Sign In Sign Up Free

Privacy Policy

How Asovex Protects Your Data

Last Updated: January 11, 2026

At Asovex, we take the privacy and security of your association's data with the utmost seriousness. We are transparent about how we collect, use, and protect your information, and we comply with global privacy regulations including GDPR, CCPA, and other applicable laws. This policy explains our practices in clear, human-readable terms.

1

Introduction

Welcome to Asovex's Privacy Policy. This document outlines how we handle and protect the personal information of associations, their members, and visitors to our platform. As a trusted provider of association management software, we understand that data privacy isn't just a legal requirement—it's a fundamental commitment to our users.

Our Commitment

We are committed to:

  • Being transparent about our data practices
  • Implementing industry-leading security measures
  • Complying with applicable privacy laws globally
  • Never selling your personal information
  • Giving you control over your data

Scope: This policy applies to all data collected through our website (asovex.com), our SaaS platform, and any related services. By using Asovex, you agree to the practices described in this policy.

2

Information We Collect

We collect various types of information to provide and improve our services. Here's what we collect and why:

Personal Information

This is information that identifies you or your members personally:

  • Contact Information: Name, email address, phone number, organization details
  • Account Information: Username, password (encrypted), account preferences
  • Professional Details: Job title, company, industry, association membership status
  • Payment Information: Billing address, payment method details (processed securely via Stripe/PayPal - we never store full card numbers)

Usage and Technical Data

  • Platform Usage: Feature usage, login times, session duration, pages viewed
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Server logs, error reports, performance metrics
  • Location Data: General geographic location (country/region level) for service optimization

Association and Member Data

When associations use our platform to manage their members, we process:

  • Member rosters and contact information
  • Membership status and history
  • Event registration and attendance records
  • Dues payment history
  • Committee assignments and volunteer activities
  • Communication preferences and opt-in status

Important: As a data processor for associations, we only process member data according to our agreements with association administrators. Associations remain data controllers for their member information.

3

How We Collect Information

Direct Collection

You provide information directly when you:

  • Create an account or organization profile
  • Subscribe to a paid plan or process payments
  • Contact our support team or submit inquiries
  • Upload member lists or association data
  • Complete surveys or provide feedback
  • Subscribe to newsletters or marketing communications

Automatic Collection

We automatically collect certain information through:

  • Cookies and Similar Technologies: These help us remember your preferences and understand how you use our platform
  • Usage Tracking: We analyze how features are used to improve our services
  • Log Files: Standard server logs capture technical data about your interactions
  • Security Monitoring: We monitor for suspicious activities to protect accounts

Third-Party Sources

We may receive information from:

  • Payment Processors: Stripe, PayPal (transaction status, not full payment details)
  • Integration Partners: When you connect Asovex with other services you use
  • Public Databases: For business verification when needed
  • Marketing Partners: With proper consent and within legal boundaries
4

How We Use Your Information

We use your information for specific, legitimate purposes that align with our commitment to serving associations effectively:

Provide & Improve Services

Deliver core platform functionality, develop new features, and optimize performance based on usage patterns.

Security & Authentication

Verify identities, prevent unauthorized access, detect fraudulent activity, and protect all accounts.

Communication

Send service announcements, respond to support requests, and share important updates (with opt-out options).

Analytics & Improvement

Analyze aggregated usage data to enhance user experience and guide product development.

Legal Compliance

Meet regulatory requirements, respond to legal requests, and enforce our terms of service.

Marketing (with consent)

Share relevant product updates, industry insights, and educational content to users who opt in.

Our Legal Bases for Processing

Under GDPR and similar regulations, we process data based on:

  • Contractual Necessity: To provide the services you've requested
  • Legitimate Interests: To improve our services and ensure security
  • Consent: For optional communications and specific data uses
  • Legal Obligations: To comply with applicable laws and regulations
5

How We Share Your Information

We Do Not Sell Your Personal Information

Asovex will never sell, rent, or trade your personal data or your association's member data to third parties.

We only share information when necessary and under strict conditions:

Service Providers

We work with trusted partners who help us operate our platform:

Payment Processors

Stripe, PayPal (for secure payment processing)

Cloud Infrastructure

AWS, Google Cloud (for secure data hosting)

Communication Tools

SendGrid, Twilio (for emails and notifications)

Analytics Services

Google Analytics (anonymized data only)

All providers are bound by strict data processing agreements that prohibit using your data for any purpose other than providing services to us.

