Privacy Policy

Introduction

TRADECLOVER LLP ("TRADECLOVER", "we", "us", or "our") operates an online marketplace platform (the "Platform") that enables sellers and service providers ("Sellers") to list goods and/or services and enables buyers ("Buyers") to discover, compare, and purchase such goods and/or services.

This Privacy Policy explains how we collect, use, store, share and otherwise process personal data when you access or use our website, mobile applications, tools, and services (together, the "Services"), and the choices available to you.

By accessing or using the Platform, or by otherwise providing your personal data to us (including offline, through forms or communications), you acknowledge that you have read and understood this Privacy Policy. Where required under applicable law, we will obtain your explicit consent.

1. Scope and Relationship with Other Documents

1.1 This Privacy Policy applies to:

• 
  Visitors to our website and mobile applications;
• 
  Registered Buyers and Seller users on the Platform;
• 
  Individuals who communicate with us, submit queries or complaints, or interact with us through any channel (including email, phone, or social media);
• 
  Individuals whose personal data we process in connection with our marketplace operations, including Seller personnel, vendor personnel, and other business contacts.

1.2 This Privacy Policy must be read together with:

• 
  TRADECLOVER LLP - Website/App Terms of Use ("Terms of Use");
• 
  TRADECLOVER LLP - Buyer Terms and Conditions;
• 
  TRADECLOVER LLP - Seller Agreement / Seller Terms;
• 
  TRADECLOVER LLP - Cookie Policy ("Cookie Policy");
• 
  Any specific data processing terms or consents presented to you at the time of data collection.

1.3 In case of any inconsistency between this Privacy Policy and any product-specific privacy notice or addendum, the product-specific terms will prevail for that product or service.

2. Legal Basis and Regulatory Alignment

2.1 This Privacy Policy is intended to be consistent with:

• 
  The Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"); and
• 
  Other applicable Indian data protection and consumer protection laws, as amended from time to time.

2.2 For processing activities where a legal basis is required, we rely on one or more of the following:

• 
  Your consent (express, informed, and revocable);
• 
  Performance of a contract to which you are a party (including Buyer or Seller terms);
• 
  Compliance with legal obligations (e.g., tax, KYC, accounting, law enforcement requests);
• 
  Legitimate business interests (e.g., improving and securing our Platform, preventing fraud, conducting analytics), balanced against your rights and expectations.

Where we rely on consent, you may withdraw your consent at any time as described in Section 13 below. Withdrawal of consent does not affect processing already undertaken based on your consent before withdrawal or processing based on other lawful grounds.

3. Definitions

For the purposes of this Privacy Policy:

• 
  "Personal Data" / "Personal Information" means any information that relates to a natural person, which, either directly or indirectly, in combination with other information, is capable of identifying such person.
• 
  "Sensitive Personal Data or Information" (SPDI) has the meaning assigned under the SPDI Rules and includes, among other things, passwords, financial information (such as bank account or credit card details), health information, biometric information, and similar categories of sensitive data.
• 
  "Processing" means any operation performed on personal data, including collection, use, storage, disclosure, transfer, deletion, or anonymisation.
• 
  "You" / "Your" means any individual whose personal data we process, including Buyers, Sellers, website visitors, and other users.

4. Categories of Personal Data We Collect

Depending on how you interact with us, we may collect and process the following categories of personal data:

4.1 Identity and Contact Data

• 
  Full name, salutation, gender, date of birth (where provided);
• 
  Username and account identifiers;
• 
  Email address, mobile number, alternate contact numbers;
• 
  Postal address, shipping and billing addresses;
• 
  Government-issued identifiers where legally required (e.g., PAN, Aadhaar [if provided pursuant to applicable law and with appropriate consent], GSTIN, business registration details for Sellers).

4.2 Account and Profile Data

• 
  Account credentials (username, hashed password or authentication tokens);
• 
  Profile details and preferences (e.g., saved addresses, language, communication preferences, saved payment instruments through third-party providers);
• 
  Seller and Buyer profile information, including business profile, authorised signatories, contact persons and designations.

