Effective Date – April 14, 2025
Last Updated – April 14, 2025

This Privacy Notice explains the policy regarding the collection, use, disclosure, and transfer of your information by Astreya Partners, LLC and its subsidiaries and affiliates (“Astreya Group”) (collectively “we/us/ our/Astreya”) through https://astreya.com/ (“Site”) for all the services provided by us (“Services”). If you are located in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“U.K.”), please refer to this Notice for more information about which specific entity or entities act as a controller of your personal data. This Notice may change as we update, improve, and expand the Services, so please check it periodically. By accessing the Site or otherwise using the Services, you consent to collection, storage, and use of the personal information you provide (including any changes thereto as provided by you) for any of the Services offered by us.

This electronic record is generated by a computer system and does not require any physical or digital signatures.

This Privacy Notice is a legally binding document between the User (“you,” “your,” “yourself”) of the Site and us. Please read the terms of this privacy notice very carefully and should you disagree with the terms of this notice, please do not use the website.

Astreya is a Processor, not a Controller, of personal data that we process on behalf of our Subscribers when they use Astreya products and Services. For clarity, this means that this Notice does not apply to where Astreya processes personal data as a processor in its products and Services. If you have questions related to how an Astreya Subscriber utilizes your personal data, please contact them directly. We are not responsible for the privacy or data security practices of our Subscribers. This Notice also does not apply to personal data about current and former Astreya employees, job candidates, or contractors and agents acting in similar roles.

1.Introduction

When Does This Notice Apply?

This Notice applies only to personal data that Astreya handles as a Controller (meaning we determine how and why your personal data is processed). This includes situations where you:

  • Visit or interact with the Site, Astreya mobile applications, our branded social media pages, or other websites we operate (collectively, our “Digital Properties”);
  • Register for or participate in our webinars, events, programs, marketing campaigns, or promotional activities;
  • Interact with us in person, such as by visiting our offices; or
  • Inquire about or engage in commercial transactions with us.                

2.Personal Data We Collect and Disclose

The below table describes what personal data we collect about you and to whom we disclose personal data. California individuals: This table includes the parties we disclose personal data to for a business or commercial purpose, as defined by California law.

