Cart
0.00
English
Privacy Policy
🔒 Privacy Policy — Kisanio Agritech Private Limited
Effective Date: 1 May 2026 | Version: 2.0 | Last Reviewed: June 1st, 2026
www.kisanio.com
This Policy is strictly governed by the following frameworks:
Information Technology Act, 2000 & IT (Amendment) Act, 2008
Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
Consumer Protection Act, 2019 & Digital Personal Data Protection Act, 2023 (DPDPA)
RBI Payment Aggregator Guidelines & GST Act, 2017
👋 1. Who We Are & Why This Policy Exists
Kisanio Agritech Private Limited (Kisanio, we, us, or our) operates the digital agri-marketplace at
📍 2. Scope of This Policy
This Policy applies to:
All registered Users (buyers/farmers) and Vendors on the Kisanio Platform.
Visitors who browse
www.kisanio.com Individuals who contact Kisanio via WhatsApp, email, phone, or in-person.
Vendors, delivery partners, affiliates, and any third party sharing data with Kisanio.
📝 Key Definitions
'Personal Data' — Any information that identifies or can identify a living individual (name, phone number, identity proofs, location, IP address, etc.).
'Sensitive Personal Data' (SPDI) — Financial information (bank account, card details), biometric data, health information — governed specifically by SPDI Rules 2011.
'Processing' — Any operation on personal data: collection, storage, use, sharing, or deletion.
'Data Fiduciary' — Kisanio, as the entity that determines the purpose and means of processing your data.
✅ 3. Your Consent
By accessing or using the Kisanio Platform (including browsing, registration, placing orders, or contacting us), you explicitly consent to the collection, use, storage, and disclosure of your personal information as described in this Privacy Policy.
If you are a minor (under 18 years), you must obtain consent from a parent or legal guardian before using our Platform. Kisanio does not knowingly collect personal data from minors.
📋 4. Information We Collect From You
👤 4.1 Information You Provide Directly
| Category | Data Collected | When Collected |
| Account Registration | Full name, mobile number, email address, password (hashed) | When you create a Kisanio account |
| Delivery Address | Village/town, mandal, district, state, pincode, landmark | When placing an order or saving an address |
| Profile Information | Profile photo (optional), date of birth (optional), farm size / crop type (optional) | When updating your profile |
| KYC / Identity (Vendors only) | Identity data, PAN number, GST certificate, trade license, bank account details, cancelled cheque | During vendor onboarding and verification |
| Payment Information | Transaction ID, payment method type (UPI/Card/COD/KCC) — card numbers NOT stored on Kisanio servers | When making a purchase |
| Communications | Messages sent via in-app chat, customer support emails, WhatsApp messages to Kisanio support | When you contact us for support or queries |
| Reviews & Ratings | Product reviews, vendor ratings, photos uploaded with reviews | When submitting a review |
🤖 4.2 Information Collected Automatically
When you visit or use our Platform, we automatically collect certain technical information:
Device Information: Device type, operating system, device ID, browser type, and version.
Log Data: IP address, pages visited, time and date of visits, time spent on pages, links clicked.
Location Data: Approximate location derived from IP address; precise GPS location only if you explicitly grant permission in app settings.
Cookie Data: Session cookies (login), preference cookies (language, category), analytics cookies (usage patterns).
App Usage: Features used, search terms entered, products viewed, time in app.
🤝 4.3 Information from Third Parties
Payment Gateways (Cashfree): Transaction confirmation, payment status — NOT card numbers or UPI PINs.
Logistics Partners (Shiprocket, Delhivery): Delivery status updates, delivery confirmation, attempt logs.
Government/Regulatory Sources: For vendor KYC verification — GST validation via GSTN portal, ID verification via verification endpoints (consent-based only).
Social Login (if enabled): If you sign in via Google, we receive your name, email, and profile photo from Google — no passwords.
Referral Partners / Affiliates: If you joined Kisanio via a referral link, we record the referral source.
