PRIVACY POLICY
AsterMindAI Inc
Last Updated: February 19, 2026
This Privacy Policy describes how AsterMindAI Inc ("we", "us", "our", or "AsterMind") collects, uses, and protects information when you use AsterMind software, products, and services, including all software as a service (SaaS) offerings, software development kits (SDKs), application programming interfaces (APIs), and related technologies (collectively, the "Services"). This Privacy Policy should be read in conjunction with our Terms of Service and our Data Processing Agreement.
By using the Services, you agree to the collection and use of information as described in this policy.
1. INFORMATION WE COLLECT
1.1. Information You Provide
We collect information that you provide directly to us, including:
- Account Information: Name, email address, company name, contact details
- Payment Information: Billing address and payment details (processed securely by third‑party payment processors such as Stripe)
- License Information: License keys, subscription status, activation metadata
- Support Communications: Any information shared when contacting support
- Registration Information: Information provided when creating an account
1.2. Information Collected Automatically
Important: Our locally-deployed SDK products run entirely on your systems. We do not access, collect, or store your application data or your customers' data.
When the Services operate, we may collect minimal information necessary for license validation:
License Validation Data
- License key or hashed token (for authentication)
- Timestamp and frequency of validation requests
- Product and version identifiers
Technical Information (minimal)
- IP address (security/audit)
- Basic device/runtime metadata (anonymized where possible)
Cookies / Tracking
We use only essential cookies related to:
- License session validation
- Security and anti-fraud
We do not use tracking cookies for advertising.
1.3. Information From Third Parties
We may receive information from:
- Payment processors (billing confirmations, transaction IDs)
- Support platforms (ticket metadata)
- Analytics providers (aggregated usage statistics)
- License validation partners
2. HOW WE USE INFORMATION
2.1. Service Delivery
- Provide, maintain, and improve the Services
- Validate licenses and control access
- Process account and subscription operations
- Provide customer support
We do not process or store your application data.
2.2. Communication
- Send service announcements, updates, and security notices
- Respond to support inquiries
- Send marketing communications only with your consent
You may opt out at any time.
2.3. Security & Compliance
- Detect and prevent fraud or misuse
- Enforce Terms of Service and license restrictions
- Investigate incidents and maintain audit logs
- Comply with legal obligations
2.4. Analytics & Service Improvement
- Improve product quality and performance
- Develop new features and optimizations
- Analyze anonymized usage patterns
Only aggregated, anonymized data is used.
2.5. Legal Compliance
- Respond to subpoenas, court orders, and legal processes
- Resolve disputes and enforce agreements
3. DATA PROCESSING AND STORAGE
3.1. Processing Location
- SDK Runtime: Runs entirely on your systems; we do not access your application data.
- License Validation: Occurs on servers located in the United States.
- Payment & Billing: Processed by Stripe or similar PCI‑compliant providers.
3.2. Data Retention
| Category | Retention Period |
|---|---|
| License Validation Data | Only while your subscription is active (except where law requires longer retention) |
| Account Information | Retained while account remains active |
| Support Communications | Up to 2 years |
| Billing Records | Retained by Stripe under their policies |
| Anonymized Analytics | May be retained indefinitely |
We do not store application data, customer data, or SDK‑generated data.
3.3. Data Security Measures
We implement industry‑standard protections, including:
- Encryption in transit (TLS 1.2+) and at rest
- Role‑based access controls
- Multi‑factor authentication for internal systems
- Network and application‑level firewalls
- Regular vulnerability assessments
- Incident response procedures
No system is 100% secure, but we take reasonable measures to protect your information.
4. INFORMATION SHARING & DISCLOSURE
We do not sell your personal information.
We may share information only under the following circumstances:
4.1. Service Providers
We use trusted providers for:
- Payment processing (Stripe)
- Cloud hosting
- Customer support platforms
- License validation infrastructure
They are contractually obligated to protect your data.
4.2. Legal Requirements
We may disclose information when required to:
- Comply with applicable laws
- Respond to lawful requests and government inquiries
- Enforce our Terms or protect our rights
4.3. Business Transfers
In case of a merger, acquisition, or asset sale, your information may be transferred under the same or stronger privacy protections.
4.4. With Your Consent
We may share information when you explicitly authorize it.