Categories of Personal Data Collected Disclosures of Personal Data
Identifiers, such as your name, email address, postal address, phone number, and device identifiers (e.g., advertising identifiers and IP address). We may share your information with the following parties:
  • Affiliates and subsidiaries within the Astreya Group, which includes parent and ultimate holding companies, affiliates, subsidiaries, business units, and any other companies that we may acquire in the future, once they become part of the Astreya Group.
  • Service providers, such as security and platform vendors.
  • Third parties necessary to complete a transaction, such as credit card processors.
  • Business partners with whom we jointly market or sell our products and services, such as channel partners.
  • Third parties, at your direction, such as event sponsors.
  • Professional advisors, including lawyers, accountants, and auditors.
  • Entities involved in a corporate transaction, including in the event of a sale, acquisition, or merger of all or part of our assets.
  • Companies that operate cookies and tracking technologies, as described later in this Notice, including marketing and advertising partners.
  • Other parties to whom you have consented to the disclosure.
Commercial information, including consumer preferences (e.g., purchasing history or tendencies), and transactional information, such as banking or payment details. We may disclose your information to the following categories of recipients:
  • Affiliates and subsidiaries within the Astreya Group, including parent and ultimate holding companies, affiliates, subsidiaries, business units, and any companies that we may acquire in the future once they become part of the Astreya Group.
  • Service providers, such as security vendors and platform providers.
  • Third parties necessary to complete a transaction, such as credit card processors.
  • Professional advisors, including legal counsel, accountants, and auditors.
  • Entities involved in a corporate transaction, such as in the event of a sale, acquisition, or merger of all or part of our assets.
  • Other parties to whom you have consented to the disclosure.
Internet or other electronic network activity information and device information, such as your browsing history, search history, device details, and other data—whether collected through passive browsing or active engagement—related to your interactions with us and your use of our products, services, emails, and other digital properties. We may disclose your information to the following categories of recipients:
  • Affiliates and subsidiaries within the Astreya Group, including parent and ultimate holding companies, affiliates, subsidiaries, business units, and any companies that we may acquire in the future after they become part of the Astreya Group.
  • Service providers, such as security vendors and platform providers.
  • Companies that operate cookies and tracking technologies, as described later in this Notice, including marketing and advertising partners.
  • Entities involved in a corporate transaction, such as in the event we sell, acquire, or merge all or part of our assets.
Geolocation information, such as your approximate location derived from your IP address, mobile device location, or information you voluntarily provide to us (e.g., city and state submitted through a web form). You may be able to control the collection of this data through your device settings. We may share your information with the following categories of recipients:
  • Affiliates and subsidiaries within the Astreya Group, including parent and ultimate holding companies, affiliates, subsidiaries, business units, and any companies that we may acquire in the future after they become part of the Astreya Group.
  • Service providers, such as security vendors and platform providers.
  • Entities involved in a corporate transaction, including in the event we sell, acquire, or merge all or part of our assets.
  • Companies that operate cookies and tracking technologies, as described later in this Notice, including marketing and advertising partners.
Audio, electronic, visual, and other sensory information, such as CCTV recordings captured at our premises (e.g., when you visit our offices); recordings of your interactions with our sales or advocacy teams (e.g., for quality assurance or training purposes, in accordance with applicable laws); and customer support chat or messaging logs. We may share your information with the following categories of recipients:
  • Affiliates and subsidiaries within the Astreya Group, including parent and ultimate holding companies, affiliates, subsidiaries, business units, and any companies that we may acquire in the future after they become part of the Astreya Group.
  • Service providers, such as security vendors and platform providers.
  • Entities involved in a corporate transaction, including in the event that we sell, acquire, or merge all or part of our assets.
Inferences, as defined under California law, such as predictions about your preferences or characteristics—e.g., the types of marketing content you are likely to respond to positively. We may share your information with the following categories of recipients:
  • Affiliates and subsidiaries within the Astreya Group, including parent and ultimate holding companies, affiliates, subsidiaries, business units, and any other companies that we may acquire in the future after they become part of the Astreya Group.
  • Service providers, such as platform vendors.
  • Entities involved in a corporate transaction, including in the event that we sell, acquire, or merge all or part of our assets.
Sensitive personal data, such as proof of vaccination or information regarding race and ethnicity (where provided voluntarily and permissible under applicable law). We may share your information with the following categories of recipients:
  • Affiliates and subsidiaries within the Astreya Group, including parent and ultimate holding companies, affiliates, subsidiaries, business units, and any other companies that we may acquire in the future after they become part of the Astreya Group.
  • Service providers, such as platform vendors.
  • Entities involved in a corporate transaction, including in the event that we sell, acquire, or merge all or part of our assets.
  • Other parties to whom you have consented to the disclosure.

In addition to the disclosures described above, we may share your personal data in order to respond to lawful requests from law enforcement or other governmental authorities, including to meet national security or law enforcement requirements. We may also de-identify, anonymize, or aggregate personal data and use or share such information with third parties for any purpose, where permitted by applicable law.

3. How We Process Personal Data

We may process your personal data for the following purposes:

