Last Updated: July 25, 2022
We, at Astra, aim to adhere to the ethical standards pertaining to collection, usage and safeguarding of the information provided by You during the use of the Application and the Website and We do not sell any User information or data.
We, at our Company, aim to adhere to the ethical standards pertaining to collection, usage and safeguarding of the information provided by You during the use of the Website.
- USER INFORMATION
The Platform collects certain information and data when You register via the Application or the Website. There are two types of information being collected: (i) User Provided Information; (ii) Automatically Collected Information during the usage of the Service.
(i) User Provided Information and Access
(d) The said information collected from the Users could be categorized as (i) “Personal Information”, “Sensitive Personal Information” (as defined under the IT Rules) or other information; or (ii) “Personal Data” as defined under the General Data Protection Regulation (“GDPR”) and would be governed in accordance with the GDPR, Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 (the “IT Rules”) and other relevant applicable laws of the jurisdiction. Any such information collected from the Users shall collectively be referred to as “User Information” in this Policy.
(e) We may use the User Information to contact You from time to time, to provide You with the services We offer through the Platform, important information and circulate marketing and promotional material in relation thereto. We may ask You for more information for identification purposes, if required (personal information). The User shall be permitted to access the Platform via any device provided that the log in/access credentials match with the User credentials. In the event the User uses a new device to access or log-in to the Platform, the User shall be required to grant access for the new device, as may be required.
(f) You may visit the Platform and browse the Platform without having to provide User Information. We will, at all times, provide the option to You to not provide the User Information, which We seek from You. Where possible, We indicate which fields are mandatory and which fields are optional to be filled on the Platform. You always have the option to not provide User Information by choosing not to submit particular information or feature on the Platform. In such event, however, the Company fully reserves the right not to allow further usage of the Platform or provide any services/products thereunder to You.
(h) While accessing the Platform and using the Services, we may have access to (i) the details of the threats removed or stopped by Our plug-in service on Your Covered Platform; (ii) the details of the User’s end customers accessing the Covered Platform; and (iii) the vulnerability report details collected by Our scanners or collected by Our employees in Your Covered Platform.
(i) By using this Platform, You consent to the collection, storage, use and transfer of the User Information that You provide in connection with any of the services that We offer through our Platform, and You consent to Our collection of any changes or updates that You may provide to the User Information. We collect only such User Information that We believe to be relevant for the purpose of identification and verification and is required to understand You or Your interests. It is clarified that We shall not be liable, for any reason whatsoever, for the authenticity of any User Information provided by You to Us. You hereby confirm that the User Information provided by You is and shall continue to be valid, true and accurate to the best of Your knowledge.
(j) We may also collect information regarding Your location, age and gender. This information will not be sold to, or shared with, any unaffiliated third party.
(k) Any portion of the User Information containing personal data relating to minors or a person of unsound mind provided by You shall be deemed to be given with the consent of the legal guardian. Such consent is deemed to be provided by Your registration with us.
(ii) Information We collect
(a) Your name, mobile number and email address;
(b) Account, purchase and payment information;
(c) Candidate information (for job applicants);
(d) Access to Your server credentials to log into Your site as and when requested by you;
(e) The credentials/delegated access related to Your hosting account portal, or (s)FTP or SSH details in connection with any Malware Removal Request;
(f) The login credentials to Your testing accounts for dashboards/admin panels/third party accounts;
(g) Other data collected that could directly or indirectly identify You.
(iii) Automatically Collected Information
When You visit the Platform, We may collect certain non-personal information such as Your internet protocol address, operating system, browser type, and internet service provider. We record the User session and collect the user browsing patterns through the following third party software used by the Company: (i) Microsoft Clarity (ii) Hubspot (iii) Google Analytics. This type of information does not identify You personally during Your visit to the Platform. We can identify You only after You submit User Information at the time of registering Yourself with the Platform.
- COLLECTION OF INFORMATION
(i) The User Information is being collected by the Company and the Company will delete any User Information upon the User withdrawing the consent in writing, however, upon the withdrawal of the consent by the User, the Company may, at its option, not provide any services for which the User Information was sought and the User shall not claim deficiency of services on the basis of such non provision of goods and services.