5. YOUR RIGHTS AND CHOICES
Depending on your jurisdiction (GDPR, CCPA, etc.), you may have:
5.1. Access and Correction
- Request access to personal information we hold
- Update or correct account data
5.2. Deletion (Right to be Forgotten)
- Request deletion of your account and personal data
- Some information may be retained to comply with the law
5.3. Data Portability
- Request your data in a structured, machine‑readable format
5.4. Opt‑Out Options
- Opt out of marketing emails
- Manage cookie preferences via browser settings
5.5. Do Not Track
We currently do not respond to browser "Do Not Track" signals.
5.6. Submitting a Request
Email: privacy@astermind.ai
We will respond within thirty (30) days, or such shorter period as required by applicable law (for example, 45 days under CCPA or one month under GDPR).
5.7. Automated Decision-Making
AsterMind uses AI in its products to provide features such as natural language processing, data analysis, and workflow automation. We do not make solely automated decisions that produce legal or similarly significant effects concerning you without human oversight. You have the right to request information about any automated processing of your personal data, and to request human review of any automated decision that significantly affects you.
6. COOKIES & TRACKING TECHNOLOGIES
We use only essential cookies for the purposes described below:
| Category | Purpose | Duration | Type |
|---|---|---|---|
| Strictly Necessary | Authentication, session management | Session | First-party |
| License Validation | License key verification, subscription status | Session | First-party |
| Security | Anti-fraud, CSRF protection | Persistent (up to 12 months) | First-party |
We do not use tracking cookies for advertising or behavioral profiling.
You may disable cookies through browser settings, but some functionality may be limited.
7. CHILDREN'S PRIVACY
The Services are not intended for individuals under age 18.
We do not knowingly collect information from children.
If we discover such data, we will delete it promptly.
8. INTERNATIONAL USERS
8.1. Data Transfers
Your information may be transferred to and processed in the United States. We implement safeguards such as Standard Contractual Clauses where required.
8.2. GDPR Rights (EEA)
Users in the EEA are entitled to:
- Access, rectification, deletion
- Restriction or objection to processing
- Data portability
- Lodging a complaint with a supervisory authority
Legal bases include:
- Performance of a contract
- Legitimate interests
- Consent
- Legal obligations
8.3. CCPA Rights (California)
California residents have rights to:
- Know what personal data is collected
- Request deletion
- Know whether data is sold or shared (AsterMind does not sell data)
- Non‑discrimination for exercising these rights
We do not sell or share your personal information as defined by the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). If you wish to exercise your rights under the CCPA/CPRA, including the right to know, delete, or opt out, please contact privacy@astermind.ai.
8.4. Virginia CDPA Rights (Virginia Residents)
Residents of Virginia have rights under the Virginia Consumer Data Protection Act (VCDPA), including: access to personal data we hold about you; correction of inaccurate personal data; deletion of personal data; data portability in a commonly used format; opt-out of targeted advertising, sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects. To exercise these rights or to appeal a decision regarding your request, contact privacy@astermind.ai. We will respond within 45 days.
9. THIRD‑PARTY SERVICES
The Services may contain links or rely on third‑party integrations (Stripe, support systems, etc.).
This Privacy Policy does not cover third‑party practices.
We recommend reviewing their policies separately.
10. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. Material changes will be communicated via:
- Email notification
- Website notice
- In‑product alerts
Your continued use of the Services constitutes acceptance of the updated policy.
11. DATA CONTROLLER INFORMATION
AsterMindAI Inc
706 Scottingham Terrace
North Chesterfield, VA 23236
United States
Email: privacy@astermind.ai
12. CONTACT US
If you have questions about this Privacy Policy:
AsterMindAI Inc
706 Scottingham Terrace
North Chesterfield, VA 23236
United States
Privacy Officer: privacy@astermind.ai
Website: https://astermind.ai
You may also contact your local data protection authority for GDPR‑relevant inquiries.
ACKNOWLEDGMENT
BY USING THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS PRIVACY POLICY AND CONSENT TO ITS TERMS.
IF YOU DO NOT AGREE WITH THESE PRACTICES, DO NOT USE THE SERVICES.
This Privacy Policy is effective as of the date listed above.