Legal Requirements

We may disclose information if required by law, such as:

  • Responding to valid court orders or subpoenas
  • Cooperating with law enforcement investigations (with proper legal process)
  • Protecting the safety, rights, or property of Asovex, our users, or the public

Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction. We will notify you and provide choices regarding your data if such an event occurs.

With Your Consent

We may share information with third parties when you explicitly authorize us to do so, such as when integrating with other software platforms.

6

Data Security

We implement comprehensive security measures to protect your data from unauthorized access, alteration, disclosure, or destruction.

Encryption

  • In Transit: TLS 1.2+ encryption for all data transmissions
  • At Rest: AES-256 encryption for sensitive data storage
  • Payment Data: PCI DSS compliant processing with tokenization

Access Controls

  • Role-based access permissions with principle of least privilege
  • Multi-factor authentication (MFA) available for all accounts
  • Regular access reviews and permission audits
  • Employee training on data protection and privacy

Monitoring & Prevention

  • 24/7 security monitoring and intrusion detection
  • Regular vulnerability assessments and penetration testing
  • Automated threat detection and response systems
  • DDoS protection and web application firewalls

Policies & Compliance

  • ISO 27001 aligned information security program
  • Incident response plan with 24-hour notification commitment
  • Regular third-party security audits
  • Vendor security assessments for all partners

Your Security Responsibilities

While we secure our platform, you also play a role in protecting your account:

  • Use strong, unique passwords and enable multi-factor authentication
  • Keep your login credentials confidential
  • Regularly review account activity and connected devices
  • Log out from shared computers and use secure networks
  • Notify us immediately of any suspicious activity

Incident Response

In the unlikely event of a data breach, we will:

  1. Immediately contain the breach and assess impact
  2. Notify affected users within 72 hours as required by law
  3. Provide clear information about what happened and what data was affected
  4. Offer guidance on protective steps you can take
  5. Cooperate fully with regulatory authorities
7

Data Retention

We retain personal data only as long as necessary for legitimate business purposes and legal compliance. Our retention periods are based on:

Active Accounts

Duration: While account is active + 2 years after closure

Purpose: Service delivery, legal protection, business continuity

Financial Records

Duration: 7 years minimum

Purpose: Tax compliance, financial reporting requirements

Support Communications

Duration: 3 years after resolution

Purpose: Quality improvement, dispute resolution

Marketing Opt-outs

Duration: Indefinitely (to respect preferences)

Purpose: Compliance with communication preferences

Data Deletion

When data is no longer needed:

  • Secure Deletion: We use industry-standard secure deletion methods
  • Backup Rotation: Backups are retained for 90 days then purged
  • Anonymization: Some data may be anonymized for aggregate analysis
  • Account Closure: You can request account deletion via your settings or by contacting us

Association Data Note: For associations using our platform, member data retention is controlled by the association administrators. We process deletion requests from authorized association representatives.

8

Your Privacy Rights

You have rights regarding your personal information. We respect these rights and provide tools to exercise them:

Right to Access

Request a copy of your personal data we hold. We'll provide it in a structured, commonly used format.

Right to Correction

Update or correct inaccurate or incomplete personal information through your account settings or by contacting us.

Right to Deletion

Request deletion of your personal data when it's no longer necessary for our legitimate purposes.

Right to Restrict

Limit how we use your data in certain circumstances, such as while contesting its accuracy.

Right to Portability

Receive your data in a machine-readable format or have it transferred to another service provider.

Right to Object

Object to certain processing activities, including direct marketing and automated decision-making.

Region-Specific Rights

GDPR (European Union)

As a data subject under GDPR, you have all rights listed above. Our Data Protection Officer can be reached at privacy@asovex.com.

CCPA/CPRA (California)

California residents have rights to know, delete, correct, and opt-out of sale/sharing of personal information. We do not sell data as defined by CCPA.

Other Jurisdictions

We respect privacy rights under other laws including PIPEDA (Canada), LGPD (Brazil), and APPI (Japan). Contact us to exercise your rights.

How to Exercise Your Rights

You can exercise most rights directly through your account settings. Alternatively:

We respond to all legitimate requests within 30 days and may request verification of your identity for security.

9

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and support our marketing efforts.

