Privacy Policy

At Astronort, we’re committed to protecting your privacy. Here is our Privacy policy to help you understand what information we collect, how we use it, and most importantly, what choices you have.

When we talk about the “Site” in this policy, we are referring to the Astronort website at www.astronort.com ‍

When we talk about “Clients”, we are referring to our clients, who are organisations to which we provide our Services.

When we talk about the “Services” in this policy, we are referring to the services provided to our Clients which allow them to use our Application.

When we talk about an “Application” we are referring to Ask Astro, or other applications which operate.

When we talk about “personal data”, we are referring to information that identifies you as an individual or relates to an identifiable individual, which can include (for example) name, title, company name, personnel details, job information, postal address, telephone number, or email address.

When we talk about “company data”, we are referring to information that identifies you as a company, is part of day to day operations of a company, which can include commercially sensitive or confidential information and data.

When we talk about “AI Technologies” we are referring to deep learning, machine learning, and other artificial intelligence technologies, including any and all (a) proprietary algorithms, software or systems using generative AI models, or reinforcement learning, and (b) proprietary embodied AI and related hardware or equipment.

When we talk about “Third-Party AI Product” we are referring to any product or service of a third party that employs or makes use of AI Technologies.

Structure of the policy

This privacy policy is provided in a layered format so you can click through below to the section which relates to the information that we collect about you.

1. Important Information and Who We Are

2. Categories of Data Subjects

3. Promotional Communications

4. Disclosures of Your Personal Data

5. International Transfers

6. Data Security

7. Your Legal Rights

8. Cookies

1. IMPORTANT INFORMATION AND WHO WE ARE

Astronort Limited is the company which provides the Site and Services and operates the Application. This privacy policy is issued by Astronort Limited. When we mention "Astronort", "we", "us" or "our" in this privacy policy, we are referring to Astronort Limited.

This privacy policy gives you information on how we collect and process your personal data as (a) a processor when you are an end user of any Application, or (b) a controller, through your direct use of our Site, by applying to work with us, by sending us correspondence, or providing us with products or services.

In addition, if you are located in the European Economic Area, it outlines your data protection rights under the EU data protection regime introduced by the General Data Protection Regulation (Regulation 2016/679) (the “GDPR").

The Site, Services, and the Applications are not intended for children and we do not knowingly collect data relating to children. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please promptly contact us at privacy@astronort.com

Please contact us at privacy@astronort.com if you have any queries in relation to the processing of your personal data under this policy.

We have appointed a privacy manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the privacy manager at privacy@astronort.com

We sometimes update this policy. Please refer back to this page regularly to see any changes or updates to this policy.

2. CATEGORIES OF DATA SUBJECTS

(A) END USERS OF THE SITE AND APPLICATIONS

This section of this policy describes how we process personal data about people who access our Site directly or through an Application (the "End Users").

Data we collect

We may hold personal data or company data provided to us by you directly or through an Application, or by administrators or Clients on your behalf, through using our Services, through our Site, through telephone calls or other correspondence with us, or where it’s provided to us by third parties.

We may collect, store, and use the following categories of personal data about you, the End User: contact details (including name, title, address, telephone number, personal email address), gender, time zone, location details, your social media account avatar/picture, files you upload, information we collect automatically, publicly available information about you (including but not limited to public information on social media platforms) and any other personal data you provide in an interaction with an Application. If you provide third-party account credentials to us or through an Application, you understand some information in those accounts (“Third Party Account Information”) may be transmitted to our Application, and that Third Party Account Information transmitted to our Application is covered by this privacy policy.

Personal data and or company data may be collected by the Application or from you directly, or through administrators or Clients through the use of the Services.

If you are an employee or contractor of our Client, we may collect the following details from you: contact details (including name, title, address, telephone number, personal email address), log in details, location details, passwords, name of employer, job title, expertise, information you provide and files you upload.

