PRIVACY POLICY
AsterMind-ELM
Last Updated: November 20, 2025
This Privacy Policy describes how AsterMindAI Corporation ("we", "us", "our", or "AsterMind") collects, uses, and protects information when you use AsterMind-ELM and related services (collectively, the "Services").
By using the Services, you agree to the collection and use of information as described in this policy.
1. INFORMATION WE COLLECT
1.1. Information You Provide
We collect information that you provide directly to us, including:
- Account Information: Name, email address, company name, contact details
- Payment Information: Billing address and payment details (processed securely by third‑party payment processors such as Stripe)
- License Information: License keys, subscription status, activation metadata
- Support Communications: Any information shared when contacting support
- Registration Information: Information provided when creating an account
1.2. Information Collected Automatically
Important: AsterMind-ELM is an SDK library that runs on your systems. We do not access, collect, or store your application data or your customers' data.
When the Services operate, we may collect minimal information necessary for license validation:
License Validation Data
- License key or hashed token (for authentication)
- Timestamp and frequency of validation requests
- Product and version identifiers
Technical Information (minimal)
- IP address (security/audit)
- Basic device/runtime metadata (anonymized where possible)
Cookies / Tracking
We use only essential cookies related to:
- License session validation
- Security and anti-fraud
We do not use tracking cookies for advertising.
1.3. Information From Third Parties
We may receive information from:
- Payment processors (billing confirmations, transaction IDs)
- Support platforms (ticket metadata)
- Analytics providers (aggregated usage statistics)
- License validation partners
2. HOW WE USE INFORMATION
2.1. Service Delivery
- Provide, maintain, and improve the SDK
- Validate licenses and control access
- Process account and subscription operations
- Provide customer support
We do not process or store your application data.
2.2. Communication
- Send service announcements, updates, and security notices
- Respond to support inquiries
- Send marketing communications only with your consent
You may opt out at any time.
2.3. Security & Compliance
- Detect and prevent fraud or misuse
- Enforce Terms of Service and license restrictions
- Investigate incidents and maintain audit logs
- Comply with legal obligations
2.4. Analytics & Service Improvement
- Improve product quality and performance
- Develop new features and optimizations
- Analyze anonymized usage patterns
Only aggregated, anonymized data is used.
2.5. Legal Compliance
- Respond to subpoenas, court orders, and legal processes
- Resolve disputes and enforce agreements
3. DATA PROCESSING AND STORAGE
3.1. Processing Location
- SDK Runtime: Runs entirely on your systems; we do not access your application data.
- License Validation: Occurs on servers located in the United States.
- Payment & Billing: Processed by Stripe or similar PCI‑compliant providers.
3.2. Data Retention
| Category | Retention Period |
|---|---|
| License Validation Data | Only while your subscription is active (except where law requires longer retention) |
| Account Information | Retained while account remains active |
| Support Communications | Up to 2 years |
| Billing Records | Retained by Stripe under their policies |
| Anonymized Analytics | May be retained indefinitely |
We do not store application data, customer data, or SDK‑generated data.
3.3. Data Security Measures
We implement industry‑standard protections, including:
- Encryption in transit (TLS 1.2+) and at rest
- Role‑based access controls
- Multi‑factor authentication for internal systems
- Network and application‑level firewalls
- Regular vulnerability assessments
- Incident response procedures
No system is 100% secure, but we take reasonable measures to protect your information.
4. INFORMATION SHARING & DISCLOSURE
We do not sell your personal information.
We may share information only under the following circumstances:
4.1. Service Providers
We use trusted providers for:
- Payment processing (Stripe)
- Cloud hosting
- Customer support platforms
- License validation infrastructure
They are contractually obligated to protect your data.
4.2. Legal Requirements
We may disclose information when required to:
- Comply with applicable laws
- Respond to lawful requests and government inquiries
- Enforce our Terms or protect our rights
4.3. Business Transfers
In case of a merger, acquisition, or asset sale, your information may be transferred under the same or stronger privacy protections.
4.4. With Your Consent
We may share information when you explicitly authorize it.
5. YOUR RIGHTS AND CHOICES
Depending on your jurisdiction (GDPR, CCPA, etc.), you may have:
5.1. Access and Correction
- Request access to personal information we hold
- Update or correct account data
5.2. Deletion (Right to be Forgotten)
- Request deletion of your account and personal data
- Some information may be retained to comply with the law
5.3. Data Portability
- Request your data in a structured, machine‑readable format
5.4. Opt‑Out Options
- Opt out of marketing emails
- Manage cookie preferences via browser settings
5.5. Do Not Track
We currently do not respond to browser "Do Not Track" signals.
5.6. Submitting a Request
Email: privacy@astermind.ai
We respond within 5 business days.
6. COOKIES & TRACKING TECHNOLOGIES
We use only essential cookies for:
- Authentication
- License validation
- Security
You may disable cookies through browser settings, but some functionality may be limited.
7. CHILDREN'S PRIVACY
The Services are not intended for individuals under age 18.
We do not knowingly collect information from children.
If we discover such data, we will delete it promptly.
8. INTERNATIONAL USERS
8.1. Data Transfers
Your information may be transferred to and processed in the United States. We implement safeguards such as Standard Contractual Clauses where required.
8.2. GDPR Rights (EEA)
Users in the EEA are entitled to:
- Access, rectification, deletion
- Restriction or objection to processing
- Data portability
- Lodging a complaint with a supervisory authority
Legal bases include:
- Performance of a contract
- Legitimate interests
- Consent
- Legal obligations
8.3. CCPA Rights (California)
California residents have rights to:
- Know what personal data is collected
- Request deletion
- Know whether data is sold or shared (AsterMind does not sell data)
- Non‑discrimination for exercising these rights
9. THIRD‑PARTY SERVICES
The Services may contain links or rely on third‑party integrations (Stripe, support systems, etc.).
This Privacy Policy does not cover third‑party practices.
We recommend reviewing their policies separately.
10. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. Material changes will be communicated via:
- Email notification
- Website notice
- In‑product alerts
Your continued use of the Services constitutes acceptance of the updated policy.
11. DATA CONTROLLER INFORMATION
AsterMindAI Corporation
706 Scottingham Terrace
North Chesterfield, VA 23236
United States
Email: privacy@astermind.ai
12. CONTACT US
If you have questions about this Privacy Policy:
AsterMindAI Corporation
706 Scottingham Terrace
North Chesterfield, VA 23236
United States
Privacy Officer: privacy@astermind.ai
Website: https://astermind.ai
You may also contact your local data protection authority for GDPR‑relevant inquiries.
ACKNOWLEDGMENT
BY USING THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS PRIVACY POLICY AND CONSENT TO ITS TERMS.
IF YOU DO NOT AGREE WITH THESE PRACTICES, DO NOT USE THE SERVICES.
This Privacy Policy is effective as of the date listed above.