Your Privacy Matters
This Privacy Policy describes how Neytiri Eywafarm Agritech Private Limited collects, uses, processes, stores, shares, and protects personal data in connection with the RootsTalk platform.
Last updated: February 5, 2026
Introduction and Scope
This Privacy Policy describes how Neytiri Eywafarm Agritech Private Limited ("Company", "we", "us", "our") collects, uses, processes, stores, shares, and protects personal data and other information in connection with the RootsTalk platform ("Platform").
Legal Framework and Definitions
Applicable Law
This Policy is framed in accordance with:
Data Fiduciary and Data Processor
Data Fiduciary: The Company acts as a "Data Fiduciary" in relation to Personal Data collected directly by it.
Data Processor: In relation to Client-controlled data, the Company acts as a "Data Processor" on behalf of the Client.
Key Definitions
Data We Collect
The Company collects only such data as is reasonably necessary to provide, operate, improve, and secure the Platform.
Personal Identification
- • Name
- • Mobile number
- • Email address (where provided)
- • Age or date of birth
- • Profile photographs (voluntary)
Account & Role Information
- • User role (farmer, dealer, facilitator, expert)
- • Organisation affiliation
- • Designation and responsibilities
- • Account preferences and settings
Agricultural & Farm Information
- • Crop details
- • Sowing and harvesting dates
- • Land and field identifiers
- • Soil and nutrient information
- • Pest, disease observations
- • Farm practice records
Transaction Information
- • Subscription details
- • Order and purchase records
- • Payment confirmations
- • Allocation and usage history
Note: We do not store full payment card or banking details.
Device & Technical Information
- • Device type and model
- • Operating system and app version
- • IP address
- • Network connectivity information
- • System logs and error reports
Media Content
- • Photos of crops, pests, or fields
- • Audio recordings for support
- • Videos (where voluntarily uploaded)
- • Location data (with consent)
Used only for diagnosis, advisory, and support purposes.
Data Minimisation Principle
We endeavour to collect only such data as is necessary for the stated purposes and avoid excessive or irrelevant data collection.
Purpose of Collection and Use of Data
The Company collects and processes data only for legitimate, lawful, and transparent purposes connected with operation of the Platform.
Provision of Services
- • Create and manage user accounts
- • Enable access to Platform features
- • Deliver agricultural advisories
- • Manage subscriptions and orders
Personalisation
- • Tailor advisories to specific crops
- • Maintain advisory coherence over time
- • Avoid repetitive recommendations
- • Align with past actions
Communication & Support
- • Respond to queries and requests
- • Facilitate expert consultations
- • Send operational notifications
- • Communicate important updates
Platform Improvement
- • Analyse system performance
- • Identify and fix technical issues
- • Enhance usability and reliability
- • Develop new features
Security & Compliance
- • Detect and prevent fraud or misuse
- • Ensure system security
- • Enforce Terms and Conditions
- • Comply with legal requirements
Business Operations
- • Manage billing and payments
- • Maintain records and audit trails
- • Conduct internal reporting
- • Manage contractual relationships
No Unauthorised Commercial Exploitation
We do NOT use Personal Data for:
- • Third-party advertising
- • Sale of user profiles
- • Unsolicited marketing
- • Behavioural profiling unrelated to Platform services
Consent and User Rights
Lawful Basis and Consent
• The Company processes Personal Data only on lawful grounds, including user consent, contractual necessity, and legal obligations.
• Where required by law, explicit consent is obtained before collecting or processing Personal Data.
• Users may withdraw consent at any time, subject to legal and contractual limitations.
Your Rights
No Retaliation
The Company shall not deny services, impose unreasonable conditions, or discriminate against Users for exercising their lawful data rights.
Data Sharing and Disclosure
The Company does not sell, rent, or trade Personal Data to third parties.
We share data only in limited and lawful circumstances:
With Clients and Authorised Participants
Personal Data may be shared with relevant Clients and their authorised ecosystem participants (dealers, facilitators, experts) solely for delivering services through the Platform.
With Service Providers
We may engage trusted third-party providers for cloud hosting, payment processing, messaging, analytics, and customer support. They are contractually bound to process data only in accordance with this Policy.
For Legal and Regulatory Purposes
We may disclose data to comply with laws, respond to lawful requests from authorities, enforce legal rights, or protect safety and security.
In Corporate Transactions
In the event of merger, acquisition, or sale of assets, data may be transferred. Any recipient shall be bound by similar data protection obligations.
Aggregated and Anonymised Data
We may share anonymised and aggregated data for research and analytical purposes. Such data shall not identify any individual user.
