological advancements
- User feedback

18.2 Notification of Changes - We will notify you of material changes by:
- Updating the "Last Updated" date
- Sending email notification
- In-App notification
- Prominent posting on our website

18.3 Continued Use - Your continued use of the App after 30 days of notification constitutes acceptance of the updated Privacy Policy.

19. CONTACT INFORMATION - For privacy-related questions, concerns, or to exercise your rights, please contact:
‍Samyoga Agrow Private Limited
Mailing Address:17, 2nd Floor, 7th Main RoadII Stage, IndiranagarBangalore - 560038 India
‍Email Contacts:
- General Privacy Inquiries: legal@cultiveda.com
‍- Data Protection Officer: legal@cultiveda.com
- Grievance Officer: grievance@cultiveda.com
- Support: support@cultiveda.com
- Phone:+91 98208 09527
‍Response Time:
- We will respond to all privacy inquiries within 10 business days.

20. ADDITIONAL INFORMATION

20.1 Consumer Protection Act Compliance - This Privacy Policy complies with the Consumer Protection Act, 2019, including your right to:
- Know about data collection and use
- Seek information about our practices
- File complaints with consumer commissions
- Obtain redressal for privacy violations

20.2 Information Technology Act Compliance - This Privacy Policy implements security practices as per Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

20.3 Regulatory FrameworkThis Privacy Policy operates under:
- Digital Personal Data Protection Act, 2023
- Information Technology Act, 2000
- Consumer Protection Act, 2019
- Indian Contract Act, 1872

Applicable state laws and regulations
- Version 1.0 - DPDP Act 2023, IT Act 2000, and CPA 2019 Compliant