Purpose of Processing Lawful Basis
To provide our products, Services, and Digital Properties to you, including: processing and fulfilling transactions; enabling access to our Digital Properties and Services; operating, maintaining, and improving those properties and Services; communicating with you (e.g., responding to support requests or delivering security updates); and diagnosing, repairing, and monitoring service and quality issues. Legitimate interests; Contract; Legal obligations
For our own business purposes, including: maintaining internal business records and conducting internal reporting; collecting payments and performing accounting and related functions; auditing and managing projects associated with our Services; performing IT security management and other IT-related tasks (such as administration of our technologies and networks); evaluating and improving our business operations, Services, and Digital Properties; conducting research and development of new products and services; and processing your responses to surveys and questionnaires. Legitimate interests; Legal obligations
For legal, safety, or security reasons, including: complying with legal obligations; establishing, exercising, or defending against legal claims; protecting the safety, security, and integrity of our property and the rights of individuals who interact with us or others; investigating violations of our content or conduct policies; and detecting, preventing, and responding to security incidents or other malicious, deceptive, fraudulent, or illegal activities. These purposes may also involve the collection and processing of special categories of personal data (e.g., health data) in connection with office visits or events, where necessary for public health reasons or as required by applicable law. Legitimate interests; Legal obligations; Public interest
For marketing purposes related to our products and Services—or those of third parties, such as our business partners—including: soliciting or publishing testimonials and feedback; sending you marketing and promotional communications or product recommendations (via email, phone, or other online and offline channels); facilitating your participation in contests, events, or promotions; assessing ad impressions; and engaging in contextual ad customization. You may opt out of receiving marketing communications at any time by clicking the “unsubscribe” link at the bottom of our emails. Please note that some of our marketing materials may use tracking technologies and analytics tools to help us better understand your preferences. Consent (where required by law); Legitimate interests
To fulfill a referral request when you use our referral service to tell a friend or colleague about our Services. This may include using the name, email address, title, and company name you provide to contact the person you are referring. Consent (where required by law); Legitimate interests
Diversity, equity, and inclusion, including supporting initiatives and promoting representation within our organization, where such processing is authorized by applicable law. Consent (where required by law); Legitimate interests
Corporate transactions, such as mergers, acquisitions, sales, reorganizations, bankruptcy proceedings, or other business transitions and related corporate events. Legitimate interests; Legal obligations
With your consent, when you have voluntarily agreed to the processing of your personal data. Consent

Astreya will honor data subject rights to the extent required by applicable law. You may have the right to access, correct, update, or, in certain cases, request the deletion of your personal data (subject to legal exceptions). To exercise these rights, you may submit a request by contacting us at privacy@astreya.com.

Astreya engages a limited number of third-party service providers to support specific data processing activities. These providers assist with site functionality, database monitoring, technical operations, data transmission, and data storage. In the course of providing these services, third parties may process or store personal data.

Astreya maintains contracts with these providers that restrict their access, use, and disclosure of personal data in accordance with our obligations under the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, including the onward transfer provisions. Astreya remains liable for any failure by these third parties to meet those obligations, where we are responsible for the event giving rise to the damage.

4. Sources of Personal Data

  • Information you provide to us directly, such as when you register or communicate with us through our Digital Properties, visit our offices, or participate in our events, marketing initiatives, or outreach activities.
  • Information collected from your employer, coworkers, or friends, including details about representatives or other employees of our current, former, or prospective customers, suppliers, investors, and business partners. We may also receive your information via a referral from a friend in connection with our Services.
  • Information automatically collected, such as technical data related to your interactions with our Digital Properties (e.g., IP address, browsing behavior, and purchase history). More details are available in the section below and in our [Cookies Notice].
  • Information from public sources, including public records and content you share in publicly accessible forums, such as social media platforms.
  • Information from other third parties, such as third-party service and content providers, entities with whom we partner to market or sell products and services, and social media networks (including embedded features like the “Facebook Like” button).

We may combine information collected from the various sources described in this Notice, including public and third-party sources, and use or disclose it for the purposes outlined in this Notice.

5. Cookies and Tracking Technologies

We use cookies and other tracking technologies, and we offer you the ability to manage your preferences as outlined in our [Cookies Notice][e][f]. Some of these technologies allow us to track activity on your device over time and across different websites and devices. While certain web browsers offer “Do Not Track” (DNT) settings, we do not currently respond to DNT signals.

6. Security and Retention

We maintain appropriate security procedures, as well as technical and organizational measures, to protect your personal data against accidental or unlawful destruction, loss, disclosure, alteration, or misuse.

