Policy

Privacy Policy

Effective Date: 15.01.2025

Last Updated on: 15.01.2025

1. General

Welcome to ANKUR+ Nursery ("we," "our," or "us"). This Privacy Policy outlines how we collect, use, manage, and protect the data of users, including Nurseries, Agri-Input Companies, and Buyers, who interact with our platform (the "Platform"). We collect your personal information and process your personal data in accordance with the IT Act, 2000 (21 of 2000) and other national and state laws which relate to the processing of personal data. Please read the following carefully to understand our views and practices regarding your personal data. By accessing or using the Platform, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information Provided by Users

We collect information that you provide to us when registering, listing products, or interacting with our services. This includes:

Account Information: Name, contact details, email address, and phone numbers.
Business Details: Company name, product descriptions, pricing, and other relevant business information.
Payment Information: Bank account details, billing information, and transaction history.
Communication: Messages, feedback, and queries sent through the Platform.

2.2 Automatically Collected Information

When you use the Platform, we may collect information automatically, including:

Usage Data: Log files, IP addresses, browser type, device identifiers, and pages viewed.
Cookies: To enable our systems to recognise your browser or device and to provide and improve our services, we use cookies and other identifiers and tracking technologies to enhance user experience, such as remembering preferences or analysing Platform performance.

2.3 Third-Party Data

We make available to you service, products, etc., provided by third parties through our Platform. The products you purchase through our Platform are provided by third-parties such as Nurseries and Agri-input companies etc. Thus, we may receive information from third-party sources, such as:

Payment processors: to confirm transactions and ensure successful transactions.
Transporters or logistics providers: to ensure timely delivery and storage updates and to coordinate the movement of products between Nurseries, Buyers and Warehouses.
Marketing Partners:Information about your preferences or interactions with promotional content to help us better target our services and offers.
3rd Party Analytics Providers:Aggregated insights into user behaviours and preferences to enhance the Platforms functionality and user experience.
Government Databases:To verify user identity or compliance with legal requirements where applicable.

3. How We Use Your Information

3.1 To Provide and Enhance Services

We use the information collected to:

Facilitate product listings, transactions, and communication between users.
Store and process data securely on the AWS platform to ensure scalability and reliability.
Provide optional services, such as transport or warehousing assistance.

3.2 To Improve User Experience

We analyse usage patterns to optimize Platform functionality.
Deliver personalized recommendations or promotional content wherever applicable.

3.3 To Ensure Security and Compliance

By way of the data collected we monitor for fraudulent activities or policy violations in order to take quick actions against such activities and violations.
To comply with legal, regulatory, or contractual obligations.

3.4 For Communication

To send transactional emails, notifications, or updates about the Platform.
To send update regarding your orders, financial transactions etc.
To respond to queries, support requests, or disputes.

4. Sharing of Information/ Transfer of Data

4.1 With Third Parties

We may share information with third parties under the following circumstances:

Service Providers: We work with various third-party service providers to ensure seamless operation of the Platform. Including but not limited to:

Payment Processing: Third-party payment gateways and financial institutions are used to process transactions securely. These providers may access billing and payment details solely for the purpose of ensuring successful transactions and resolving payment disputes.
Transport Logistics: External logistics providers coordinate the movement of products between nurseries, warehouses, and buyers. They handle pickup, transit, and delivery operations, ensuring the timely and safe handling of products. The Platform facilitates this service but does not directly manage logistics operations.
Cloud Storage (AWS):All user data is securely stored and managed on Amazon Web Services (AWS). AWS is compliant with industry standards, including ISO 27001 and SOC 2 certifications, ensuring high levels of security and availability for data processing and storage.

These providers adhere to strict contractual obligations to protect your data, and we ensure that their practices align with applicable data protection laws.

Legal Compliance: To comply with legal obligations, respond to government requests, or enforce our Terms and Conditions.
Business Transactions: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.
Marketing and Analytics Partners: We use these partners to analyse Platform Performance, target users with relevant promotional content and enhance user experience.

4.2 Data Protection Measures

Whenever your personal data is shared or transferred internationally, we ensure that:

The receiving country has been deemed to provide an adequate level of protection for personal data under applicable laws; or
We implement appropriate safeguards, such as standard contractual clauses, data processing agreements, or other legally recognised mechanism, to protect your data.

4.3 Your Consent: The transfer, processing, and storage of your personal data in countries outside your country of residence are subject to the terms of this Privacy Policy. By using our mobile application and providing your personal data, you acknowledge and agree to this terms.

4.4 Data Subject rights: You may have the right to request further information about these transfers or object to them by contacting us at support@ankurplus.com if you are situated in a jurisdiction that grants you specific rights over your personal data (e.g., the European Union under GDPR).

4.5 Aggregated or De-Identified Data

We may share aggregated or de-identified data that does not identify you personally for analytics, research, or marketing purposes. This data may encompass aggregated utilization patterns, statistical insights, and generalized user trends that are derived from the information collected on our Platform. There are several applications for aggregated or de-identified data:

Platform Optimization: To enhance the functionality and user experience of the platform by identifying prevalent user requirements and preferences.
Market Research: To develop insights into user behaviours and market trends that assist in the improvement of our product and service offerings.
Collaborative Research: Academic or business research that intends to innovate or develop new features, tools, or products in conjunction with trusted partners.
For the purpose of delivering high-level reports to stakeholders, including Nurseries and Agri-Input Companies, regarding industry performance trends, general sales, or usage.

We guarantee that any data shared in this manner cannot be used to re-identify or trace individual users, thereby maintaining strict compliance with all relevant data protection laws.

5. Data Storage and Security

5.1 Data Storage

All user data is stored and managed securely using Amazon Web Services (AWS), which complies with industry-standard security certifications (e.g., ISO 27001, SOC 2).

5.2 Security Measures

We implement comprehensive physical, electronic, technical, procedural and organizational measures to collect, store and disclose your data and safeguard your data against unauthorized access, loss, or misuse. These measures include but are not limited to:

Data Encryption: All sensitive information is encrypted during both storage and transmission to prevent unauthorized access. We work to protect the security of your information during transmission by using Secure Sockets Locker (SSL) software, which encrypts information you input. SSL allows sensitive information such as credit card numbers, UID's and login credentials to be transmitted securely. We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling branded credit cards from the major card schemes.
Access control (policies to restrict unauthorized personnel): The information you share is on our secure servers. Additionally, access to data is restricted to authorized personnel only, based on their roles and responsibilities. Multi-factor authentication and role-based access are implemented to enhance security.
Regular monitoring and audits to identify vulnerabilities. Continuous monitoring of systems and data environments is performed to detect and mitigate vulnerabilities or security breaches.
Data Segmentation: User data is segmented within the storage systems to ensure that unauthorized users cannot cross access boundaries.
Links to third party sites/ Apps: Links to third-party websites, services, or content that are not under our ownership or control may be present in our application. The links provided are solely for the purpose of information and convenience. Kindly take note of the following:

Independent entities: We are not responsible for the privacy or security of your data when you interact with third-party websites, as we have no control over their content, policies, or practices.
No endorsement: The inclusion of any link does not indicate that we endorse or recommend the third-party website or its services.
Your Responsibility: Accessing third-party websites through our application is at your own discretion. We recommend that you examine the privacy policies and conditions of service of these third-party websites prior to disclosing any personal information or utilizing their services.
Limitation of Liability: We expressly disclaim any responsibility for any injury, loss, or damages that may result from your use of third-party websites, including any concerns regarding the quality of services, accuracy of information, or data protection.
Reporting: In the event that you encounter any problems with the third-party connections featured in our application, please notify us at support@ankurplus.com so that we may investigate and take the necessary action.