4.3 KYC and Compliance Data (especially for Sellers and certain Buyers)

• 
  KYC documents such as PAN card, Aadhaar, passport, voter ID, driving licence, GST certificates, corporate identity documents and proofs of address;
• 
  Photographs, signatures, business licences, and registration certificates;
• 
  Information obtained from sanctions, watchlists, or credit reference databases, to the extent permitted under applicable law.

4.4 Transaction and Order Data

• 
  Details of orders, purchases, returns, cancellations and refunds;
• 
  Cart details and wishlists;
• 
  Delivery instructions and proof of delivery;
• 
  Invoices, billing records, tax-related records, and dispute/chargeback data.

4.5 Payment and Financial Data

Limited payment information necessary to process your payments, such as:

• 
  Masked card numbers, card type, cardholder name (as made available by the payment gateway);
• 
  UPI ID, virtual payment address;
• 
  Bank account details where necessary for payouts to Sellers or refunds to Buyers;

We typically rely on third-party payment service providers and banks to process payments and do not store full card details on our systems. Details are handled as per applicable payment industry standards (e.g., PCI-DSS) by such providers.

4.6 Device, Technical and Usage Data

Collected automatically when you use our Platform:

• 
  Device identifiers, device type, operating system, browser type and version;
• 
  IP address, approximate location derived from IP (city/region level), time zone settings, and network information;
• 
  Log data, including access timestamps, pages viewed, referral URLs, clickstream, crash logs, and error diagnostics;
• 
  Unique identifiers associated with cookies or similar technologies (see Section 6).

4.7 Communication and Support Data

• 
  Records of communications with us (email, phone, chat, in-app messages, support tickets);
• 
  Content of queries, complaints, feedback, survey responses, ratings and reviews;
• 
  Call recordings and logs (where permitted by law and with appropriate notice).

4.8 Marketing and Preference Data

• 
  Your marketing and notification preferences (email, SMS, push notifications, calls);
• 
  Information about your participation in promotions, contests, surveys, and referral programs;
• 
  Inferred interests and preferences based on your interactions, subject to applicable law and your choices.

4.9 Data from Third Parties

Data received from:

• 
  Sellers and logistics partners (e.g., delivery status, fraud alerts);
• 
  Payment and financial institutions (e.g., payment confirmations, chargebacks);
• 
  KYC and verification partners;
• 
  Analytics and advertising partners;
• 
  Publicly available sources and governmental authorities, as permitted by law.

5. How We Collect Personal Data

We collect personal data in the following ways:

• 
  Directly from You: When you create an account, place an order, list products or services as a Seller, fill out forms (online or offline), contact us, participate in surveys or promotions, or otherwise provide information to us.
• 
  Automatically: Through cookies, SDKs, pixels, server logs, and similar technologies when you visit or use our Services.
• 
  From Third Parties: From Sellers, business partners, payment service providers, KYC vendors, analytics providers and public sources, where permitted by law.

Where we request specific data, failure to provide such data may limit your ability to use certain features or services (e.g., we may not be able to complete KYC for Seller onboarding or fulfil an order).

6. Cookies and Similar Technologies

6.1 Our Platform uses cookies, web beacons, SDKs and similar technologies to:

• 
  Enable core functionality (e.g., login sessions, cart management);
• 
  Remember your preferences and settings;
• 
  Understand how you use the Platform and improve performance;
• 
  Provide relevant offers, recommendations and advertising (where permitted by law and your preferences).

6.2 Details of the cookies and similar technologies we use, their purposes, and how you can manage your cookie preferences are set out in our Cookie Policy, available at: tradeclover.in/cookie-policy

6.3 You can manage your cookie choices through:

• 
  Our cookie banner and preference centre (where implemented); and
• 
  Browser or device settings (e.g., to block or delete cookies).

Disabling or rejecting certain cookies may affect the functionality or features of the Platform.