Your personal data will generally be retained for as long as necessary to fulfill the purposes for which it was collected. Once you and/or your company terminate your contractual relationship with us—or otherwise end your relationship with us. We may retain your personal data in our systems and records to ensure the proper fulfillment of any surviving contractual provisions or for other legitimate business purposes. These may include maintaining evidence of our business practices and contractual obligations, informing you about our products and services, or complying with applicable legal, tax, or accounting requirements.

When we no longer have a legitimate business need or lawful legal basis to process your personal data, we will delete, anonymize, or aggregate it. If deletion is not immediately possible (for example, if your personal data is stored in backup archives), we will securely store and isolate it from further processing until deletion becomes feasible.

If you would like more information about the specific retention periods that may apply to your circumstances, please contact us at privacy@astreya.com.         

7. Children’s Privacy

Our Sites and Services are not directed to children under the age of 16, and we do not knowingly collect personal data online directly from children. If you are a parent or legal guardian and believe that your child has provided us with personal data, please contact us at privacy@astreya.com, and we will take appropriate steps to investigate and address the issue.     

8. External Links

When interacting with us, you may encounter links to external websites or online services, including those embedded in third-party advertisements. We do not control and are not responsible for the privacy practices or data collection policies of such third-party sites or services. We encourage you to review the privacy notices of those third parties directly if you have any questions or concerns about their practices.

9. Contact Information

If you have any questions or complaints regarding this Notice or the Astreya Group’s privacy practices, please contact us at privacy@astreya.com.

In compliance with the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to refer unresolved complaints concerning our handling of personal data received under these frameworks to TRUSTe, a U.S.-based alternative dispute resolution provider.

10. Supplemental Terms for California Residents

Pursuant to the California Consumer Privacy Act (“CCPA”), this Section 10 applies to certain personal data collected about California residents where Astreya determines the purposes and means of processing such data (referred to as a “business” under the CCPA). This section supplements the rest of our Notice.

Please note that this Section does not apply to current or former employees, job applicants, contractors, or agents of Astreya.

Additional Data Processing Disclosures 

The below table provides the categories of personal data we have sold, shared, or disclosed to third parties, as defined by the California Privacy Rights Act. For reference, the table in Section 2 provides the categories of personal data collected and our disclosures of personal data.

Categories of Personal Data We Collect Categories of Third Parties to Whom Personal Data is “Sold or Shared”
Identifiers, such as your name, email address, postal address, phone number, and device identifiers (e.g., advertising identifiers and IP address).
  • Companies that operate cookies and tracking technologies, such as marketing and advertising partners.
  • Business partners, including those with whom we jointly market or sell our products and Services, such as channel partners.
Commercial information, including preferences (such as purchasing history or tendencies) and transactional information (such as banking details).
  • Not applicable
Internet or other electronic network activity information and device information, such as your browsing history, search history, device details, and other information—whether collected through passive browsing or active engagement—related to your interactions with us and your use of our products, services, emails, and other digital properties.
  • Companies that operate cookies and tracking technologies, such as marketing and advertising partners that assist with analytics, personalization, and targeted advertising.
Geolocation information, such as your approximate location derived from your IP address, mobile device location, or information you voluntarily provide (e.g., city and state submitted through a web form). You may be able to control the collection of this data through your device settings.
  • Companies that operate cookies and tracking technologies, including marketing and advertising partners that assist with analytics, personalization, and targeted advertising.
Audio, electronic, visual, and other sensory information, such as CCTV recordings captured at our premises (e.g., when you visit our offices); recordings of your interactions with our sales or advocacy teams (e.g., for quality assurance or training purposes, in accordance with applicable laws); and customer support chat or messaging logs.
  • Not applicable
Inferences, as defined under California law, such as predictions about your preferences, characteristics, or behavior—for example, the types of marketing content you are likely to respond to positively.
  • Not applicable
Sensitive personal data, such as proof of vaccination or optional information about race and ethnicity (where permissible under applicable law).
  • Not applicable

Although we have not “sold” or “shared” personal data for monetary consideration in the past 12 months, we engage in standard practices with our Digital Properties that may be considered a “sale” or “sharing” under California law.

We do not knowingly sell or share the personal data of individuals under the age of 16.

Additionally, we do not collect or process sensitive personal information, as defined by California law—for the purpose of inferring characteristics about you. Astreya only uses sensitive personal information in ways that fall within the exceptions to the right to limit such use, as permitted by law.

Financial Incentives: We may offer certain benefits or incentives in exchange for your personal data, for example, providing a discount or coupon to individuals who complete a survey. In connection with such surveys, we may collect personal data including your name, contact information, preferences, experiences, beliefs, opinions, and other responses to survey questions.

Participation in surveys is voluntary and subject to the specific terms and conditions provided for each survey. These terms will include details about any associated financial incentives and instructions on how to participate. The value of your personal data is reasonably related to the value of the offer, which we calculate based on the cost of providing the benefit.

You may withdraw from any financial incentive at any time by contacting us at privacy@astreya.com. If we offer other types of financial incentives in the future, we will provide you with the material terms at the time of the offer.

Your Data Protection Rights

Subject to legal limitations, certain California residents may have the below rights.

  • Right to Know. You have the right to request the following information:
  • The categories of personal data we have collected about you
  • The categories of sources from which the personal data was collected
  • The purposes for collecting the personal data
  • The categories of third parties to whom we disclosed your personal data
  • The purposes for which we disclosed your personal data (the “Categories Report”)

You also have the right to request information about the specific pieces of personal data we have collected about you (the “Specific Pieces Report”).

  • Right to Delete. You have the right to request that we delete the personal data we have collected from you, subject to certain exceptions as permitted by law.
  • Right to Correct. You have the right to request that we correct any inaccurate personal data we maintain about you.     
  • Right to Opt Out of Sale or Sharing. We do not sell personal data to third parties in exchange for money. However, as we explain above, we share information with advertising partners and allow advertising partners to collect information from our Digital Properties. This exchange may be considered a “sale” or “sharing” under California law, and you have the right to opt out of this “sale” or “sharing” of personal data.

California residents may exercise their Right to Know, Right to Delete, and Right to Correct by contacting us at privacy@astreya.com. We will not discriminate against you in any way that is prohibited by applicable law for exercising your privacy rights.     

How to Fully Exercise the Right to Opt Out of Sale or Sharing: To fully exercise your Right to Opt Out of Sale or Sharing with respect to any “sale” or “sharing” of your personal information, you must complete both of the following steps:     

  1. Submit a Right to Opt Out of Sale or Sharing request by contacting us at privacy@astreya.com; and
  2. Disable advertising cookies and other tracking technologies by clicking the “Do Not Sell or Share My Personal Information” link in the footer of our website. You must complete this step on each of our Sites, from each browser, and on each device you use. This is necessary so we can place a first-party cookie that signals your opt-out preference for that specific browser and device.

If you block cookies, we may be unable to honor your Right to Opt Out of Sale or Sharing request for device data that is automatically collected and disclosed to third parties through cookies, pixels, and other tracking technologies. Additionally, if you clear cookies from your browser, you will need to repeat Step 2 outlined above to re-establish your opt-out preference.

To the extent required by California law, we will honor “Do Not Sell or Share” opt-out preference signals sent in a commonly used and recognized format at the browser level—such as through an HTTP header field or a JavaScript object.

Verification: To process California data protection requests, we may need to collect certain information to locate you in our records or verify your identity, depending on the nature of your request. In most cases, we will ask for details such as your name, email address, or other relevant information.

If you submit a Right to Know – Specific Pieces Report, we may also require you to provide a signed declaration under penalty of perjury confirming your identity. In some cases, we may request alternative forms of verification and/or engage third-party services to assist in the identity verification process.

