Privacy Policy

1. Introduction

This Privacy Policy explains how Agrythm Technologies Private Limited collects, uses, stores, shares, protects and otherwise processes personal data and related farm/business data through its website, TrustOS platform, dashboards, forms, QR crop passport pages, field onboarding processes, communications and associated services.

This Privacy Policy is intended to align with applicable Indian law, including the Digital Personal Data Protection Act, 2023, the Digital Personal Data Protection Rules, 2025 as applicable in phases, and relevant Information Technology rules and security practices, as updated from time to time.

2. Who We Are

Agrythm Technologies Private Limited is a private limited company incorporated in India, with CIN U62013KA2025PTC205179, operating from Bidar, Karnataka. Agrythm provides agritech decision-support, residue-compliance support, traceability, crop intelligence, data validation and related services through TrustOS and associated workflows.

3. Scope of This Policy

This Policy applies to personal data collected from website visitors, farmers, FPO members, institutional users, buyers, exporters, processors, vendors, partners, job applicants, event participants, field staff, advisors and other individuals interacting with Agrythm. It also describes how Agrythm handles farm-level, crop-level and organisation-level information where such information relates to identifiable individuals.

4. Personal Data We May Collect

Term Meaning
Identity and contact data Name, mobile number, email address, address, village, taluka, district, state, user role, organisation name, designation and account credentials.
Farmer and farm profile data Farmer ID, FPO/member information, crop, variety, sowing/planting date, farm area, land location, geotag, farm boundary, ownership/lease details where collected, irrigation source, soil/water attributes and crop history.
Agronomic and operational data Input usage, spray records, fertilizer records, pest/disease observations, photos, videos, field visit notes, sample records, lab reports, weather-linked observations, harvest and yield information.
Platform usage data Log-in records, pages viewed, device/browser information, IP address, cookies, dashboard activity, QR scan information, feature usage, support requests and communication history.
Transaction and billing data Invoices, payment status, GST details, billing address, subscription details, purchase orders and payment references. Payment card/UPI credentials are generally processed by payment gateways and not stored by Agrythm unless expressly stated.
Communications data Emails, call notes, WhatsApp/SMS/IVR records, consent records, grievance records, survey responses and feedback
Institutional/project data Authorised user details, project contacts, API usage, dashboard access logs, project documents, reports and partner coordination data.

5. Sources of Data

  • Data provided directly by users through forms, registration, calls, WhatsApp, field onboarding, dashboards or documents.
  • Data collected by Agrythm field teams, advisors, operators, agronomists or authorised representatives.
  • Data from FPOs, buyers, exporters, processors, government bodies, research partners or institutional customers, where lawful and authorised.
  • Data from sensors, weather stations, drones, satellite/geospatial tools, lab partners, logistics partners, public datasets, APIs and third-party service providers.
  • Data generated by TrustOS through analysis, scoring, advisory logic, dashboards, reports and QR crop passport workflows.

6. Purposes of Processing

  • To register, verify, onboard and manage users and organisations.
  • To deliver crop planning, advisory, monitoring, anomaly alerts, field intelligence, traceability, QR crop passports and compliance-support services.
  • To analyse soil, water, weather, crop history, geospatial, spectral, input, pest/disease and market-related data for decision support.
  • To coordinate field visits, sample collection, lab testing, residue-risk workflows, harvest mapping, buyer matching and logistics support.
  • To provide dashboards, reports, APIs, aggregate analytics and institutional services.
  • To process payments, invoices, subscriptions, service orders and tax compliance.
  • To communicate service updates, advisories, reminders, alerts, support responses, training information and legally required notices.
  • To improve products, develop models, build anonymised/aggregated datasets, test accuracy, prevent fraud, ensure security and conduct audits.
  • To comply with law, enforce terms, resolve disputes, respond to authorities and protect rights, safety and platform integrity.

7. Legal Basis and Consent

Agrythm processes personal data for lawful purposes. Depending on the context, processing may be based on consent, contractual necessity, compliance with law, legitimate business operations, user-requested services, employment/vendor management, security, fraud prevention, dispute handling or other lawful grounds available under applicable Indian law.

Where consent is required, Agrythm will seek consent through appropriate notices, forms, checkboxes, OTP workflows, written consents, onboarding documents or contractual documentation. Users may withdraw consent where applicable, but withdrawal may affect our ability to provide services, maintain traceability, generate advisories or continue contractual workflows.

8. Cookies and Similar Technologies

The website may use cookies, pixels, tags, analytics tools, log files and similar technologies to operate the website, remember preferences, improve security, measure usage, diagnose issues, improve services and support marketing or outreach. Users can manage cookies through browser settings; disabling some cookies may affect functionality.

