1 Roles
Customers are generally the controller of visitor, lead, booking, client, and workspace data. AsthronAI acts as a processor or service provider when processing that data according to the customer's configuration, instructions, and agreement.
AsthronAI Legal
Data Processing Agreement
This Data Processing Agreement explains how AsthronAI processes personal data on behalf of business and agency customers when providing AI chat, lead capture, booking, staff access, and workspace operations.
2 Processing scope
AsthronAI may process chat messages, lead details, booking requests, client and staff account data, notification records, usage records, audit logs, billing references, integration events, and related operational metadata.
3 Processing purpose
Data is processed to provide AI-assisted chat, lead capture, qualification, booking, human handoff, staff access, notifications, billing, support, security, troubleshooting, reporting, and customer-configured integrations.
4 Customer instructions
AsthronAI processes customer data according to the platform configuration, documented customer instructions, applicable order or subscription, and lawful service operations. Customers are responsible for ensuring their instructions are lawful and that their website visitors receive any required notices.
5 Confidentiality and security
AsthronAI uses reasonable technical and organizational measures such as role-based access, secure sessions, password hashing, CSRF protection, tenant-aware records, webhook validation, audit logs, and restricted operational access. Personnel and providers with access to personal data should be subject to confidentiality obligations.
6 Sub-processors
AsthronAI may use sub-processors for hosting, AI processing, payments, calendar sync, email delivery, logging, messaging, and support infrastructure. The current provider overview is available on the Sub-processors page.
7 Data subject requests
Customers are responsible for responding to visitor, lead, staff, or client requests relating to their workspace data. AsthronAI will reasonably assist where the request relates to data stored or processed through the platform.
8 Deletion and return
Upon account closure, valid deletion request, or termination, AsthronAI may delete, export, or retain data in accordance with the agreement, legal obligations, tax or billing retention, backup cycles, dispute resolution, and security needs.
9 Security incidents
AsthronAI will take reasonable steps to investigate suspected security incidents and notify affected customers where required by applicable law or agreement.