Authorized Agents: Authorized agents may exercise California data protection rights on behalf of California individuals, but we reserve the right to verify the individual’s identity directly as described above. Authorized agents must contact us by submitting a request by writing to us at privacy@astreya.com and indicate that they are submitting the request as an agent. We may require the agent to demonstrate authority to act on your behalf by providing signed permission from you. We may also require you to verify your own identity directly with us or to directly confirm with us that you provided the authorized agent permission to submit the request.

Timing: We will process Right to Opt Out of Sale or Sharing requests within fifteen (15) business days from the date we receive the request. We will respond to Requests to Delete and Requests to Know within forty-five (45) days, unless additional time is needed. If more time is required, we will notify you, and the total response time may take up to ninety (90) days.

11. Supplemental Information for the EEA, Switzerland, and the U.K.

The following terms supplement the Notice with respect to our processing of EEA (i.e., European Union Member States, Iceland, Liechtenstein, and Norway), Swiss, and U.K. personal data. In the event of any conflict or inconsistency between the other parts of the Notice and the terms of this Section 11, Section 11 shall govern and prevail with regard to the processing of EEA, Swiss, and U.K. Personal Data, to the extent applicable.

Data Controller: The Astreya entity with which you have a primary relationship, such as the entity that entered into a Services contract with you, provided you with marketing or promotional communications, or is the primary entity in the region where you access our Site, will act as the data controller for purposes of this Notice. In most cases, this will be Astreya Partners, LLC, unless we inform you otherwise.     

  1. Legal Basis for Processing:

Please see above for the legal basis on which we rely for the collection, processing, and use of personal data.

  1. Your Data Protection Rights 

Under applicable data protection laws, you may exercise certain rights regarding your personal data:

  • Right to Access. You have the right to obtain confirmation from us whether we are processing your personal data and related information, as well as the right to obtain a copy of your personal data undergoing processing.
  • Right to Data Portability. You may receive your personal data, that you have provided to us, in a structured, commonly-used, and machine-readable format, and you may have the right to transmit it to other data controllers without hindrance. This right only exists if the processing is based on your consent or a contract, and the processing is carried out by automated means.
  • Right to Rectification. You have the right to request the rectification of inaccurate personal data and to have incomplete data completed.
  • Right to Objection. You have the right to object to the processing of your personal data in certain cases.
  • Right to Restrict Processing. You may request that we restrict the processing of your personal data in certain cases.
  • Right to Erasure. You may request that we erase your personal data in certain cases.
  • Right to Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority. In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to cooperate and comply, respectively, with the advice of the panel established by the EU Data Protection Authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.     
  • Right to Refuse or Withdraw Consent. If we ask for your consent to process your personal data, you are free to refuse. If you have provided consent, you may withdraw it at any time without adverse consequences. The lawfulness of any processing carried out before the withdrawal of your consent will not be affected.     
  • Right to Not Be Subject to Automated Decision-making. The types of automated decision-making referred to in Article 22(1) and (4) of the EU/UK General Data Protection Regulation (“GDPR”) do not take place in connection with your personal data. Should this change, we will inform you of the reasons for and logic behind any such decision, its significance, and its potential consequences. You will also have the right to request human intervention, express your point of view, and contest the decision.     

You may exercise these rights by contacting us using the details provided above. Please note that we may decline to act on certain requests where permitted by law, for example, if fulfilling the request would infringe upon the rights or freedoms of others or conflict with our legal obligations.

C. International Transfers of Personal Data 

Due to the global nature of our operations, some of the recipients described in this Notice may be located in countries outside the European Economic Area (EEA), Switzerland, or the United Kingdom that do not offer an adequate level of data protection as defined by applicable data protection laws in those regions.

Transfers of personal data within the Astreya Group or to third parties in such countries are conducted using valid data transfer mechanisms, which may include the EU Standard Contractual Clauses (SCCs) and/or the UK Addendum, Binding Corporate Rules (BCRs), approved codes of conduct or certification mechanisms, statutory derogations, or other lawful transfer mechanisms recognized by the EEA, Swiss, or UK authorities.

