Privacy Policy

At The Crop Co, the trust of our farmers, retailers, partners, and consumers is at the very core of everything we do. As a company dedicated to connecting farms with markets through a transparent, efficient, and sustainable supply chain, the way we handle information is an extension of our values.

Personal identification information: name, contact number, email address, postal address, and PIN code. Government identifiers (PAN, Aadhaar, GSTIN) may be collected where legally required.

Farmer & vendor details: farm registration, business licenses, certifications for verification and partnerships.

Transactional & business information: purchase orders, invoices, financial details, and payment history for transparency, reconciliation, and compliance.

Logistics: packaging, warehouse records, and proof of delivery to ensure produce reaches destination reliably.

Our digital platforms may collect device details, IP address, browser type, location data, and activity logs to secure platforms, improve user experience, and optimise services.

We may collect voluntarily shared information such as feedback, surveys, marketing preferences, and testimonials. Sensitive personal data is generally not collected, except in limited cases (e.g., financial authentication) with explicit consent and safeguards.

We also create aggregated, non-identifiable datasets (for example: average supply volumes or seasonal demand trends) to innovate without compromising individual privacy.

Sources of data: direct interactions, automated collection via web/app, trusted partners (logistics/payment gateways), and public/regulatory sources.

We collect only what is necessary, use information for legitimate purposes, and protect it with reasonable safeguards. Information is treated as trust — we handle it responsibly to protect farmers, vendors, and consumers.

Your information helps us process orders, coordinate deliveries, manage transactions, maintain records for taxation and compliance, match farmers with retailers, optimise logistics, and reduce waste.

We use analytics & aggregated data to personalise experiences, design services for stakeholders, study market trends, and develop products. Promotional communication is optional and you can opt out.

We also use information to protect platform security, detect fraud, prevent misuse, and safeguard stakeholders.

We do not sell, rent, or exploit personal information. Data sharing is limited to legitimate business operations, legal compliance, and protection of stakeholder rights.

Internal sharing

Information may be shared across departments (logistics, technology, finance, customer service, compliance) to ensure smooth operations.

External partners

We may share necessary details with logistics providers, cold storage operators, packaging units, vendors, and retailers under contractual confidentiality and purpose-limited use.

Financial & compliance sharing

Financial details are shared with payment gateways, banks, auditors, or regulators only as needed and under secure protocols.

Corporate transactions

In mergers or fundraising scenarios, information may be shared with advisors or potential investors under NDA.

Aggregated & research sharing

We may share non-identifiable aggregated insights with research institutions, government bodies, or think tanks to improve the agricultural ecosystem.

Technology providers

Third-party IT hosting, cloud storage, or analytics platforms may access limited data to provide services and are contractually bound to strong data protection standards.

Government programs & NGOs

We may collaborate with government schemes or NGOs; when we share information for such partnerships it is controlled and transparent.

Sensitive personal information (bank credentials, authentication codes, government IDs) is shared only through secure channels and with explicit consent where applicable.

Stakeholders have meaningful choices: opt-out of marketing, limit disclosure where feasible, and request clarification about data sharing.

Cookies

Cookies are small files stored by your browser that help us recognise your device, remember preferences, and compile aggregate traffic data. You can manage cookies via browser settings; disabling cookies may affect site functionality.

We use cookies to understand preferences, compile aggregate data about site traffic and interactions, and to restrict software usage on defined machines to prevent unauthorized access.

We assign a unique random User ID via cookies to help improve user experience and track interactions. Cookies cannot read your hard drive. Advertisers may set their own cookies when you click ad banners — these are outside our control.

Our web servers also automatically collect limited information such as IP address to deliver pages and analyse geographic traffic patterns.

We respect your rights under applicable Indian laws (e.g., Information Technology Act, 2000) and global best practices. Core rights include:

• Right to Access: Request details of information we hold about you.
• Right to Rectification: Request corrections to incomplete or inaccurate data.
• Right to Deletion: Request deletion when data is no longer necessary (subject to legal limits).
• Right to Withdraw Consent: Withdraw consent for processing where consent was the basis.
• Right to Restrict Processing: Temporarily limit use of data under certain conditions.
• Right to Data Portability: Request a machine-readable copy of your data where technically feasible.
• Right to Object: Object to processing for specific purposes like direct marketing.
• Right to Raise Concerns: Contact us if you believe your rights were infringed; you may also approach regulatory authorities.

To exercise these rights, contact us with proof of identity. We will respond within a reasonable period and provide explanations if a request is refused.

We retain information only as long as necessary, lawful, and relevant. When no longer required, data is deleted, anonymized, or archived per regulations.

Examples

• Transaction Records: Preserved for statutory period (generally 8 years) for tax and audit compliance.
• Customer & Supplier Records: Kept while business relationship continues; minimal records may remain for dispute resolution.
• Marketing Data: Retained until you opt out or withdraw consent.
• Regulatory Data: Retained as required by regulators or contracts.
• Technical Logs: Kept for limited durations, then anonymized.

When retention expires, data is securely deleted, anonymized for analytics, or archived with restricted access.

We may revise this Privacy Policy to reflect changes in operations, technology, or law. Major changes will carry a new "Effective Date" and stakeholders will be notified by banners, email, or app notifications. Material changes may require renewed consent.

Continued use after updates indicates acceptance. If you disagree, you may discontinue using our services or exercise your rights.

For questions or requests, contact us at: