Privacy Policy

Effective Date: April 2, 2026

GreenRoots Foundation ("we," "our," or "us") is committed to protecting and respecting the privacy of every individual who visits our website (https://greenrootsindia.org), uses our mobile application, or engages with any of our digital platforms and services. This Privacy Policy explains in comprehensive detail how we collect, use, store, protect, disclose, and manage your personal information when you interact with our agricultural technology platform and related services. By accessing or using our platform in any capacity, you acknowledge that you have read, understood, and agree to the terms set forth in this Privacy Policy. If you do not agree with any provision of this policy, you are advised to discontinue using our services immediately.

1. Information We Collect

We collect various categories of information to provide, maintain, improve, and personalise our services for farmers, coordinators, investors, and other stakeholders across India. The types of information we collect include, but are not limited to, the following:

1.1 Personal Identification Information: When you register for an account, sign in through Google OAuth, or use our Email OTP verification system, we collect your full name, email address, mobile phone number (where provided), profile photograph (if signed in via Google), and any other information you voluntarily provide during the registration or profile completion process. For farmers and coordinators, we may additionally collect village name, district, state, Aadhaar number (only when legally required for government scheme integration), and bank account details for wallet transactions.

1.2 Agricultural and Professional Data: When you use our platform as a farmer, we collect information about your crops including crop name, area in acres, season (Kharif, Rabi, or Zaid), planting dates, harvest records, crop conditions, and yield data. For coordinators, we collect field visit reports, GPS check-in and check-out data (including precise latitude and longitude coordinates), attendance records, farmer assessment notes, and crop condition evaluations. This data is essential for providing personalised agricultural advisory services and monitoring program effectiveness.

1.3 Financial and Transaction Data: If you use our digital wallet feature, marketplace, or payment services powered by Razorpay, we collect transaction history, wallet balances, payment amounts, payment method details (excluding full card numbers, which are handled exclusively by Razorpay), order identifiers, and transaction timestamps. We do not store complete credit card or debit card numbers on our servers.

1.4 Device and Technical Information: We automatically collect certain technical information when you access our platform, including your Internet Protocol (IP) address, browser type and version, operating system, device type (mobile or desktop), screen resolution, unique device identifiers, referring URLs, pages visited, time spent on each page, click patterns, and other diagnostic data. This information helps us understand how our platform is being used and enables us to optimise performance and user experience.

1.5 Location Data: Our coordinator attendance and field visit features utilise GPS-based geolocation services. When a coordinator checks in or records a field visit, precise geographic coordinates (latitude and longitude) are collected and stored alongside the attendance or visit record. This data is collected only with explicit user consent through browser geolocation permissions and is essential for verifying field activities and ensuring programme accountability.

1.6 Communication Data: When you contact us through our website contact form, email, or through the GreenBot AI chatbot, we collect the content of your messages, your email address, your name, and any attachments you provide. Chatbot conversations are processed through our AI service provider (Groq) and are not stored permanently on third-party servers beyond the duration of the active session.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To create, maintain, and manage your user account and authenticate your identity through secure login mechanisms including Google OAuth, admin email/password authentication, and Email OTP verification.
  • To provide personalised agricultural advisory services, weather-based crop recommendations, and market price information tailored to your specific crops, location, and farming practices.
  • To facilitate marketplace transactions between farmers, buyers, and investors, including product listings, order processing, and payment verification through Razorpay integration.
  • To enable coordinator management functions including farmer assignment, field visit tracking, GPS-verified attendance recording, and crop condition monitoring across assigned territories.
  • To operate the digital wallet system, process financial transactions, maintain transaction histories, and provide accurate balance information to users.
  • To power the GreenBot AI chatbot assistant, which provides farmers with instant answers to agricultural queries, weather guidance, market information, and platform support in English, Hindi, and Assamese.
  • To generate role-aware dashboard statistics, analytical reports, and programme performance metrics for administrators, state heads, district heads, and other authorised personnel.
  • To send important communications including OTP verification codes, account notifications, platform updates, agricultural advisories, weather alerts, and responses to your enquiries.
  • To improve, optimise, and enhance our platform through analysis of usage patterns, identification of technical issues, and development of new features and services.
  • To comply with applicable laws, regulations, legal processes, and government requests, and to protect the rights, property, and safety of GreenRoots Foundation, our users, and the public.