(ii) To enhance Your use of the Platform, certain information may be collected each time You visit the Platform which are saved in server logs. It is clarified that these statistics help Us in improving the efficiency of the Platform by giving Us information relating to Your use of the Platform. Such User Information may include details of the server from where the Platform is being accessed, the browser and operating system used to browse the Platform, details of Your last visit to the Platform, including time, date and the duration of Your session on the Platform. This User Information is used by us to understand the number of users visiting the Platform and gather broad demographic information for aggregate use of the Platform. While collecting such User information, Your anonymity shall be maintained at all times and at no time can We identity You personally, unless You submit the User Information on the Platform or through the e-mail feature. We reserve the right to share such general information to any person on its discretion.
(iii) You acknowledge that apart from Your User Information, if You upload or exchange any data, content, information, pictorial representations and/or images including post any comments on the Platform (collectively referred to as the “Content”), such Content may contain information including User Information and the same may be available to the other Users of the Platform. We will not be liable for the disclosure and dissemination of such User Information on the Platform.
Like most other Platforms, We use data collection devices known as cookies to collect and store information of Users visiting the Platform. A cookie is a small amount of data that is sent to a User's browser from a web server/mobile application and is eventually stored on a User's computer hard drive/mobile device. Cookies are a reliable mechanism for Platforms to remember the activities of the User on the Platform and helps in improving Your experience on the Platform. This anonymous information is maintained distinctly and is not linked to the User Information You submit to us. The option of accepting cookies is up to You, however certain features of the Platform including Content and the forms may not be accessible without accepting cookies.
We use the following cookies:
Functional Cookies: To provide you with a great experience on this Website, we provide the functionality to set your preferences for how this site runs when you use it. To remember your preferences, we need to set cookies so that this information can be accessed whenever you interact with a page that is affected by your preferences.
Performance and Analytics Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Site. They help us to know which pages are the most and least popular and see how visitors navigate the Site. Performance cookies are used to help us with our analytics, including to compile statistics and analytics about your use of and interaction with the Site, including details about how and where our Site are accessed, how often you visit or use the Site, the date and time of your visits, your actions on the Site, and other similar traffic, usage, and trend data.
- DATA NOT PROCESSED
We do not process personal data revealing Your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
- USER RIGHTS- FOR CITIZENS OF THE EUROPEAN UNION
In the event You are a citizen of the European Union, You may contact us at any time if there are any queries pertaining to the data privacy rights or if You wish to exercise any of the following rights afforded to You under the GDPR. You have the following broad rights under the GDPR:
(i) Right to withdraw Your consent: You shall have the right to withdraw Your consent at any time with regard to the processing of the User Information in accordance with Article 7 para. 3 GDPR.
(ii) Right to access Your data: You have the right to obtain confirmation as to whether or not personal data concerning You is being processed, and, where that is the case, access to the User Information specified under the Article 15 of the GDPR.
(iii) Right to rectification: You shall have the right to rectify any inaccurate data in accordance with the Article 16 of the GDPR. For instance, You can contact us if Your contact details have changed and You would like us to update the details that have been stored with us.
(iv) Right to erasuer: In accordance with Article17 of the GDPR, You can contact us to delete or erase any personal data concerning You that has been stored with us.
(v) Right to restrict processing: You can contact us to restrict the processing of certain data in certain situations such as in the event We no longer need the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; in accordance with Article 18 of the GDPR.
(vi) Right to data portability: In accordance with Article 20 of the GDPR, You can contact us to receive Your data in a commonly used and machine-readable format if You want to transmit or upload it to another website.
(vii) Right to object how Your data is handled: If You do not agree with the processing of Your personal data at any time (for instance analytical proposes), You can contact us to discontinue the same in accordance with Article 21 of GDPR.
(viii) Right to lodge a complaint: You may lodge a complaint with the supervisory authority in accordance with Article 77 para. 1 of the GDPR, if You feel that the processing of the data relating to You infringes the GDPR.
