Copago Marketplace
🔒 Legal

Privacy Policy

How CoTrade by Copago Marketplace collects, uses, and protects your data.

📅 Last updated: April 2026 Privacy Policy — CoTrade by Copago Market
CoTrade · Copago Market Private Limited
Effective Date: 1 April 2026  ·  Last Updated: 1 April 2026
Table of Contents
  1. Who We Are
  2. Information We Collect
  3. How We Use Your Information
  4. Legal Basis for Processing
  5. Data Sharing & Disclosure
  6. Data Retention
  7. Your Rights
  8. Cookies & Tracking
  9. Security
  10. Children's Privacy
  11. Changes to This Policy
  12. Contact & Grievance Officer
Summary: We collect only what we need to provide CoTrade's trade intelligence services. We never sell your data. You can request deletion at any time by writing to [email protected].

1. Who We Are

Copago Market Private Limited ("Copago", "we", "us") operates the CoTrade platform at cotrade.copagomarket.com and the marketing website at copagomarket.com.

CoTrade is a global food trade intelligence platform helping Indian food exporters identify international buyers, run outreach campaigns, and manage leads.

Privacy queries: [email protected]

2. Information We Collect

2.1 Information you provide:

  • Account info: Name, email, password (hashed), company, country, phone
  • Billing details: Legal name, GSTIN, billing address — for GST compliance and Zoho Books invoicing
  • Campaign content: WhatsApp messages and email templates you create
  • Payment info: Processed by PayU (PCI-DSS compliant). We receive only a transaction reference — never your card details.
  • Lead data: Buyer contact details and notes you manually enter

2.2 Collected automatically:

  • Usage data: Pages visited, features used, profile views, session durations
  • Device data: IP address, browser type, OS — for security
  • Auth tokens: JWT tokens in browser localStorage for session management

2.3 From third parties:

  • Google OAuth: Name, email, profile picture if you sign in with Google
  • Trade database: We curate buyer/supplier data from public customs filings — this is not collected from you

3. How We Use Your Information

  • To provide, maintain, and improve the CoTrade platform
  • To process payments and generate GST-compliant invoices via Zoho Books
  • To send WhatsApp and email campaigns on your behalf using your configured credentials
  • To calculate and deduct profile view credits from your wallet
  • To send transactional emails (invoices, payment confirmations, alerts)
  • To enforce session limits and prevent abuse of the free tier
  • To respond to support queries
  • To comply with Indian GST law and the DPDPA 2023

We do not use your data for advertising. We do not sell your data. We do not share your data with buyers or suppliers in our directory.

5. Data Sharing & Disclosure

We share data only with these service providers:

Service ProviderPurposeData Shared
PayU IndiaPayment processingName, email, amount, transaction reference
Zoho BooksInvoice & quote generationBilling name, GSTIN, email, address, amounts
Meta (WhatsApp API)Campaign deliveryPhone numbers, message content (via your credentials)
Google (Gmail SMTP)Email deliveryEmail addresses, message content (via your credentials)
AWSHosting & databaseAll platform data (encrypted at rest)

We may also disclose data if required by law, court order, or to protect the safety of Copago or its users.

6. Data Retention

  • Account data: Duration of account + 3 years after closure
  • Billing & transaction records: 8 years (GST law requirement)
  • Campaign content: Until deleted by you or account closure
  • Session logs: 90 days
  • Wallet transactions: Permanent (financial audit compliance)

7. Your Rights (DPDPA 2023)

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Erasure: Request deletion (subject to legal retention)
  • Withdrawal of consent: Stop marketing communications at any time
  • Grievance redressal: File a complaint with our Grievance Officer

Email [email protected] — we respond within 30 days.

8. Cookies & Tracking

We use only essential, functional storage:

  • Authentication tokens: localStorage for session management
  • UI preferences: Browser localStorage only

We do not use advertising cookies, cross-site tracking, Google Analytics, or Facebook Pixel.

9. Security

  • All data transmitted via HTTPS (TLS 1.2+)
  • Passwords hashed with bcryptjs (10 salt rounds)
  • Database hosted on AWS RDS with encryption at rest
  • API secured via signed JWT tokens with role-based access control
  • WhatsApp and Gmail credentials stored encrypted; never logged in plaintext

Report security issues to [email protected].

10. Children's Privacy

CoTrade is a B2B platform for users aged 18+. We do not knowingly collect data from minors. Contact us immediately if you believe a minor has provided personal data.

11. Changes to This Policy

We may update this policy periodically. Significant changes will be communicated by email and in-app notification before they take effect. Continued use constitutes acceptance.