3. Data Sharing and Disclosure

We take the privacy of your information seriously and do not sell, rent, or trade your personal information to third parties for their marketing purposes. However, we may share your information in the following limited circumstances:

  • With Razorpay, our payment processing partner, solely for the purpose of facilitating financial transactions. Razorpay processes payments in accordance with their own privacy policy and PCI DSS compliance standards.
  • With Groq (our AI service provider) for processing GreenBot chatbot conversations. Conversations are processed in real-time and are not permanently stored by Groq beyond the active session.
  • With Google, when you choose to authenticate using Google OAuth. Google receives only the authentication token and basic profile information in accordance with their OAuth 2.0 protocol.
  • With government authorities or agencies when required by law, legal process, or regulation, or when we believe in good faith that disclosure is necessary to protect the rights, safety, or property of GreenRoots Foundation or its users.
  • With authorised GreenRoots personnel (administrators, state heads, district heads, coordinators) who require access to specific data to perform their designated roles within the platform hierarchy.

4. Data Security

We implement comprehensive security measures to protect your personal information from unauthorised access, alteration, disclosure, or destruction. These measures include the use of JSON Web Tokens (JWT) with the HS256 algorithm for session management, bcrypt hashing for password storage (ensuring passwords are never stored in plain text), HTTPS/TLS encryption for all data transmitted between your device and our servers, WAL (Write-Ahead Logging) mode for our SQLite database to ensure data integrity, server-side input validation and sanitisation to prevent injection attacks, rate limiting on sensitive endpoints including OTP generation and chatbot usage, and regular security reviews of our codebase and infrastructure.

5. Data Retention

We retain your personal information for as long as your account remains active or as needed to provide you with our services. If you request account deletion, we will remove your personal information from our active databases within thirty (30) days, except where retention is required by law, necessary for legitimate business purposes such as fraud prevention, or required to resolve disputes. Anonymised and aggregated data that cannot be used to identify you may be retained indefinitely for analytical and research purposes.

6. Your Rights

Depending on your jurisdiction and applicable data protection laws, you may have the following rights regarding your personal information:

  • The right to access and obtain a copy of the personal information we hold about you.
  • The right to request correction or updating of inaccurate or incomplete personal information.
  • The right to request deletion of your personal information, subject to legal retention requirements.
  • The right to withdraw consent for data processing activities that are based on your consent.
  • The right to lodge a complaint with a relevant data protection authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at greenrootsmld@gmail.com. We will respond to your request within a reasonable timeframe, not exceeding thirty (30) days.

7. Cookies and Tracking Technologies

Our platform uses cookies and similar tracking technologies to enhance your browsing experience. Specifically, we use a language preference cookie (gr_lang) to remember your selected language across sessions, session cookies to maintain your authenticated state, and standard web server logs that record technical information about each request. We do not use third-party advertising cookies or tracking pixels. You can control cookie settings through your browser preferences, though disabling cookies may affect the functionality of certain platform features.

8. Children's Privacy

Our platform and services are not directed at individuals under the age of eighteen (18) years. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal information, we will take immediate steps to delete such information from our records. If you believe that a child has provided us with their personal information, please contact us immediately.

9. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be effective immediately upon posting the revised policy on our website with a new "Effective Date." We encourage you to review this policy periodically. Your continued use of our platform after any changes constitutes your acceptance of the revised Privacy Policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Organisation: GreenRoots Foundation

Address: Mangaldai, Darrang, Assam, India

Email: greenrootsmld@gmail.com

Website: https://greenrootsindia.org

Registration: RS/DAR/247/RFS-202600688