Last Updated: May 23, 2018
We don’t request access to you personal information unless we truly need it to provide the service eg: Your gender or income levels are irrelevant to us, so we don’t ask you for that information.
We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights.
We don’t store personal information on our servers unless required for the on-going operation of one of our services.
We WILL NEVER sell your information to anyone.
What information do we collect?
General. When you visit the site, you can browse without submitting any personal information about yourself. We will, however, receive and store some non-personally identifiable information about you, as described below. In order to participate in certain functionalities, you may be asked to provide personally identifiable information. Personally identifiable information is information that can identify you, including, for example, your name or email address.
Communications; Email Address Collection. In order to receive certain communications from us, such as responses to user inquiries, you will be required to submit your email address to us. You may also provide your email address to us in order to receive security updates and news even if you do not sign up for an account or make a purchase. Any non-Service related email you receive from us will include an unsubscribe link that will allow you to opt-out of receiving future emails. It may be necessary to send you Service-related announcements. For example, if the Service is temporarily suspended for maintenance, we may send users an email. You may not opt-out of Service-related emails which are not promotional in nature.
User Content. The Service may allow you to post or submit comments or other information, such as in response to our blog content (www.getastra.com/blog), knowledge-base content (www.getastra.com/kb) (“User Content”). We may use User Content to improve the Service and we may save User Content or other content you post indefinitely.
Malware Cleaning Service. If you opt for our malware cleaning/removal service we may download portions of your site to secure servers in order to analyze and clean the site. As part of the service we also require: access to your database, access to your site control panel, and server credentials to log into your site. The server credentials are transmitted via an encrypted page and stored with industry standard encryption. We may also retain a backup of portions of your site for a limited amount of time after the cleaning for quality assurance purposes.
Automatically Collected Information. Similar to other websites, we may collect some information automatically from you and store it in log files. This collection may include, but is not limited to: your domain name and host for Internet access, the Internet address of the site from which you came, the date and time of your access, your computer’s IP address and information about its operating system, browser, and host, the date and time you access the Service and the pages you visit. We collect this non-identifying information in order to help diagnose problems and to administer the Service. We also use it to help identify you and to gather broad demographic information. We may automatically collect information using various mechanisms, including but not limited to cookies and pixels.
“Pixels” are tiny graphics with a unique identifier that are used to track the online movements of web users. Unlike cookies, which are stored on a computer’s hard drive, pixels are small graphics that are about the size of the period at the end of the sentence that are embedded invisibly on web pages or in HTML-based emails. Our third-party analytics providers may place pixels on the Site that track what other websites you visit (both before and after visiting the Site). Our third-party analytics providers use information obtained from pixels to help us improve our business and the Service. We do not control the use of pixels by third parties.
“Do Not Track” Settings. Because we track website usage information as described above, your selection of the “Do Not Track” option provided by your browser may not have any effect on our collection of certain information. The only way to completely “opt out” of the collection of information through cookies or other tracking technologies is to actively manage the settings on your browser to delete and disable cookies and other tracking/recording tools. However, getting a “Do Not Track” signal to work as you might want is difficult. Using browsers as an example, not all tracking technologies can be controlled by browsers; unique aspects of your browser might be recognizable even if you disable a tracking technology; not all settings will necessarily last or be effective; even if a setting is effective for one purpose, data still may be collected for another; and even if one website observes a “Do Not Track” signal, that website may not be able to control other websites.
Log files. As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp and/or clickstream data. We use this information gathered about you from our Site to help personalize search results, diagnose problems with our server, and to administer our Site. We also gather broad demographic information from this data to help us improve our Site and make your browsing and purchasing experience more enjoyable. This is not linked to any personally identifiable information, except as necessary to prevent fraud or abuse on our system.
Testimonials. We may post your testimonials/comments/reviews on our Websites which may contain your Personal Data. Prior to posting the testimonial, we will obtain your consent to post your name along with the testimonial. If you want your testimonial removed, please contact us at [email protected]
You understand that we will not be liable to any person for unauthorized publishing of testimonials by other parties.
Marketing communications. We may use your e-mail address, collected as part of Collected Data, to send our newsletters and/or marketing communications about our products and services. Where you have so requested, we will also send you marketing communications about our third party partners. If you no longer wish to receive these communications, you can opt out by following the instructions contained in the e-mails you receive or by contacting us at [email protected].
Single Sign-on. You can log in to our websites & applications using sign-in services such as Google, Facebook Connect and LinkedIn. These services will authenticate your identity and provide you the option to share certain Personal Data with us such as your name and e-mail address. Services like Google, Facebook Connect, Twitter, LinkedIn give you the option to post information about your activities on our Websites to your profile page and to share information with others within your network.
What do we use your information for?
Any of the information we collect from you may be used in one of the following ways:
Maintain and provide our Site, products, and services
Fulfill the purpose for which you provide it
Personalize your experience
Improve our Site, products and services
Develop new products and services
Detect and prevent fraud
Protect our and our visitors' safety
Analyze and monitor activity on our Site
Comply with our obligations
Exercise our rights
Enforce our contracts
Use of Non-Personally Identifiable and Aggregate Information. We may use non-personally identifiable information and aggregate information for any lawful purpose, including, but not limited to, analyzing trends, managing and administering the Service, tracking users’ movements, for research purposes, or to improve our business and the Service. In addition, we may share aggregate statistical information with our business partners. We may also combine your non-personally identifiable information and aggregate information with other non-personally identifiable information and aggregate information collected from other sources.
Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.
Periodic emails. The email address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.
Information Retention. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements. We may dispose of any information in our discretion without notice, subject to applicable law. We do not undertake any retention obligations through this statement.
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
a) you have given consent to the processing of your personal data for one or more specific purposes;
b) processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;
c) processing is necessary for compliance with a legal obligation to which we are subject;
d) processing is necessary to protect the vital interests of you or of another natural person;
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
f) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
What is our legal basis for processing Personal Data ?
If you are a visitor from the European Economic Area, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.
However, we will normally collect Personal Data from you only where we need the Personal Data to perform a contract with you, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.
If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).
Similarly, if we collect and use your Personal Data in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided below.
Data we process on your behalf: Service Data
If you are using our products/services, we only process Service Data as per our Customer's instructions. For purposes of the GDPR and the Swiss Federal Act on Data Protection, we are the processor and not the controller of the Service Data. Service Data, means all electronic data, text, messages or other materials, including Personal Data of Users and End-Users, submitted to the Service(s) by our Customers through Customer’s Account in connection with Customer’s use of the Service(s), including data collected for providing the service. Our EEA or Switzerland based Customers are the “controllers” of that data and are responsible for compliance with the applicable data protection law. We work with our Customers to help them provide notice to their customers concerning the purpose for which Personal Data is processed by Astra.
If you are our Customer from EEA or Switzerland, then in your role as a controller, you are authorizing, on behalf of you and your authorized agents and End-Users, and representing that you have the authority to provide such authorization to the processing and transfer of Personal Data in and to the United States and other countries which may have different privacy laws from your or their country of residence. We will take all steps reasonably necessary to ensure that the Service Data is treated securely and in accordance with this Notice.
We do not own, control or direct the use of Service Data, and in fact we are largely unaware of what information is being stored on our platform and only access such information as reasonably necessary to provide the Service(s) (including to respond to support requests), as otherwise authorized by Customers or as required by law.
As the controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain necessary consent or authorization for any Personal Data that is collected as part of the Service Data through your use of the Service(s). As the processors of Personal Data on behalf of our Customers, we follow Customer’s instructions with respect to the Service Data to the extent consistent with the functionality of our Service(s). In doing so, we implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Data.
How do we protect your information?
Keeping your information secure is of great concern to us. We exercise care in facilitating the transmission of information between your device or computer and our servers (or the third party servers that operate and store information for the Service). Any personally identifiable information collected by the Service is stored in operating environments that are not available to the public.
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. We offer the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers. While we have mechanisms in place to safeguard your personal information after we receive it, no transmission of data over the internet can be 100% secure.
Yes (cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.
Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Insolvency or Business Transition. If we should ever file for bankruptcy or engage in a business transition such as a merger with another company, or if we purchase, sell, or reorganize all or part of our business or assets, we may disclose your information, including personal information, User Content, and user data or information, to prospective or actual purchasers in connection with one of these transactions.
To Members of the Corporate Family. Astra may disclose your information to our parent, subsidiaries and other affiliates, and their agents and employees.
Disclaimer. Due to the complexity and open nature of the Internet, no transmission of data over the Internet can be 100% secure. There is always a risk that information collected by and/or displayed on the Service may be compromised or accessed notwithstanding the steps we take to secure your information. For example, a third party may unlawfully intercept or access transmissions or private communications, or other users of the Service may abuse or misuse your personal information. Accordingly, you agree that you are providing such information at your own risk.
How Can You Access, Update, or Delete Your Data & Your Personal Information?
You have the legal right to ask for a copy of any of your personal data held by us (where such data is held).
Please contact us for more details at [email protected] or write us at the address mentioned in the contact section below. We will make good faith efforts to resolve requests to correct inaccurate information except where the request is unreasonable, requires disproportionate technical effort or expense, jeopardizes the privacy of others, or would be impractical.
Your right to withhold information and your right to withdraw information after you have given it.
How to manage, control and delete cookies, web beacons and similar technologies
Internet browsers allow you to change your cookie settings. These settings are usually found in the ‘options’ or ‘preferences’ menu of your internet browser. In order to understand these settings, the following links may be helpful. Otherwise you should use the ‘Help’ option in your internet browser for more details.
If you wish to withdraw your consent at any time, please email us at [email protected]
Information that you disclose in a public space, including on any blog, bulletin board, chat room, or website Astra may host for you as part of your Astra services, is available to anyone else who visits that space. Astra cannot safeguard any information you disclose in these locations.
If you voluntarily offer any feedback, data, answers, questions, comments, suggestions, ideas or the like, Astra will treat that portion of the information as non-confidential and nonproprietary and, except as otherwise expressed in this Policy, Astra assumes no obligation to protect such information from disclosure. To request removal of your personally identifiable information from our blog or community forum, contact us at [email protected] In some cases, we may not be able to remove your personally identifiable information, in which case we will let you know if we are unable to do so and why.
Our servers are located in the United States & offices located in India, so your information may be transferred to, stored, or processed in the United States. While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, we take many steps to protect your privacy, including offering a data processing agreement for European Union (“EU”) customers.
To comply with EU General Data Protection Regulation (“GDPR”), our EU customers must sign our Data Processing Agreement (“DPA”) and the Standard Contractual Clauses to establish the respective responsibilities between the Astra customer (as the data controller) and Astra itself (as the data processor). If the GDPR applies to you please email us at [email protected] We will provide both the DPA and Standard Contractual Clauses for you to sign.
By using the Services, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in the United States & India and those third parties with whom we share it as described in this policy.
Our Commitment To Data Security
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online.
Childrens Online Privacy Protection Act Compliance
Terms and Conditions
Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our website at https://www.getastra.com/terms