⚙️ 5. How We Use Your Information
| Purpose | Data Used | Legal Basis |
| Account creation and management | Name, email, mobile, password | Contract performance |
| Order processing and fulfillment | Address, product selection, payment details | Contract performance |
| Delivery coordination | Name, address, mobile number (shared with logistics) | Contract performance |
| Payment processing and settlement | Transaction data (via Cashfree — tokenized) | Contract + legal obligation |
| Customer support and dispute resolution | All account, order, and communication data | Legitimate interest |
| GST invoicing and tax compliance | Name, address, GSTIN (if applicable), order value | Legal obligation (GST Act) |
| Platform security and fraud prevention | IP address, device ID, login patterns, transaction flags | Legitimate interest |
| Personalized product recommendations | Purchase history, browsing history, location | Consent (opt-in) |
| Marketing & promotional communications | Email, mobile number (WhatsApp/SMS) | Consent (opt-in, can opt-out anytime) |
| Platform analytics and improvement | Anonymized usage data, aggregated analytics | Legitimate interest |
| Vendor KYC and onboarding verification | Verification data, PAN, GST, bank details, trade licenses | Legal obligation + consent |
| Compliance with court orders | Data as specifically requested | Legal obligation |
🚫 5.1 What We Will NEVER Do With Your Data
NEVER sell your personal data to any third party, advertiser, or data broker.
NEVER share your identification proofs, PAN, or financial data with any party not required for KYC/tax compliance.
NEVER use your data for any purpose not disclosed in this Policy without your explicit consent.
NEVER retain data longer than required (see Retention Policy, Section 7).
NEVER send unsolicited commercial communications without your opt-in consent.
🔗 6. Who We Share Your Data With
6.1 Authorized Data Recipients
Vendor (Seller): Buyer name, delivery address, mobile number, order details — To enable order fulfillment and delivery coordination.
Cashfree Payment Gateway: Transaction amount, tokenized payment method, order ID — Secure payment processing; PCI-DSS compliant.
Shiprocket / Delhivery: Buyer name, delivery address, mobile number, parcel weight/dimensions — Shipment booking, pickup scheduling, delivery tracking.
GSTN Portal (Government): GST number, invoice details (for GST-registered transactions) — GST compliance and e-invoice generation.
Verification Endpoints (KYC): Verification data — Only for vendor KYC OTP-based verification; consent obtained before every check.
Cloud Infrastructure (AWS / GCP): Encrypted platform data — application, database, media — Hosting and data storage; data stays within India.
Analytics Tools (Google Analytics, etc.): Anonymized, aggregated usage data — no personal identifiers — Platform performance and improvement analytics.
Law Enforcement / Courts: Data as specifically requested in official legal notices — Compliance with court orders, FIRs, government directives under IT Act.
🌍 Cross-Border Data Transfer
Kisanio stores all primary user data on servers located WITHIN INDIA in compliance with applicable Indian data localization requirements. In cases where certain third-party tools (e.g., analytics, cloud services) process data outside India, Kisanio ensures adequate contractual protections (Standard Contractual Clauses or equivalent) are in place.
⏳ 7. Data Storage & Retention
| Data Type | Retention Period | Reason |
| Account & profile data (active users) | Duration of account + 3 years after deletion | Legal obligation (IT Act, Consumer Protection Act) |
| Order and transaction records | 7 years from date of transaction | GST compliance and tax audit requirements |
| Payment and financial data | 7 years | RBI guidelines and financial audit requirements |
| Vendor KYC documents | 5 years after vendor deactivation | KYC regulatory requirements and audit |
| Customer support communications | 3 years from closure of ticket | Dispute resolution and quality audit |
| Marketing preferences (opt-in records) | Until opt-out + 1 year | Consent management compliance |
| Anonymous analytics / aggregated data | Indefinitely (no personal identifiers) | Platform improvement — not linked to individuals |
| Browsing logs / IP address logs | 90 days | Security monitoring and fraud prevention |
🔒 8. How We Protect Your Data
8.1 Technical Security Measures
Encryption: All data in transit encrypted via TLS 1.3 (HTTPS). All data at rest encrypted using AES-256. Passwords hashed using bcrypt (we cannot read your password). Payment data tokenized via Cashfree — raw card data never touches Kisanio servers.
Access Control: Role-based access: employees access only data needed for their function. Multi-factor authentication (MFA) for all internal admin accounts. All internal data access is logged and audited.
Infrastructure Security: Hosted on ISO 27001-certified cloud infrastructure within India. Regular automated vulnerability scans and penetration tests. Web Application Firewall (WAF) protecting against SQL injection and XSS. DDoS protection and rate limiting on all API endpoints.
Operational Security: Employee background verification before access to user data. Annual security training for all staff handling personal data. Incident response plan: breach detected → users notified within 72 hours.
💳 Payment Security
All payments on Kisanio are processed by Cashfree Payments — a PCI-DSS Level 1 compliant payment aggregator licensed by the Reserve Bank of India. Kisanio NEVER stores, processes, or transmits raw credit/debit card numbers, CVVs, UPI PINs, or net banking passwords. These are handled exclusively within Cashfree's secure environment.