Certain third countries have been officially recognized by the EEA, Swiss, and UK authorities as providing an adequate level of protection, and in such cases, no additional safeguards are required.

For more information on how we transfer personal data, or to request a copy of the applicable data transfer mechanism, please contact us using the contact information provided above.

Astreya Group complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as set forth by the U.S. Department of Commerce.

Data Protection Officer: The contact details for our data protection officer are as follows:

Attention:
The Data Protection Officer, Astreya Partners, LLC.
2033 Gateway PL, Ste 500, San Jose CA 95110
Email ID: privacy@astreya.com

12. Supplemental Information for Other Regions

  • Canada: Personal data, as defined in the Personal Information Protection and Electronic Documents Act (“PIPEDA”) will be collected, stored, used, and/or processed by the Astreya Group in accordance with the Astreya Group’s obligations under PIPEDA.
  • Japan: Personal data collected, stored, used, and/or processed by the Astreya Group, as described in this Notice, is collected, stored, used, and/or processed in accordance with Japan’s Act on the Protection of Personal Information (“APPI”).
  • Singapore: Personal data collected, stored, used and/or processed by the Astreya Group, as described in this Notice, is collected, stored, used, and/or processed in accordance with the Astreya Group’s obligations under the Personal Data Protection Act 2012 (“PDPA”).
  • United Kingdom: Personal data collected, stored, used, and/or processed by the Astreya Group, as described in this Privacy Notice, is collected, stored, used, and/or processed in accordance with the Astreya Group’s obligations under the UK Data Protection Act 2018, as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019, as amended, superseded or replaced (“U.K. GDPR”).
  • India: Personal data collected, stored, used and/or processed by the Astreya Group, as described in this Notice, is collected, stored, used, and/or processed in accordance with the Astreya Group’s obligations under the Personal Data Protection Act (“DPA”).

13. English Version Controls

Non-English translations of this Notice are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version shall be authoritative and shall control.     

14. Astreya Partners, LLC Group

This Privacy Notice applies to the following affiliated entities within the Astreya Group:

  • Astreya Partners, LLC
  • Astreya Partners, Inc.
  • Astreya Partners Canada Inc.
  • Astreya Partners Mexico, S. de R.L. de C.V.
  • Astreya Limited (United Kingdom)
  • Astreya Consultancy Ireland Ltd
  • Astreya Consultancy Ireland Limited, Spółka z o.o. (Poland Branch)
  • Astreya GmbH (Switzerland)
  • Astreya Consultancy India Private Ltd
  • Astreya Partners, LLC operating as Astreya PHP (Philippine Branch)
  • Astreya Japan Godo Kaisha (Japan)
  • Astreya Asia Pacific Pte Ltd (Singapore)
  • Astreya Pty Limited (Australia)
  • Astreya Partners Taiwan LLC
  • Astreya Partners Malaysia Sdn. Bhd.
  • Astreya Consultancy South Africa (Pty) Ltd

Links to Other Sites

This Site may contain links to third-party websites. While we strive to link only to sites that uphold high standards and respect for privacy, we are not responsible for the content or privacy practices of such sites. Users who choose to access other websites through links on this Site should review the privacy policies and terms of use of those websites before using their services.

Privacy Notice Updates

From time to time, we may revise this Privacy Notice to reflect changes in our practices, legal requirements, technological advancements, or business initiatives. Please review this page periodically to stay informed about how we protect your personal information.

We are committed to continuously improving our Services, which are dynamic and may evolve over time. As new features are introduced, some may involve the collection of additional personal data. If we begin collecting substantially different types of personal information or materially change how we handle your data, we will update this Privacy Notice accordingly.

Terms of Use and Acceptance

Access to and use of this Site is conditioned upon your acceptance of all the terms and conditions set forth in this Notice, without modification or reservation of any kind.

IMPORTANT: If you do not agree to any of the foregoing terms and conditions, or if you are not authorized to accept them, please do not use or access this Site.