Privacy Policy

1. Introduction

Asaleo ("we", "us", or "our") operates the Asaleo ERP platform, including the website at asaleos.com, the mobile application, and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

• Account information: name, email address, phone number, password
• Business information: business name, address, tax identification number
• Profile information: profile photo, job title, preferences
• Content you create: business records, documents, files uploaded to the Service

2.2 Information from Third-Party Services

When you sign in using a third-party service (Google, Facebook, or Apple), we receive your name, email address, and profile picture from that service. We do not receive or store your third-party account password.

2.3 Information Collected Automatically

• Device information: device type, operating system, browser type
• Usage data: pages visited, features used, actions taken
• Log data: IP address, access times, referring URLs
• Cookies and similar technologies for session management

3. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the Service
• Create and manage your account
• Process transactions and send related notifications
• Send administrative messages, security alerts, and support communications
• Respond to your requests and provide customer support
• Monitor and analyze usage patterns to improve user experience
• Detect, prevent, and address fraud, abuse, or technical issues
• Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service providers: third-party vendors who assist in operating the Service (hosting, email delivery, analytics)
• Business members: other users within your business organization, as configured by your business administrator
• Legal requirements: when required by law, regulation, or legal process
• Business transfers: in connection with a merger, acquisition, or sale of assets

5. Data Storage and Security

Your data is stored on secure servers. Business data is isolated in separate databases per organization (multi-tenant architecture). We implement industry-standard security measures including encryption in transit (TLS), secure password hashing, and access controls.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Business data is retained according to your organization's settings. When you delete your account, we remove your personal information within 30 days, except where retention is required by law.

7. Your Rights

You have the right to:

• Access your personal information
• Correct inaccurate data
• Request deletion of your data (see our Data Deletion Policy)
• Export your data in a portable format
• Withdraw consent for optional data processing
• Object to processing of your personal information

To exercise these rights, contact us at [email protected].

8. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.