7. Purposes of Processing and Lawful Bases

We process your personal data for the following purposes and corresponding lawful bases:

7.1 Account Creation, Authentication and Profile Management

• 
  To register you as a Buyer or Seller user and maintain your account;
• 
  To verify your identity and manage login, authentication and security.
• 
  Legal basis: Performance of contract, legitimate interests in operating the Platform; consent where required.

7.2 Marketplace Operations and Order Fulfilment

• 
  To enable listing, discovery and comparison of products and services;
• 
  To process and fulfil orders, including payment processing, invoicing, shipping, delivery, returns, and refunds;
• 
  To enable communication between Buyers, Sellers and our support teams.
• 
  Legal basis: Performance of contract; legitimate interests in ensuring efficient marketplace operations.

7.3 KYC, Compliance and Risk Management

• 
  To conduct KYC, AML, sanctions and fraud checks for Sellers and, where applicable, certain Buyers;
• 
  To validate identity, business registration and tax information;
• 
  To prevent, detect and investigate fraud, misuse, or violations of our Terms.
• 
  Legal basis: Compliance with legal obligations; legitimate interests in preventing fraud and abuse.

7.4 Customer Support and Grievance Redressal

• 
  To respond to your queries, requests, grievances, and disputes;
• 
  To troubleshoot issues, handle chargebacks, and resolve complaints.
• 
  Legal basis: Performance of contract; compliance with legal obligations; legitimate interests in providing effective support and maintaining customer satisfaction.

7.5 Marketing, Promotions and Personalisation

• 
  To send you service-related updates, order notifications, and administrative communications;
• 
  To send marketing communications, offers, newsletters and recommendations, including personalised content, where permitted by law;
• 
  To conduct surveys, contests, and referral programs.
• 
  Legal basis: Legitimate interests in promoting our services and enhancing user engagement; consent, where required (e.g., certain direct marketing channels).

You may opt out of marketing communications at any time (see Section 13).

7.6 Analytics, Product Improvement and Research

• 
  To analyse usage patterns and performance of the Platform;
• 
  To develop new features, services and user experiences;
• 
  To perform data analytics, including aggregated and anonymised analytics.
• 
  Legal basis: Legitimate interests in improving and optimising the Platform; consent where required (e.g., certain analytics cookies).

7.7 Security, Monitoring and Enforcement

• 
  To ensure network and information security, including monitoring for and preventing cyberattacks, unauthorised access, and other security incidents;
• 
  To enforce our Terms of Use, Buyer Terms, Seller Agreement and other applicable policies;
• 
  To protect our rights, property, and the safety of users and the public.
• 
  Legal basis: Legitimate interests; compliance with legal obligations.

7.8 Legal and Regulatory Requirements

• 
  To comply with applicable laws, regulations, judicial or governmental orders;
• 
  To cooperate with law enforcement authorities and regulatory bodies;
• 
  For accounting, taxation, record-keeping and audits.
• 
  Legal basis: Compliance with legal obligations; legitimate interests in proper corporate governance.

8. Sharing and Disclosure of Personal Data

We do not sell your personal data. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate safeguards:

8.1 Sellers and Buyers on the Platform

• 
  We share necessary Buyer information (e.g., name, contact number, delivery address, order details) with relevant Sellers and logistics partners to fulfil orders and provide services.
• 
  We may share necessary Seller information (e.g., business name, ratings, location, contact details where applicable) with Buyers for transparency and trust.
• 
  Communications between Buyers and Sellers routed through the Platform may be stored and processed by us for security, support, and dispute resolution.

8.2 Service Providers and Vendors

We engage third-party service providers to support our operations, including:

• 
  Cloud hosting, data storage, and IT infrastructure providers;
• 
  Payment gateways, banks, and financial institutions;
• 
  KYC and identity verification providers;
• 
  Logistics and delivery partners;
• 
  Customer support, call centre and communication platforms;
• 
  Analytics, advertising, and marketing technology providers;
• 
  Professional advisors (e.g., auditors, lawyers, consultants).