How we use your data

We may store or use your personal data or company data for the following purposes:

(a) to provide you access to interact with the Application, including to authenticate you and to present information relevant to you when you are using the Application, including using company data to train our machine learning models with your business context

(b) to hold your personal data on our system and to contact you as necessary in accordance with our contractual obligations, or on the basis of our legitimate interests;

(d) to allow us to administer and manage your access to the Application;

(e) to monitor, develop and improve the Site, Services and the Application;

(f) to update and maintain our records, including details of people that have accessed our Services and Application;

(g) to comply with our legal obligations (including detecting, preventing or investigating fraud or crime);

(h) to scan and monitor emails sent to us for viruses or malicious software, to process and encrypt personal data and to protect and manage email traffic;

(i) for our business purposes, such as data analysis, audits, fraud monitoring and prevention, identifying usage trends and benchmarks, developing new products, enhancing, improving or modifying the Site, Services and the Application; and

(j) other actions that are necessary to manage our activities or to comply with our legal and regulatory requirements.

We do not use your personal data, including any data transferred to the Application via integrations, to develop, improve, or train generalised AI and/or ML models.

We will only use and store your data where this is in our legitimate interests or is necessary for us to comply with our legal obligations. We will only process data on the basis that it is necessary to pursue legitimate interests if those legitimate interests are not overridden by your legitimate interests, fundamental rights or freedoms.

We adhere to third-party suppliers of AI Models, including Large Language Models, machine learning models in accordance with those third-parties’ terms of service, provided that we opt-out of any training of third-party models on the Data, wherever possible.

We do not anticipate needing to obtain your consent for the processing of your personal data as listed above. If we wish to use your personal data for other purposes which do require your consent, we will contact you to request this consent and provide you with full details of the personal data that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. If you decide to give consent, you have the right to withdraw your consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purposes you originally agreed to, unless we have another legitimate legal basis for doing so.

If you don’t provide necessary information when requested, then we may not be able to provide you with access to the Site or the relevant Application.

How long we keep your data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

If our Services or the Applications are made available to you through an organisation (e.g. your employer), we retain your data as long as required by the administrator of your account. Organisation administrators are responsible for deactivating or disabling accounts for users that belong to their organisation. If a user account is deactivated or disabled, some of the information and the content provided will remain to allow other users to make full use of the Application.

(B) JOB APPLICANTS

The following section of this policy sets out how we process personal data about applicants for jobs, placements and contracts at Astronort.

Data we collect

If you apply for work with us, we will collect, store and use the following categories of personal data about you: name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications, information provided to us during telephone calls, video interviews, face to face interviews and/or meetings with you, information contained in your CV and cover letter or email, information obtained from social media (including LinkedIn) and references.

We may collect personal data about candidates from the following sources: you (the candidate) directly; recruitment agencies; background check providers; credit reference agencies; relevant authorities for criminal record checks; your named referees; and data from third parties if from a publicly accessible source including social media (such as LinkedIn).

How we use your data

We, or our HR service providers, may use your personal data for the following purposes:

(a) to assess your skills and qualifications, to consider your suitability for the position and to decide whether to enter into a contract with you;

(b) to carry out background and reference checks;

(d) to keep records related to our hiring processes;

(e) to comply with legal or regulatory requirements;

(f) to scan and monitor emails sent to us (including attachments) for viruses or malicious software, to process and encrypt personal data to protect and manage email traffic, and to store personal data on our systems to pursue our legitimate interests including for document retention purposes; and

(g) other actions that are necessary to manage our activities and/or to comply with our legal and/or regulatory requirements.

We process this personal data on the basis of our legitimate interests (to decide whether to appoint you to work for us) and to comply with applicable laws.

Once we receive your CV and covering letter or your application form, we may process that information to decide whether we have any suitable vacancies and if you meet the basic requirements to be shortlisted for that role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to contact you for an interview, we will use the information you provide to us at the interview to decide whether to offer you the work. If we decide to offer you the work, we will then take up references and we may carry out criminal record or other checks before confirming your appointment.

If you don’t provide information when requested (which is necessary for us to consider your application, such as evidence of qualifications or work history) we will not be able to process your application. For example, if we require references for the role and you fail to provide us with relevant details, we will not be able to take your application further.

We may use any sensitive personal data in the following ways:

we will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during the interview or to provide accessibility features at the workplace; and
we will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure equal opportunity monitoring and reporting.

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

We may share your personal data with HR and IT service providers for the purposes of processing your application.