(ix) Right to effective judicial remedy: You shall have the right to an effective judicial remedy where You consider that Your rights under the GDPR have been infringed as a result of the processing of Your personal data and the same is in non-compliance with the GDPR.
- USE OF THE USER INFORMATION
(i) We collect the User Information provided by You for the reasons including but not limited to the following:
(a) To analyse and draw trends from the aggregated statistics of the User activity
(b) To provide personalised recommendations and maintain general and personalised content
(c) Identification and authentication of Your use of Company Services
(d) To improve Our features and provide seamless service
(e) To conduct research, to administer the Services
(f) To undertake promotional activities and/or contest
(g) To send You relevant notifications through e-mails and SMS which add to the effectiveness of the service
(h) To help in detecting and preventing of fraud
(i) To analyse and monitor activity on Our Platform
(j) To protect the integrity of Our Platform
(k) To respond to any queries/doubts raised by You
(l) To protect against imminent harm to the rights, property or safety of the Platform / Company or its users or the public as required or permitted by law
(m) To send periodic emails for sharing information and updates pertaining to Your order, occasional company news, updates, related product or service information, etc.
(n) Verifying Your identity.
- DISCLOSURE OF USER INFORMATION
(i) The User Information may be disclosed to affiliated companies within Our corporate family, with third parties with which We have partnered to allow You to integrate their services into Our own Services, and with trusted third party service providers as necessary for them to perform services such as:
• Processing credit/debit card/PayPal payments
• Serving advertisements
• Conducting contests or surveys
• Performing analysis of Our Services and customers demographics
• Communicating with You, such as by way email or survey delivery
• Customer relationship management
• Security, risk management and compliance
• Recruiting support and related services.
In view of the same, You may be subject to the practices of such third parties as well.
(ii) You acknowledge and agree that in the event You have availed Our Services through a third party partner, We may disclose the User Information to such partner for the purpose of account management. Further, such a third party affiliate will have access to the account of the end User.
(iii) In the event the User comments on any vulnerability report on the Platform, the name and e-mail address of the User will be visible to the other users of the Platform.
- THIRD PARTY PAYMENT SERVICES AND USER INFORMATION COLLECTION
(i) We use a third party payment platform and payment aggregator services to bill You for Our services. We may use and share the User Information with reliable and reputed third-party payment gateway to whom We are associated in order to ensure swift and comfortable payment mechanism for the User. The third party service providers shall provide the Company the name of the User, phone number, tax number, subscription details, details of the last four digits of the credit card used for payment, email ID and the address of the User as utilized by the User while completing the payment transaction.
(iv) We have affiliated with the following third party payment providers for the above mentioned purposes: (i) paddle.com; (ii) fastspring.com (iii) paypal.com.
- SHARING OF DATA WITH THIRD PARTIES
(i) We will share Your User Information with third parties (including Sub-processors) only in the ways that are described in this Policy. We may use the individual data and behaviour patterns combined with User Information to provide You with personalized content, and better Your experience.
(ii) The Company may provide and utilise the User Information and data collected to certain third parties for undertaking data analysis via third party analytical tools. The third party analytical tools are utilised in order to analyse the data and information to personalize, drive insights and thereby provide a better performance, improve the quality of features and provide seamless services to the User.
(iii) The Company does not sell, trade or rent the User Information to any third party unless, we have been expressly authorized by You either in writing or electronically to do so
(iv) In some cases, Company may share your information with third parties & sub-processors listed here but not limited to, to the extent permitted by applicable law for the above mentioned purposes. Each of these sub-processors are limited to accessing or using this information to provide our services only and must provide reasonable assurances that they will appropriately safeguard any customer data provided by Company.
- SECURITY PRECAUTIONS
(i) To prevent any form of unlawful interception or misuse of User Information, We use reasonable physical, electronic, and managerial procedures to safeguard and secure the User Information collected. We use reasonably secure and technologically appropriate measures, in compliance with the relevant applicable laws of the jurisdiction to protect You against loss or misuse of Your User Information including internal reviews of data collection, storage and processing practices and other reasonable security measures which are equivalent to security measures that We use to protect Our own confidential information. We have in place a secure servers for all Your transactions on the Platform, which, if required to be accessed, are accessible only by Our authorized personnel. However, as You are aware, no internet site/mobile based application is completely free of security risks and We do not make any representation in respect of the same.