These service providers are typically bound by contractual obligations (including confidentiality and data protection obligations) and may only process personal data under our instructions and for the specified purposes.

8.3 Group Entities and Affiliates

Where relevant, we may share personal data with TRADECLOVER group entities and affiliates for:

• 
  Internal administration;
• 
  Consolidated analytics and reporting;
• 
  Shared services, risk management and compliance.

8.4 Legal, Regulatory and Enforcement Authorities

We may disclose personal data:

• 
  If required under applicable law, regulation, or legal process;
• 
  In response to lawful requests by public authorities, courts, regulatory bodies, or law enforcement;
• 
  To protect the rights, property or safety of TRADECLOVER, our users or the public, or to detect, prevent or otherwise address fraud, security or technical issues.

8.5 Business Transfers

In connection with any merger, acquisition, asset sale, financing, restructuring, or similar transaction involving TRADECLOVER, personal data may be transferred to relevant counterparties and their advisors, subject to appropriate safeguards and, where required, your consent.

9. International Transfers of Personal Data

9.1 Your personal data may be transferred to and processed in countries other than India, including where our or our service providers' servers, data centres, or support teams are located.

9.2 Where we transfer personal data to another country, we will ensure that:

• 
  The receiving jurisdiction offers an adequate level of data protection; or
• 
  Appropriate contractual safeguards (such as data protection agreements, standard contractual clauses, or equivalent instruments) are implemented; and
• 
  Transfers comply with applicable Indian laws and regulations.

9.3 You acknowledge that data transferred to third countries may be subject to the laws and lawful access requests of such countries. We will take reasonable steps to ensure that your personal data continues to receive adequate protection.

9.4 The primary data hosting location for our core user data currently is India data centre of [Cloud Provider]. Any material change in hosting locations will be reflected in this Privacy Policy or notified to you where required.

10. Data Retention

10.1 We retain personal data for as long as reasonably necessary to:

• 
  Fulfil the purposes outlined in this Privacy Policy;
• 
  Provide and improve the Services;
• 
  Comply with legal, regulatory, accounting or reporting requirements;
• 
  Resolve disputes and enforce our agreements.

10.2 Retention periods may vary depending on the category of data and context of processing. Illustratively:

10.3 Where we no longer need to process personal data for any permitted purpose, we will either delete, anonymise or aggregate the data, or, if that is not technically feasible, securely store the data and isolate it from further processing until deletion is possible.

11. Security Practices

11.1 We implement reasonable security practices and procedures in line with the IT Act and SPDI Rules, and in accordance with our internal Information Security Addendum and related policies. These include appropriate technical, organisational and physical security measures to protect personal data against unauthorised access, disclosure, alteration, destruction or accidental loss.

11.2 Measures may include, as appropriate:

• 
  Access controls and authentication mechanisms;
• 
  Encryption of data in transit and at rest, where applicable;
• 
  Segregation of environments and role-based access;
• 
  Regular security assessments, vulnerability scans and monitoring;
• 
  Secure software development practices and change management;
• 
  Employee training and confidentiality obligations;
• 
  Incident detection, response and remediation procedures.

11.3 While we strive to protect your personal data, no system or transmission over the internet is completely secure. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. Please notify us immediately of any actual or suspected unauthorized use of your account or any security breach.

12. Your Rights and Choices

Subject to applicable law, you may have the following rights in relation to your personal data:

12.1 Right to Access and Review

12.2 Right to Correction and Updating

You may request correction or updating of inaccurate or incomplete personal data. In many cases, you can review and update your information directly through your account settings.

12.3 Right to Withdraw Consent

Where we rely on your consent for processing, you may withdraw your consent at any time. Withdrawal of consent may affect our ability to provide certain services to you (e.g., marketing communications or optional features reliant on specific permissions).