⚠️ 8.2 Data Breach Protocol
In the unlikely event of a data breach affecting your personal information, Kisanio will:
Detect and contain the breach within our security systems.
Assess the scope and severity of the breach within 24 hours.
Notify affected users via email and/or SMS within 72 hours of discovery.
Report the breach to the appropriate regulatory authorities as required by Indian law.
Take corrective actions and provide guidance on protective steps you should take.
⚖️ 9. Your Privacy Rights Under Indian Law
| Your Right | What It Means | How to Exercise |
| Right to Access | Request a copy of all personal data Kisanio holds about you. | Email [email protected] — fulfilled within 30 days. |
| Right to Correction | Request correction of inaccurate or incomplete personal data. | Update via Account Settings or email [email protected]. |
| Right to Deletion | Request deletion of your account and data (subject to legal retention obligations). | Account Settings → Delete Account, or email [email protected]. |
| Right to Data Portability | Receive your data in a structured, machine-readable format (JSON/CSV). | Email [email protected] — provided within 30 days. |
| Right to Withdraw Consent | Withdraw consent for marketing or optional data processing at any time. | Unsubscribe link in emails, WhatsApp 'STOP' reply, or Account Settings. |
| Right to Object | Object to processing for profiling, personalized ads, or direct marketing. | Account Settings → Privacy Preferences, or email [email protected]. |
| Right to Grievance Redressal | File a complaint about any privacy violation with our Grievance Officer. | See Section 12 for Grievance Officer contact details. |
| Right to Nominate | Nominate another person to exercise your privacy rights in case of death or incapacity. | Email [email protected] with nomination details. |
🍪 10. Cookies & Tracking Technologies
| Cookie Type | Purpose | Can You Opt Out? |
| Essential / Session Cookies | Maintain your login session, shopping cart, language preference — platform cannot function without these. | No — required for platform operation. |
| Functional Cookies | Remember your preferences (delivery address, notification settings, Telugu/English language). | Yes — via Browser Settings. |
| Analytics Cookies | Understand how users navigate the platform — anonymized and aggregated, no personal identifiers. | Yes — via Cookie Preferences in Account Settings. |
| Performance Cookies | Monitor page load times, identify slow pages, improve platform speed. | Yes — via Cookie Preferences. |
| Marketing / Targeting Cookies | Show relevant product ads (Google, Meta) based on browsing — only if you have opted in. | Yes — opt-out anytime via Account Settings. |
👦 11. Children's Privacy
The Kisanio Platform is NOT intended for use by persons under the age of 18 years. We do not knowingly collect, process, or retain personal data from minors. If we become aware that a minor has provided personal data without parental consent, we will promptly delete that information. If you are a parent or guardian and believe your child has used our Platform, please contact us at [email protected] immediately.
🔗 12. Links to Third-Party Websites
The Kisanio Platform may contain links to third-party websites, apps, or services (e.g., government portals, logistics tracking pages, payment pages). Kisanio has no control over and is not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party site you visit from our Platform.
🔄 13. Changes to This Privacy Policy
Kisanio reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other operational factors. We will notify you of material changes via a prominent notice on the Kisanio homepage for 30 days, email notifications, or in-app notification banners.
📋 14. Grievance Officer & Contact
14.1 Grievance Officer (IT Act 2000 — Rule 5(9))
In accordance with the Information Technology Act, 2000 and Rules thereunder, Kisanio has designated a Grievance Officer to address concerns regarding privacy, data protection, and related matters:
Name:
[Grievance Officer Name]Designation: Grievance Officer — Data Privacy
Organization: Kisanio Agritech Private Limited
Email: [email protected]
Postal Address: Kisanio Agritech Pvt. Ltd., B1104, VASAVI METROPOLIS, PHASE 2, BHAGAYATH, HYDERABAD, Telangana - 500039, India.
Phone: +91 7095602964
Response Time: All grievances acknowledged within 24 hours, resolved within 30 days.
Available: Monday to Friday, 10 AM to 5 PM IST.
📞 14.2 General Privacy Queries
For Users / Buyers: Email: [email protected] | WhatsApp:
[Support Number]| In-app: Help → Privacy Request (Mon–Sat, 9 AM–6 PM IST).For Vendors: Email: [email protected] | KYC queries: [email protected] | Settlement/financial data: [email protected].
💡 Summary — Key Points to Remember
We collect only what we need to serve you — and nothing more.
We NEVER sell your data. Your information is not a product.
You are always in control — access, correct, delete, or export your data anytime.
For any privacy concern, our Grievance Officer will acknowledge your issue within 24 hours.