How long we keep your data

If your application is successful, the information you provide during the application process will be retained by us as part of your employee file and held in accordance with our employee policies and our data retention policy or applicable laws.

If your application is unsuccessful, the information you have provided will be retained after we have communicated our decision to you. We retain your personal information for as long as reasonably necessary so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. If we wish to retain your personal information on file, on the basis that a further opportunity may arise in future and we may wish to consider you for that, we will contact you separately, seeking your explicit consent to retain your personal information for as long as reasonably necessary for that purpose.

(C) VISITORS TO OUR SITE

The following section of this policy sets out how we process personal data about visitors to our Site.

Data we collect

We may collect, use, store and transfer different kinds of personal data about you which you provide to us through our Site: name, address, email address, telephone numbers, technical data (including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website, usage data (including information about how you use our website, products and services), and marketing and communications preferences (including your preferences in receiving marketing from us and your communication preferences).

We use different methods to collect data from and about you including through:

Direct interactions with you, including by filling in forms. This includes personal data you provide when you subscribe to our publications or request marketing to be sent to you.
Automated technologies or interactions.

How we use your data

We may use your personal data for the following purposes:

(a) to use data analytics to improve our Site, marketing, and customer experience;

(b) to comply with legal or regulatory requirements;

(c) to scan and monitor emails sent to us for viruses or malicious software, to process and encrypt personal data to protect and manage email traffic; and

(d) for our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Site, Services or the Application, and identifying usage trends.

If we consider we need your consent in relation to our use of your personal data, we will contact you to request this consent and provide you with full details of the personal data that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. If you decide to give consent, you have the right to withdraw your consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purposes you originally agreed to, unless we have another legitimate legal basis for doing so.

Where the Site provides links to other websites, we are not responsible for the data protection/privacy/cookie usage policies of these other websites, and you should check these policies on the other website. If you use one of these links to leave our Site, you should note that we do not have any control over that other website.

How long we keep your data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

(D) BUSINESS CONTACTS/CLIENTS/SUPPLIERS

The following section of this policy sets out how we process personal data about our business contacts, service providers and people who have corresponded with our employees. See section 2(A) for our privacy policy as it relates to Client users of the Application or our Services.

Data we collect

We may collect, use, store and transfer different kinds of personal data about you which you provide to us including: name, address, email address, telephone numbers, place of work, job title.

How we use your data

We may use your personal data for the following purposes (as applicable):

(a) to hold your personal data on our system and to contact you as necessary in accordance with our contractual obligations, or on the basis of our legitimate interests;

(b) to provide you with information about Astronort and our Services;

(d) in respect of Clients, to send administrative information to you to inform you of changes to the Services and our terms and policies, to administer accounts and track billing payments. We will also use information to investigate any complaints relating to the misuse of the Site or Services and to respond to queries and/or comments you have forwarded to us;

(e) in respect of Clients, to allow us to process payments in relation to our Services;

(f) in respect of suppliers, to allow us to process payments and orders in respect of any goods and services provided;

(g) to comply with legal or regulatory requirements;

(h) to scan and monitor emails sent to us for viruses or malicious software, to process and encrypt personal data to protect and manage email traffic; and

(i) for our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Site and Services, and identifying usage trends.

If we consider we need your consent in relation to our use of your personal data, we will contact you to request this consent and provide you with full details of the personal data that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. If you decide to consent, you have the right to withdraw your consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purposes you originally agreed to, unless we have another legitimate legal basis for doing so.

How long we keep your data

3. PROMOTIONAL COMMUNICATIONS

Where you have provided consent, we may use your personal data and information about how you use the Site, Services, and Applications to send promotional communications that may be of specific interest to you. These communications are aimed at driving engagement and maximising what you get out of the Site, Services, and Applications, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you (including via email, text messaging and through an interaction with an Application) about new product offers, promotions, general business and marketing purposes relating to the Site, Services, Platform and Applications.

You can opt-out of receiving marketing messages from Astronort by sending an email to privacy@astronort.com, by unsubscribing through the unsubscribe link in an email, or by unsubscribing here.

We will try to comply with your request as soon as reasonably practicable. If you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages if you use our Services directly.