12.4 Right to Deletion / Erasure (Subject to Law)

You may request deletion of your personal data, subject to our obligations to retain data for legal, regulatory, or legitimate business purposes. In some cases we may not be able to fully delete your data due to such obligations, in which case we will inform you.

12.5 Right to Restriction or Objection

Where permitted by law, you may request restriction of processing or object to certain processing activities (e.g., direct marketing).

12.6 Right to Data Portability (Where Applicable)

Where technically feasible and permitted by law, you may request a copy of certain personal data in a structured, commonly used and machine-readable format.

12.7 Right to Lodge a Grievance

You have the right to raise concerns or complaints with our Grievance Officer (see Section 15) regarding the processing of your personal data and our compliance with this Privacy Policy and applicable laws.

13. How to Exercise Your Rights and Manage Preferences

13.1 To exercise your rights or make privacy-related requests, you may contact us using any of the following methods:

• 
  Email: tradeclover.in/privacy-policy
• 
  Online form or in-app request mechanism at: [TO BE ANNUANCED SOON];
• 
  Postal address: Address :- 10th Floor 1002 Shiv Shrushti New Link Road Kandivali West 400067

13.2 For security and compliance reasons, we may:

• 
  Request additional information to verify your identity before acting on your request; and
• 
  Decline requests that are manifestly unfounded, excessive, or not required under applicable law.

13.3 Marketing Communications:

• 
  You may opt out of marketing communications at any time by using the "unsubscribe" link in our emails, adjusting notification settings in the app (where available), or contacting us at the address above.
• 
  Even if you opt out of marketing communications, we may still send you non-marketing, service-related communications (e.g., order confirmations, security alerts, updates to our terms).

13.4 Cookie and Tracking Preferences:

• 
  You may manage your cookie settings through our cookie banner/preference centre and your browser or device settings, as described in Section 6 and our Cookie Policy.

14. Children's Privacy

14.1 Our Platform is not directed to children and is intended for use only by individuals who are capable of forming a legally binding contract under applicable law (generally persons 18 years of age or older).

14.2 We do not knowingly collect personal data from children under 18 years of age. If you are under 18, you should use the Platform only with the involvement and consent of a parent or legal guardian and in accordance with applicable law.

14.3 If we become aware that we have inadvertently collected personal data from a child in violation of this Privacy Policy or applicable law, we will take reasonable steps to delete such information promptly. If you believe that a child has provided personal data to us, please contact us using the details in Section 15.

15. Grievance Officer and Contact Details

In accordance with the IT Act, SPDI Rules, and applicable IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, TRADECLOVER has designated a Grievance Officer.

You may contact the Grievance Officer for:

• 
  Complaints regarding violation of this Privacy Policy or applicable laws;
• 
  Requests relating to access, correction, deletion, or withdrawal of consent; and
• 
  Any concerns regarding security of your personal data.

We will acknowledge and respond to your complaint within the timelines prescribed under applicable law and our Grievance Redressal Policy.

16. Third-Party Links and Integrations

16.1 The Platform may contain links to third-party websites, applications, or services, including:

• 
  Third-party payment gateways and wallets;
• 
  Social media platforms;
• 
  Partner offers or external marketplaces.

16.2 Your use of such third-party services is subject to their respective privacy policies and terms, which we do not control. We are not responsible for the privacy practices, security or content of such third parties.

16.3 We recommend that you review the privacy policies of any third-party sites or services you access or use via our Platform.

17. Changes to This Privacy Policy

17.1 We may update or modify this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology.

17.2 When we make material changes, we will:

• 
  Update the "Last Updated" date at the top of this Privacy Policy; and
• 
  Provide additional notice where required by law or where we deem it appropriate (e.g., via email, SMS, in-app notice, or prominent notice on our website).

17.3 We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data. Your continued use of the Platform after any changes become effective will indicate your acceptance of the revised Privacy Policy.

18. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data protection practices, please contact us at:

By using the TRADECLOVER LLP Platform and Services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, storage, disclosure, and other processing of your personal data as described herein, subject to your rights under applicable law.