(iii) All supplied sensitive User Information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into Our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential. After a transaction, Your User Information (credit cards, social security numbers, financials, etc.) will not be stored on Our servers. While We have mechanisms in place to safeguard Your User Information after We receive it, no transmission of data over the internet can be fully secure and We make no representation in respect of the same.
- LINKS TO OTHER THIRD PARTY SITES
- AGGREGATE STATISTICS
We may at times provide aggregate statistics about Our Users and their pattern in addition to certain related site information to certain third parties will be in an aggregate form and does not contain any of Your individual detailed User Information.
- DATA SECURITY AND RETENTION
(i) We follow the required security measures specified under Article 32 of the GDPR and adopt the required processes to protect and safeguard the User Information and data provided to us.
(ii) Once You delete the User Information such as name and e-mail address on the Website by raising a support ticket on the Platform or via Dashboard, We will notify You about the same through email and this deleted information is not stored in any form at Our end. You have every right to cease to hold an account with us. However, the past activity data associated with Your account is intact in anonymous form with us and We may utilise it for research and analysis purposes in order to improve the quality of Our Services.
- DATA BREACH
In case of any data breach of User Information/Website’s database / third-party data, processors is apparent, We will inform all relevant authorities within 72 hours about the same. Further, We shall inform You about the same without any undue delay, if required as specified under the Article 34 of the GDPR.
- CHILDREN’S PRIVACY PROTECTION
- DISCLOSURES REQUIRED BY LAW
We reserve the right to disclose User Information when required by any applicable law. We will disclose such User Information wherein We have a good-faith belief that it is necessary to comply with a court order, ongoing judicial proceeding, or other legal process served on Us from any jurisdiction as may have been applicable to Us by virtue of the location of the User of the services or to exercise Our legal rights or defend against legal claims.
- CONTACTING THE PLATFORM AND DATA PROTECTION OFFICER/ GRIEVANCE OFFICER
(i) If You have any questions or comments regarding (i) this Policy, or (ii) practices of this Platform, or (iii) Your dealings with this Platform or believe that We have not adhered to it or (iv) if You wish to exercise Your individual rights, please contact us using one of the following methods:
Name: Astra Security
Email: [email protected]
Address: SCO-830, second floor, above RBL Bank, NAC, Manimajra, U.T. Chandigarh, India 160101 and 2093, Philadelphia Pike #4080, Claymont, Delaware, 19703, USA
Alternatively, You can chat with us on the help desk chat option available in the Application
(ii) Our Data Protection Officer/ Grievance Officer or another data protection relevant officer can be reached at the email provided above.
The Data Protection Officer/Grievance Officer is identified above pursuant to the provisions of applicable laws including but not limited to the GDPR, Information Technology Act, 2000 and the Consumer Protection Act, 2019, and the Rules enacted under those laws.
- INTERNATIONAL DATA TRANSFERS
We share the User Information with the entities situated outside the European Union. We ensure that the User Information is protected and the data recipient adopts an adequate level of data protection. Further, We ensure that effective legal remedies are available. The transfers shall be subject to the conditions specified under the GDPR.
- UPDATION/ DELETION OF THE USER INFORMATION
Once you update/delete Your personal User Information through Your account settings such as name and e-mail address on the Website or the Application, this old/deleted information shall be deleted from Our database within 60 (sixty) days from the date of the updation/ deletion. After expiry of the said period, the old/ deleted User Information is not stored in any form at Our end. You have every right to cease to hold an account with us. However, the past activity data associated with Your account is intact in anonymous form with us and We may utilise it for research and analysis purposes in order to improve the quality of Our Services.
- INFORMATION FOR CITIZENS OF THE EUROPEAN UNION
Our Policy is EU GDPR privacy regulations compliant.