Types of Cookies We Use

Type
Purpose
Duration
Essential
Necessary for platform functionality (login, security, preferences)
Session to 1 year
Performance
Analyze how users interact with our platform to improve services
30 minutes to 2 years
Functional
Remember preferences and settings for enhanced experience
90 days to 1 year
Marketing
Deliver relevant content and measure campaign effectiveness (with consent)
90 days to 1 year

Managing Cookies

You have control over cookies:

Browser Settings

Most browsers allow you to refuse or delete cookies. Instructions for popular browsers:

Opt-Out Tools

Industry tools for managing tracking:

Platform Controls

Within Asovex, you can adjust certain tracking preferences:

  • Analytics participation in account settings
  • Marketing communications via email preferences
  • Cookie consent banner on first visit

Note: Disabling essential cookies may impact platform functionality and your ability to use certain features.

10

International Data Transfers

Asovex serves associations globally, which means data may be transferred across borders. We ensure these transfers meet legal requirements and maintain strong protections.

Our Primary Data Locations

  • Primary Storage: United States (AWS US-East-1 region)
  • European Users: EU data centers available upon request
  • Backups: Geographically distributed for disaster recovery
  • Processing: May occur in countries where our team or service providers operate

Transfer Safeguards

For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland:

Standard Contractual Clauses

We use EU-approved SCCs with all non-EEA service providers to ensure adequate protection.

Adequacy Decisions

We rely on the EU-U.S. Data Privacy Framework for transfers to certified U.S. companies.

Additional Measures

Supplementary technical and organizational measures including encryption and access controls.

Legal Framework Compliance

We comply with:

  • GDPR Chapter V: For transfers from the EEA
  • UK Data Protection Act: For UK data transfers
  • Swiss FADP: For Swiss data protection
  • CCPA: For California resident data
  • Other Local Laws: Respecting jurisdictional requirements
11

Children's Privacy

Our Platform is Not Directed at Children

Asovex is designed for professional associations and their adult members. We do not knowingly collect personal information from children under 16 years of age.

If We Discover Child Data

If we learn that we have collected personal information from a child under 16 without verifiable parental consent, we will:

  1. Immediately delete that information from our servers
  2. Notify the relevant association administrator
  3. Take steps to prevent future collection

For Associations with Youth Members

If your association includes members under 16:

  • You are responsible for obtaining necessary parental consent
  • We recommend creating parent/guardian accounts for minor members
  • Contact us for guidance on youth data management best practices

Parental Inquiries

Parents or guardians who believe their child has provided personal information to us through an association should contact us immediately at privacy@asovex.com.

12

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or services.

How We Notify You of Changes

Email Notification

For significant changes, we'll email registered users at least 30 days before changes take effect.

Website Notice

We'll post a prominent notice on our website and within the platform for at least 30 days.

Consent for Material Changes

For material changes that expand our use of data, we'll seek affirmative consent when required by law.

Reviewing Changes

We encourage you to periodically review this page for the latest information on our privacy practices. The "Last Updated" date at the top indicates when this policy was last revised.

Previous Versions

Previous versions of this Privacy Policy are archived and available upon request. Contact us if you'd like to review changes over time.

Acceptance of Changes

By continuing to use Asovex after changes become effective, you agree to the revised Privacy Policy. If you disagree with changes, you may close your account by contacting us or through your account settings.

13

Contact Us

We welcome your questions, concerns, and feedback about our Privacy Policy or data practices.

General Inquiries

help@asovex.com

For general questions about our platform and services

Privacy Team

privacy@asovex.com

For data protection inquiries and rights requests

SaaS Support

saas@asovex.com

For technical support and platform assistance

Additional Contact Methods

Online Form

Use our contact form for structured inquiries

Phone Support

Available to enterprise customers (contact provided in your account portal)

Postal Mail

Asovex Privacy Team
Italy, Malta, USA, and Nigeria
Please mark envelopes "PRIVACY INQUIRY"

Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.

EU/EEA Residents

Contact your national data protection authority

UK Residents

Information Commissioner's Office (ICO)

California Residents

California Privacy Protection Agency (CPPA)

Our Response Commitment

We strive to respond to all privacy inquiries within 7 business days. For rights requests, we typically respond within 30 days as required by law, but often much sooner.

This Privacy Policy is effective as of January 11, 2026. It supersedes all previous versions.

Thank you for trusting Asovex with your association's data. We are committed to protecting your privacy and being transparent about our practices.