Privacy Policy

At Astro, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. Please read this policy carefully.

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us, including:

• Name and contact information (email address, phone number)
• Account credentials (username, password)
• Payment information (credit card details, billing address)
• Profile information (company name, job title, profile picture)
• Communication preferences

1.2 Automatically Collected Information

When you visit our website, we automatically collect certain information, including:

• IP address and browser type
• Device information and operating system
• Referring website and pages viewed
• Time and date of visit
• Cookies and similar tracking technologies

2. How We Use Your Information

We use the information we collect for various purposes, including:

• Service Delivery: To provide, maintain, and improve our services
• Payment Processing: To process transactions and send related information
• Communication: To send updates, security alerts, and support messages
• Personalization: To customize your experience and deliver relevant content
• Analytics: To analyze usage patterns and improve our services
• Security: To detect, prevent, and address technical issues and fraudulent activity
• Legal Compliance: To comply with legal obligations and protect our rights

3. Payment Information Security

We take payment security seriously. When you process payments through our services:

• All payment transactions are processed through secure, PCI DSS compliant payment gateways
• We do not store your complete credit card information on our servers
• Payment information is encrypted using SSL/TLS technology
• We use tokenization to process recurring payments securely
• We comply with PCI DSS (Payment Card Industry Data Security Standard)

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Third-Party Service Providers

We share data with trusted third parties who assist us in operating our platform, conducting our business, or servicing you, including:

• Payment processors (e.g., Stripe, PayPal, Midtrans)
• Cloud hosting providers (e.g., AWS, Google Cloud, Azure)
• Analytics services (e.g., Google Analytics)
• Email communication services (e.g., SendGrid, Mailchimp)
• Customer support tools

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal requests from law enforcement or government authorities
• Court orders or subpoenas
• Protection of our rights, property, or safety
• Prevention of fraud or illegal activities

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your activities on our website:

5.1 Types of Cookies

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how users interact with our website
• Functionality Cookies: Remember your preferences and settings
• Marketing Cookies: Track visitors across websites to display relevant ads

5.2 Cookie Control

You can control and manage cookies through your browser settings. However, disabling cookies may affect the functionality of our website.

6. Data Security Measures

We implement industry-standard security measures to protect your information:

• Encryption: SSL/TLS encryption for data in transit
• Access Control: Restricted access to personal data
• Regular Audits: Periodic security assessments and updates
• Secure Infrastructure: Hosting with SOC 2 compliant providers
• Data Backup: Regular backups with disaster recovery plans
• Employee Training: Security awareness training for all staff

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 GDPR Rights (EU Residents)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to certain processing activities

7.2 CCPA Rights (California Residents)

• Right to Know: Information about categories of personal data collected
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information
• Right to Non-Discrimination: No discrimination for exercising privacy rights

8. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy. When your information is no longer needed, we will securely delete or anonymize it.

11. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new policy on our website
• Sending you an email notification for significant changes
• Updating the "Last Updated" date at the top of this policy

Your continued use of our services after the effective date constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

13. Specific Legal References

We comply with various international and regional data protection laws, including:

• GDPR - General Data Protection Regulation (EU)
• CCPA - California Consumer Privacy Act (USA)
• PDPA - Personal Data Protection Act (Indonesia)
• PCI DSS - Payment Card Industry Data Security Standard