9. Sharing of Data

Agrythm may share personal data and related farm/project data with the following categories of recipients where necessary and lawful:

  • Cloud hosting, IT infrastructure, analytics, security, payment gateway, communication, CRM, helpdesk and software service providers.
  • Field teams, agronomists, advisors, researchers, drone/satellite/geospatial partners, lab/testing partners, logistics partners and authorised contractors.
  • FPOs, institutional customers, exporters, buyers, processors, banks, insurers, ESG/carbon stakeholders or government bodies where such sharing is part of an authorised service workflow, project, contract, crop passport, compliance process or user instruction.
  • Professional advisers, auditors, lawyers, accountants, insurers and consultants.
  • Regulators, courts, law enforcement, government authorities or public bodies where required by law or to protect rights, safety and platform integrity.
  • Successors or investors in connection with merger, acquisition, financing, restructuring or transfer of business, subject to confidentiality and applicable law.

10. Public QR Crop Passports and Traceability Pages

Where QR crop passports or traceability pages are generated, certain crop-lot information may be visible to buyers, consumers, auditors, partners or the public depending on the design of the QR workflow. Public-facing QR pages should avoid displaying unnecessary personal data. Agrythm may display crop, lot, location-level, compliance, harvest, lab or traceability details as configured for the relevant project.

11. Data Retention

Agrythm retains personal data and related farm/project records for as long as necessary for service delivery, crop-cycle continuity, traceability, compliance, contracts, audits, tax/accounting, dispute resolution, model validation, legal obligations and legitimate business purposes. Retention periods may vary by data type, crop cycle, customer contract, regulatory requirement and project need.

  • Account and contact data: retained while the account or relationship is active and for a reasonable period thereafter.
  • Crop, traceability and compliance records: retained for the applicable crop cycle and for audit/compliance/business continuity periods.
  • Billing and tax records: retained as required under applicable tax, accounting and corporate laws.
  • Anonymised or aggregated data: may be retained indefinitely, provided it no longer identifies an individual.

12. Security Measures

Agrythm uses reasonable security safeguards appropriate to the nature of data and risk, which may include access controls, role-based permissions, password/OTP workflows, encryption where appropriate, secure cloud configuration, backups, logging, vulnerability management, employee/contractor controls, confidentiality obligations, data minimisation and incident response processes.

No system is fully secure. Users must protect their credentials, devices and communication channels, and must immediately report suspected unauthorised access or data misuse.

13. Personal Data Breach

If Agrythm becomes aware of a personal data breach affecting users, Agrythm will take reasonable steps to contain, assess, mitigate and notify affected persons and authorities as required by applicable law and timelines then in force.

14. Children's Data

Agrythm’s services are intended for adults and organisations involved in agriculture and related ecosystems. The Platform is not directed at children. Agrythm does not knowingly seek to collect children’s personal data through the website. If any service specifically involves minors, Agrythm will implement consent and safeguards required under applicable law before processing such data.

15. International Transfers

Agrythm may use cloud, software or service providers located in India or outside India. Where personal data is transferred or accessed outside India, Agrythm will take steps required under applicable Indian law, contractual safeguards and any government-notified restrictions that may apply from time to time.

16. Your Rights

Subject to applicable law, users may have rights to access information about processing, seek correction, update or erasure of personal data, withdraw consent, submit grievances and nominate another person to exercise rights in case of death or incapacity, as applicable under Indian data protection law.

  • To exercise rights, contact the Grievance Officer / Data Protection Contact listed below.
  • Agrythm may verify identity and authority before acting on a request.
  • Some requests may be restricted where retention is required for legal, contractual, traceability, audit, dispute, fraud-prevention or legitimate business reasons.

17. User Duties

Users must provide authentic information, avoid impersonation, avoid suppressing material information, respect others’ privacy, use grievance mechanisms responsibly, and comply with applicable law while submitting or using data through the Platform.

18. Marketing and Outreach

Agrythm may send service updates, newsletters, product updates, events, training opportunities, farmer programmes, institutional updates or marketing communications where permitted by law. Users may opt out of non-essential marketing communications through the method provided in the communication or by contacting Agrythm. Essential service, security, legal and transaction communications may continue.

19. Third-Party Links

The website or dashboards may contain links to third-party websites, payment pages, government portals, lab portals, map services, partner platforms or social media pages. Agrythm is not responsible for third-party privacy practices. Users should review third-party policies before submitting data.

20. Changes to This Privacy Policy

Agrythm may update this Privacy Policy periodically to reflect changes in law, technology, business model, services, partners, data practices or security measures. The updated version will be posted on the website with an updated effective date. Continued use of services after publication means acceptance of the revised Policy, subject to applicable law.

21. Grievance Officer / Data Protection Contact

Before publication, Agrythm should designate a clear privacy/grievance contact. Suggested website language:

  • Grievance Officer / Data Protection Contact: Chetan Dabke
  • Designation: CEO
  • Email: chetan@agrythm.com
  • Postal Address: Agrythm Technologies Pvt. Ltd., KEB Colony, Bidar, Karnataka, INDIA
  • Response timeline: Agrythm will acknowledge and resolve grievances in accordance with applicable law and internal procedures.
whatsapp
Scroll