Privacy Policy

How ASQR collects, uses, and protects your information.

Effective Date: July 4, 2026

1. Introduction

ASQR LLC ("ASQR," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (asqr.ai) and use our guest intelligence platform (the "Service").

This policy applies to all users of our website and Service, including event organizers, venue operators, and end guests who interact with ASQR-powered communication channels.

Our core privacy principle: We NEVER share your data with third parties for marketing, advertising, or any purpose outside of providing our Service.

Our Role: Controller and Processor

For information about our customers and website visitors (account details, billing, demo requests, and site analytics), ASQR acts as the data controller. For guest communications and event data that our customers process through the Service, ASQR acts as a processor (or service provider) on behalf of the event organizer or venue, who is the controller of that data.

If you are a guest who contacted an event through an ASQR-powered channel, that event organizer's privacy policy governs your data, and we recommend directing privacy requests to them first. We will refer any request we receive to the relevant customer and support them in fulfilling it.

2. Information We Collect

Information You Provide Directly

Account Information:

  • Name, email address, phone number
  • Company name and role
  • Billing information for paid accounts

Service Content:

  • Event information you upload (names, dates, venues, policies)
  • Knowledge base content (FAQs, procedures, venue details)
  • Communication preferences and settings

Communications:

  • Messages sent through our platform (email, chat, SMS)
  • Support requests and feedback
  • Demo requests and sales inquiries

Information Collected Automatically

Technical Information:

  • IP address, browser type, device information
  • Platform usage data (features used, session duration)
  • Performance and error logs

Cookies and Similar Technologies:

  • We use strictly necessary cookies for platform functionality
  • We use Google Analytics on our website to understand site traffic (with your consent where required)
  • No advertising or tracking cookies

Information from Third-Party Integrations

  • OAuth identity information (Google, if you choose to connect)
  • Email channel data (when you connect email integration)
  • Payment information through Stripe (billing name, email, address)

3. How We Use Your Information

We use your information solely to provide and improve our Service:

Service Delivery:

  • Operate the ASQR platform and AI-powered communication tools
  • Process and route guest communications
  • Generate insights and analytics for your events
  • Provide customer support and technical assistance

Account Management:

  • Authenticate users and maintain account security
  • Process billing and subscription management
  • Send essential service communications

Service Improvement:

  • Analyze platform usage to improve features and performance
  • Identify and fix technical issues
  • Develop new features and capabilities

Legal Compliance:

  • Comply with applicable laws and regulations
  • Respond to legal requests and prevent fraud
  • Maintain audit logs and security records

We do NOT use your information for:

  • Advertising or marketing to third parties
  • Selling or sharing data with data brokers
  • Training AI models for other customers
  • Any purpose outside of providing our Service to you

4. Information Sharing and Disclosure

We NEVER sell, rent, or share your personal information with third parties for their marketing purposes.

We only share your information in these limited circumstances:

Sub-Processors (Service Providers)

We work with a select number of sub-processors who help us operate our website and the Service:

  • Supabase: Platform database and backend infrastructure (hosted on AWS)
  • Amazon Web Services (AWS): Cloud infrastructure
  • Vercel: Website hosting
  • OpenAI: AI model services (your data is not used to train OpenAI's models)
  • Resend: Transactional email delivery
  • Stripe: Payment processing
  • Google: Optional sign-in (OAuth) and website analytics
  • Sentry: Error monitoring and application performance

All sub-processors are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to ASQR.

Legal Requirements

We may disclose information when required to:

  • Comply with legal obligations, court orders, or valid government requests
  • Protect our rights, property, or safety, or that of our users
  • Detect, prevent, or address fraud or security issues

Business Transfers

If ASQR is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change and any choices you may have.

With Your Consent

We may share information for other purposes with your explicit consent.

5. Data Retention

Customer Account Data: Retained for the duration of your account plus 7 years for audit and compliance purposes.

Communication Content: Retained according to your account settings and data retention policies.

Audit Logs: Retained for 7 years for security and compliance purposes.

Billing Information: Retained as required by tax and accounting regulations.

Anonymous Analytics: May be retained indefinitely in aggregated, non-identifiable form.

When you close your account, personal data is anonymized rather than hard-deleted to preserve audit integrity and comply with legal retention requirements.

6. Data Security

We implement enterprise-grade security measures to protect your information:

Technical Safeguards:

  • Encryption in transit (HTTPS/TLS) and at rest (AES-256)
  • Database-level isolation between customer organizations
  • Multi-factor authentication for administrative access
  • Regular security monitoring and incident response procedures

Access Controls:

  • Role-based access with principle of least privilege
  • Regular access reviews and immediate deprovisioning
  • Separate authentication systems for platform admins and customers

Infrastructure:

  • Industry-standard security controls across our cloud infrastructure
  • Regular security updates and vulnerability management

No method of transmission or storage is 100% secure, but we use industry-standard practices and continuously improve our security posture.

7. International Data Transfers

ASQR is based in the United States. Your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

For users in the European Economic Area (EEA) and United Kingdom:

  • We rely on Standard Contractual Clauses (SCCs) for data transfers
  • All sub-processors have appropriate data transfer safeguards in place
  • You have rights under GDPR as described below

8. Your Privacy Rights

For All Users

Access: Request information about what personal data we hold about you

Correction: Update or correct inaccurate personal information

Deletion: Request deletion of your personal data (subject to legal retention requirements)

Portability: Receive a copy of your data in a machine-readable format

Additional Rights for EEA/UK Users (GDPR)

Object to Processing: Object to processing based on legitimate interest

Restrict Processing: Limit how we process your data

Withdraw Consent: Where processing is based on consent

Lodge Complaints: Contact your local data protection authority

Additional Rights for US State Residents

Residents of California and a growing number of other states (including Virginia, Colorado, Connecticut, and Texas) have rights under comprehensive state privacy laws:

Know: Categories of personal information collected, used, and disclosed

Correct: Request correction of inaccurate personal information

Delete: Request deletion of personal information

Opt-Out: Opt out of the sale or sharing of personal information (ASQR does not sell or share personal information)

Non-Discrimination: Equal service regardless of privacy rights exercised

To exercise your rights, contact us at privacy@asqr.ai. We will respond within the timeframes required by applicable law (typically 30 days for GDPR requests and 45 days for US state law requests).

9. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us at privacy@asqr.ai.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending notification to your email address (for account holders)
  • Providing notice through our Service

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact Information

Data Controller: ASQR LLC

Privacy Contact: privacy@asqr.ai

General Contact: support@asqr.ai

For privacy-related questions, complaints, or to exercise your rights, please contact privacy@asqr.ai.

Last Updated: July 4, 2026