4. DISCLOSURES OF YOUR PERSONAL AND COMPANY DATA

We will not disclose personal data or company data we hold about you to any third party except as set out below:

Within the Application

If your personal data and or company data is added or connected to the Application through an organisation (e.g. your employer or service provider), that organisation is the data controller and will determine the policies for sharing and disclosure of the data within our Services. Configurations to limit disclosure within the Services are managed by your organisation. For example, organisations can configure who can see process information and what data their users can share.

Service providers

We work with third-party service providers to provide hosting, maintenance, backup, storage, infrastructure, payment processing, analysis and other services for us, which may require them to access information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under instruction from us, including abiding by policies and procedures designed to protect your information. Some of these service providers may be located internationally.

Affiliated businesses

In certain situations, businesses or third party websites we’re affiliated with may sell or provide products or services to you through or in connection with the Services and/or a Application (either alone or jointly with us). We will share your personal data with that affiliated business only to the extent that you have provided us with prior consent to do so. For example, you may ask us or a Client for an introduction to a relevant third-party provider. We have no control over the policies and practices of third party websites or businesses as to privacy or anything else, so if you choose to take part in any transaction or service relating to an affiliated website or business, please review all such business’ or website’ policies.

De-identified information

We may de-identify or anonymise your personal information so that you are not identified as an individual, and provide that information to our Clients or other third parties. We may also provide aggregate usage information to our Clients or other third parties, who may use such information to understand how often and in what ways people use our Services or Platform, so that they, too, can provide you with an optimal online experience. However, we never disclose aggregate usage or anonymised information to any third party in a way that would identify you as an individual person.

Legal obligations

In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our Services, or any Applications, or (d) protect Astronort, our Clients or the public from harm or illegal activities.

Sale of our business

Where we sell or transfer our business, we may provide your personal data as part of a database to the buyer, so that they can contact you about their plans for the business. In that case, we may also retain your information and use it in accordance with this privacy policy (or any other terms we agree with you). If our business is acquired, we go out of business, or go through some other change of control, your personal information could be one of the assets transferred to or acquired by a third party.

5. INTERNATIONAL TRANSFERS – EEA USERS

Astronort and our external service providers are based outside the European Economic Area (EEA), so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever your personal data is transferred out of the EEA by us, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission (for example, New Zealand).
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

Please contact us if you want further information on the specific mechanism used when transferring your personal data out of the EEA.

6. DATA SECURITY

We have put in place measures to ensure the security of the personal data we collect and store about you. We strive to protect your personal and company data from unauthorised disclosure or access, including through the use of network and database security measures, but cannot guarantee the security of any data we collect and store.

If you interact with the Site, Application or the Services via any other third party site or service, you may have additional or different sign-on protections via that third party site or service. You must prevent unauthorised access to your account and personal information by selecting and protecting your password or other sign-on mechanism appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

7. YOUR LEGAL RIGHTS

In certain circumstances, by law you may have the right to:

Request access to your personal or company data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction or updating of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected or updated.
Request deletion of your personal or company data. This enables you to ask us to delete or remove personal or company data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
Object to processing of your personal or company data where we are relying on a legitimate interest and there is something about your particular situation which makes you object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
Request the restriction of processing of your personal data. This enables you to ask us to restrict the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal data to another party (if you are based in the EEA).
Withdraw your consent. If we are processing your personal data on the basis of your consent, you have the right to withdraw such consent at any time. Withdrawing your consent will not affect the lawfulness of processes based on consent before its withdrawal. To withdraw your consent or to opt out of receiving marketing communication, please contact us at privacy@astronort.com, by unsubscribing through the unsubscribe or opt-out link in an email, or by unsubscribing here. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate legal basis for doing so.

If you wish to exercise any of the rights set out above, please email privacy@astronort.com

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one week. Occasionally it may take us longer than a week if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You have the right to make a complaint at any time to the relevant supervisory authority for data protection issues in your country. We would, however, appreciate the chance to deal with your concerns before you approach them so please contact us in the first instance.

If you have any queries about this policy or your personal data, or you wish to submit an access request or raise a complaint about the way your personal data has been handled, please email privacy@astronort.com.

8. COOKIES

We use cookies on our Site.