Privacy Policy
How we collect, use, and protect your data
Last updated: February 17, 2026
📋 Privacy at a Glance
1. Introduction
NatureXpress ("we", "us", or "our") operates the EUDR compliance platform at naturexpress.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
We are committed to protecting your privacy and ensuring the security of your personal and business data. This policy complies with India's Information Technology Act 2000, IT (Amendment) Act 2008, and references GDPR principles for our EU-based users.
2. Data We Collect
📊 Account Information
- Company name and registration details
- Email address (used as login)
- Phone number
- Company address and GSTIN
- Contact person name
- Company logo (optional)
👨🌾 Farmer Data (Uploaded by You)
- Farmer names and contact information
- Village, district, and state details
- GPS coordinates (latitude/longitude)
- Land area in hectares
- Plot and survey numbers
- Crop type information
⚠️ You are responsible for obtaining consent from farmers whose data you upload. NatureXpress processes this data on your behalf.
💳 Payment Information
Payment processing is handled entirely by Razorpay. We do not store any credit card, debit card, or banking information. We only receive transaction confirmation, payment ID, and amount from Razorpay.
📱 Usage Data
- Login timestamps and session data
- Features accessed and actions taken
- Browser type and device information
- IP address (for security purposes)
3. How We Use Your Data
We use your data solely for:
4. Third-Party Services
We use the following trusted third-party services to operate our platform:
Supabase
GDPR compliantPurpose: Database and file storage
Data shared: All platform data
Razorpay
PCI DSS Level 1 certifiedPurpose: Payment processing
Data shared: Payment transaction data
Resend
GDPR compliantPurpose: Transactional email delivery
Data shared: Email addresses and content
Vercel
SOC 2 Type IIPurpose: Platform hosting and CDN
Data shared: Server logs and performance metrics
5. Data Security Measures
6. Your Rights
You have the following rights regarding your data:
To exercise any of these rights, contact us at privacy@naturexpress.com. We will respond within 30 days.
8. GDPR Compliance
For users in the European Union, we comply with GDPR (General Data Protection Regulation):
- ✓Legal basis for processing: Contract performance and legitimate interests
- ✓Data Processing Agreement (DPA) available on request
- ✓International data transfers comply with Standard Contractual Clauses (SCCs)
- ✓Data retention: Shipment data retained for 7 years (Indian accounting requirements)
- ✓DPO contact: dpo@naturexpress.com
9. Privacy Contact
For privacy-related questions or to exercise your rights:
📧 Privacy Email: privacy@naturexpress.com
📞 Phone: +91 98765 43210
🏢 Data Controller: NatureXpress, Bengaluru, Karnataka, India