Privacy Policy

Last updated: Loading...

Your privacy is paramount to us. This policy explains how Astragen collects, uses, and protects your information when you use our blockchain implementation and consulting services.

Information We Collect

Personal Information

When you interact with our services, we may collect information that can identify you, including your name, email address, phone number, company information, and any other information you voluntarily provide to us through contact forms, consultations, or communications.

Technical Information

We automatically collect certain technical information when you visit our website, including IP address, browser type, device information, operating system, referring URLs, and usage patterns. This information helps us improve our services and provide better user experiences.

Communication Data

When you communicate with us, we may collect the content of your communications, including emails, messages, and other correspondence. This is necessary to provide our services and respond to your inquiries.

How We Use Your Information

Service Provision

We use your information to provide, maintain, and improve our blockchain implementation and consulting services. This includes project discussions, technical consultations, and ongoing support.

Communication

We use your contact information to respond to your inquiries, send you important updates about our services, and communicate with you regarding ongoing projects or potential collaborations.

Security and Legal Compliance

We use your information to maintain security, prevent fraud, and comply with legal obligations. This may include verifying identity, protecting against unauthorized access, and responding to lawful requests.

Data Protection

Security Measures

We implement industry-standard security measures including encryption, secure authentication protocols, and regular security audits to protect your information. Given our expertise in blockchain technology, we apply the same cryptographic principles that underpin the systems we build.

Data Minimization

We collect only the information necessary for our services and retain it only as long as needed for legitimate business purposes or as required by law. We do not sell or rent your personal information to third parties.

Access and Control

You have the right to request access to, correction of, or deletion of your personal information. You may also opt out of certain communications or withdraw consent where applicable.

Blockchain-Specific Considerations

Public Blockchain Data

Please note that any transactions or interactions on public blockchains are inherently visible and permanent on the respective blockchain network. We do not control and cannot guarantee the privacy of information that becomes part of public blockchain records.

Wallet and Key Information

We never request or store your private keys, seed phrases, or other sensitive blockchain credentials. We follow best practices to ensure you maintain full control over your digital assets and cryptographic keys.

Smart Contract Interactions

When interacting with smart contracts, your transaction details may be visible on the blockchain. We provide guidance on maintaining privacy while engaging with decentralized systems.

Third-Party Services

Service Providers

We may work with third-party service providers to assist with hosting, analytics, customer support, and other aspects of our business. These providers have access to your information only as necessary to perform their functions and are bound by confidentiality agreements.

External Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

GDPR Rights

Right to Access

You have the right to obtain confirmation as to whether your personal data is being processed and to access your personal data. We provide this information in a commonly used electronic format.

Right to Rectification

You have the right to obtain rectification of inaccurate personal data concerning you. Taking into account the purposes of processing, you have the right to have incomplete personal data completed.

Right to Erasure

You have the right to request that your personal data be erased without undue delay where personal data is no longer necessary, consent is withdrawn, or processing is unlawful.

Right to Restrict Processing

You have the right to request restriction of processing where accuracy of personal data is contested, processing is unlawful, or you object to processing.

Right to Data Portability

You have the right to receive the personal data concerning you in a structured, commonly used, machine-readable format and transmit it to another controller.

Right to Object

You have the right to object to processing of your personal data based on your particular situation. We will cease processing unless we demonstrate compelling legitimate grounds.

Legal Basis for Processing

Contractual Necessity

We process your personal data when necessary for the performance of a contract to which you are a party, such as providing consulting services or development projects.

Legitimate Interest

We process data where necessary for our legitimate interests, such as website security, fraud prevention, and improving our services, provided your rights and freedoms are not overridden.

Legal Obligation

We process personal data when necessary to comply with legal obligations, such as maintaining records for tax purposes or responding to legal requests.

Consent

We process personal data based on your explicit consent for purposes such as newsletter subscriptions and analytics cookies. You may withdraw your consent at any time.

Data Transfers

International Transfers

Your personal data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements.

Adequacy Decisions

When transferring data to countries recognized by the European Commission as providing adequate data protection, we rely on those adequacy decisions as a lawful basis for transfer.

Appropriate Safeguards

For transfers to other countries, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data is protected.

Data Retention

Retention Periods

We retain your personal data only for as long as necessary for the purposes for which it was collected, unless required by law to retain it longer. Typical retention periods include: contact inquiries (2 years), project records (7 years), and analytics data (2 years).

Secure Deletion

When personal data is no longer needed, we securely delete or anonymize it using industry-standard methods to ensure it cannot be reconstructed.

Legal Hold

We may retain personal data for longer periods if required for legal proceedings, regulatory requirements, or to protect our rights and interests.

Your Rights

Making GDPR Requests

To exercise your GDPR rights, please contact us at privacy@astragen.net with 'GDPR Request' in the subject line. We will respond to your request within 30 days as required by law.

Verification

We may request additional information to verify your identity before processing your request. This is to protect your privacy and ensure information is not disclosed to unauthorized parties.

Complaints

If you are dissatisfied with our response or believe we have violated your GDPR rights, you have the right to lodge a complaint with a supervisory authority in your country of residence or where the alleged infringement occurred.

Questions About Your Privacy?

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please don't hesitate to contact us.

Contact Our Privacy Team