Employee Training: Regular training sessions are conducted for employees to ensure they adhere to security best practices and protocols.
Third-Party Reliance: We rely on trusted third-party vendors, such as AWS, for data storage and management. While we do not conduct direct audits of their systems, we ensure that these providers adhere to their publicly stated compliance and security certifications, such as ISO 27001 and SOC 2. By choosing reputable providers, we mitigate risks and ensure alignment with industry standards for data protection
Incident Response Plan: A robust incident response plan is in place to address potential security breaches, ensuring immediate action to protect user data.

5.3 Retention

We retain user data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.
Upon account deactivation, we may retain limited data for legal or compliance purposes.

6. Your Rights

6.1 Access and Correction

You have the right to:

Access the personal data we store with us.
Request corrections to inaccurate or incomplete information and/or deletion of such data. Request the deletion of your personal data, subject to legal or contractual obligations requiring its retention. Data deletion requests can be made through [contact email/support channel]. Upon approval of your request, we will ensure the data is permanently removed from our systems unless retention is required by law. Access the personal data we hold about you.

6.2 Data Portability

Where applicable, you can request a copy of your data in a portable format.

6.3 Data Deletion

You may request the deletion of your personal data, subject to legal or contractual obligations requiring its retention.

6.4 Opt-Out

You can opt out of non-essential communications or withdraw consent for specific data processing activities.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

Enhance user experience by remembering preferences.
Analyze traffic and improve Platform performance.
Deliver targeted advertising (where applicable).

You can manage cookie preferences through your browser settings or opt out of certain tracking technologies where applicable.

8. International Data Transfers

Data stored on AWS servers may be transferred and processed in locations outside your country. We ensure that such transfers comply with applicable data protection laws through mechanisms such as Standard Contractual Clauses (SCCs).

8.1 Liability for Data Breaches

While the Platform relies on AWS for secure storage and management of data, we do not assume liability for data breaches or unauthorized access caused directly by vulnerabilities or incidents within AWS systems. AWS is a globally recognized service provider with industry-standard certifications, such as ISO 27001 and SOC 2, and adheres to strict security practices to mitigate risks. We rely on these representations made by the third party provider for safe handling of your data.

In the event of a data breach occurring at the AWS infrastructure level:

Notification: We will notify affected users promptly upon being informed by AWS or upon detecting any related incidents.
Support: The Platform will work with AWS to investigate the breach, identify affected data, and implement necessary remediation steps.
Liability Limitations: The Platform’s liability in such cases is limited to the extent permitted by law and subject to the terms outlined in our Terms & Conditions.

Users are encouraged to understand AWS’s shared responsibility model for cloud security, where AWS secures the infrastructure, and the Platform secures user applications and data access policies.

9. Children’s Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors. If we become aware of such collection, we will take immediate steps to delete the data.

10. Newsletter

You have explicitly authorized the receipt of newsletters from our mobile application. This consent may have been granted separately or as part of the registration or utilization process. You have the right to revoke your consent at any time, with future effect. If you no longer wish to receive newsletters, you may unsubscribe at any time by selecting the "Unsubscribe" option in the footer of each newsletter email or by accessing the preferences section of the mobile application.

11. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Users will be notified of significant changes through email or notices on the Platform.

12. Contact Information & Grievance Mechanism

If you wish to update your Personal Information, or have any concerns about how we process or use your Personal Information, or want to request that we stop using your Personal Information to provide you services, or opt-out of receiving promotional and marketing-related communications about our services for any reason, or have any concerns about privacy or grievances with us, please contact us at support@ankurplus.com with a thorough description. We will make all reasonable efforts to incorporate any requested changes or try to resolve the issue for you within a reasonable period of time.

If you have any questions or concerns specifically about this Privacy Policy, please contact us at support@ankurplus.com with your concerns provided in detail.

By using the Platform, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and storage of your information as described.