Data Storage and Security
Data Storage
Personal Data and Client Data are primarily stored on secure servers located in India. Where required for technical or operational reasons, limited data may be stored or processed outside India in compliance with applicable laws.
Security Safeguards
Access Controls
Authentication mechanisms & need-to-know basis
Encryption
Data encryption where appropriate
Secure Servers
Protected storage environments
Monitoring
System monitoring & intrusion detection
Backups
Regular backups & recovery procedures
Reviews
Periodic security reviews
User Responsibilities
• Safeguarding your login credentials
• Using secure devices and networks
• Promptly reporting suspected misuse
While the Company uses reasonable efforts to protect data, no system can be guaranteed to be completely secure. Users acknowledge and accept residual risks inherent in digital systems.
Data Retention and Deletion
The Company retains Personal Data and Client Data only for as long as is necessary to fulfil the purposes for which it was collected.
Retention Principles
Retention periods are determined based on contractual obligations, legal requirements, operational needs, and dispute resolution requirements.
Active Account Retention
Data associated with active user accounts shall be retained for the duration of the account's activity.
Post-Termination Retention
Upon termination, data may be retained for a reasonable period to complete services, comply with legal obligations, resolve disputes, and support audits. Thereafter, data shall be securely deleted or anonymised.
Anonymisation
Where feasible, data may be anonymised and retained for analytical and research purposes. Such data shall not identify individual users.
Backup Data
Deleted data may remain in backup systems for limited periods, securely protected and not used for active processing.
Cross-Border Data Transfers
Primary Data Storage in India
The Company stores and processes Personal Data and Client Data primarily on servers located within India, reflecting our commitment to data sovereignty and compliance with Indian law.
Limited Cross-Border Processing
In certain circumstances, limited data may be processed or accessed outside India for technical, operational, or support purposes. Such processing shall occur only where necessary and permissible under applicable law.
Legal and Contractual Safeguards
Where cross-border processing occurs, we ensure appropriate contractual protections, reasonable technical safeguards, and data protection at standards substantially equivalent to Indian law.
Regulatory Compliance
All cross-border transfers comply with the Digital Personal Data Protection Act, 2023 and related regulations. We monitor regulatory developments and update practices accordingly.
Children and Minors
The Platform is intended for use by individuals who are legally capable of entering into binding contracts under applicable law. As a general rule, the Platform is designed for adult users.
Processing of Minor Data
Where Personal Data of a minor is collected, it shall be carried out in accordance with the Digital Personal Data Protection Act, 2023. We shall obtain verifiable consent from a parent or lawful guardian where required by law.
Limited Collection
The Company does not knowingly collect Personal Data from minors without appropriate legal basis. Data relating to minors shall be limited to what is strictly necessary for Platform functionality.
Prohibited Uses
The Company does NOT:
- • Engage in targeted advertising directed at minors
- • Undertake behavioural tracking of minors
- • Profile minors for commercial purposes
Parents or lawful guardians may exercise data rights on behalf of minors. If we become aware that Personal Data of a minor has been collected in violation of applicable law, we shall take reasonable steps to delete or restrict such data.
Grievance Redressal and Contact
In accordance with applicable law, the Company has appointed a Grievance Officer to address concerns relating to data protection and privacy.
Grievance Officer Contact
Designation: Grievance Officer - Data Protection
Company: Neytiri Eywafarm Agritech Private Limited
Email: support@eywa.farm
Address: #1238, 4th Floor, HIG, B Sector, Yelahanka New Town, Bangalore 560064, Karnataka, India
Phone: 08042107702
Filing a Grievance
Users may submit grievances relating to:
- • Collection or use of Personal Data
- • Denial of data rights
- • Security incidents
- • Unauthorised disclosures
- • Policy violations
Response Timeline
Acknowledgement within 7 business days. Resolution within 30 days or as prescribed by law.
No Retaliation
The Company shall not take adverse action against any User for raising a genuine grievance.
Policy Updates and Governance
Policy Review and Updates
The Company may review and update this Privacy Policy to reflect changes in law, Platform functionality, technological developments, or business practices. Material changes shall be communicated through the Platform.
Effective Date
This Policy is effective from the date published. Continued use of the Platform after updates constitutes acceptance of the updated Policy.
Internal Governance
The Company maintains internal policies, procedures, and controls to support compliance. Relevant personnel are trained on data protection and privacy obligations.
Consistency with Other Documents
This Policy shall be read in conjunction with the Terms and Conditions. In the event of inconsistency, the Terms and Conditions shall prevail, subject to applicable law.
Governing Law
This Policy shall be governed by and construed in accordance with the laws of India.
Contact Us
If you have questions about this Privacy Policy, please contact us: