Privacy Policy

Last updated: November 14, 2024

1. Introduction

Astra Stack Ltd. ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. Please read this policy carefully to understand our practices regarding your personal data.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

  • Fill out our contact form (name, email, company, role, message)
  • Subscribe to our newsletter (email address, consent preferences)
  • Use our AI chat assistant (conversation data, technical questions)
  • Request a consultation or demo (contact details, project requirements)

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

  • IP address and browser information
  • Device type and operating system
  • Pages visited and time spent on pages
  • Referring website or source
  • Geographic location (country/city level)

3. How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and provide customer support
  • Send you information about our services and updates (with your consent)
  • Analyze website usage and improve our services
  • Prevent fraud and ensure security
  • Comply with legal obligations
  • Personalize your experience with our AI assistant

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on:

  • Consent: When you opt-in to receive marketing communications
  • Contractual necessity: When you request our services or consultations
  • Legitimate interests: To improve our website and services
  • Legal obligation: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service Providers: Third-party vendors who assist with email delivery, hosting, and analytics (under strict data processing agreements)
  • AI Providers: Anthropic (Claude) and OpenAI for chat functionality, with data anonymization where possible
  • Legal Authorities: When required by law or to protect our rights

6. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy. Typically:

  • Contact form submissions: 2 years or until you request deletion
  • Newsletter subscribers: Until you unsubscribe
  • Chat conversations: 90 days for service improvement
  • Analytics data: Aggregated and anonymized after 26 months

7. Your Rights

Under GDPR and other data protection laws, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Object: Opt-out of certain data processing activities
  • Withdraw Consent: Revoke consent for marketing communications at any time

To exercise these rights, contact us at privacy@astrastack.ae

8. Cookies and Tracking

We use essential cookies and similar technologies to:

  • Remember your preferences and settings
  • Understand how you use our website
  • Improve website performance and functionality

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

9. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (HTTPS/TLS)
  • Secure database storage with access controls
  • Regular security audits and updates
  • Employee training on data protection

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required by GDPR. Our infrastructure is designed to comply with UAE data residency requirements where applicable.

11. Children's Privacy

Our services are intended for businesses and professionals. We do not knowingly collect personal data from individuals under 18 years of age. If you believe we have collected such data, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this policy regularly.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Astra Stack Ltd.

Email: privacy@astrastack.ae

General Inquiries: hello@astrastack.ae

For EU residents: You have the right to lodge a complaint with your local data protection authority.