Menu

Privacy Policy

Privacy Policy for ASPL (Astraleus Services Private Limited)

Last Updated: 19/11/2025

  1. Introduction

Astraleus Services Private Limited (“ASPL”, “we”, “us” or “our”) operates the website www.asplcert.com and provides certification, inspection, management-system certification, training, verification, and related services. We are strongly committed to protecting your privacy and handling your personal data responsibly.

This Privacy Policy explains:

What personal data we collect and how;

Why we collect it and how we use it;

With whom we may share it;

How we keep it secure;

Your rights in relation to your data;

How we use cookies and similar technologies;

How you can contact us / lodge a complaint;

How we update this policy.

By using our Site or engaging with our services, you agree to the terms of this Privacy Policy.

  1. Information We Collect

We collect several types of information, depending on how you interact with us:

2.1. Information You Provide to Us

Contact information: When you fill out “Contact Us” forms, inquiry forms, request quotes or certification, you may provide your name, email address, phone number, company name, job title, address, etc.

Business information: For certification or inspection services, we may ask for business-related details like your company’s legal name, business address, registration number, operational data, quality-system documentation, etc.

Certificates / Verification Data: If you submit documents for verification (e.g., ISO certificates, audit reports, quality manual) or apply for certification, we may collect copies of those documents or their metadata.

Training Registration: When you register for our training programs, we may collect your name, professional credentials, employer, and other relevant data.

2.2. Automatically Collected Information

Usage data: When you visit our Site, we automatically collect certain data through your browser or device. This may include your IP address, browser type, device type, operating system, the pages you visit, time spent on pages, referring URLs, etc.

Cookies / tracking technologies: We use cookies, web beacons, and similar technologies to collect usage data and to improve the Site experience. (See Section 7.)

2.3. Third-Party Data

We may collect data from third-party sources (with your consent or as permitted) — for example, business directories, publicly filed corporate documents, or partners.

We may also receive data from service providers (e.g., training certification bodies, verification partners).

  1. How We Use Your Information

We use the information collected for various business purposes, including but not limited to:

Providing Services: To process and deliver certification, inspection, training, document verification, and other services.

Communication: To respond to your inquiries, send you information, updates, newsletters (if you opted in), service-related communications, and follow-ups.

Administration: To manage your account, keep records, billing, support, and internal administration.

Site Improvement: To analyze usage trends, improve the design and functionality of our Site, and optimize user experience.

Compliance & Legal: To comply with regulatory, legal or audit obligations (for example, maintaining records for certification bodies), to handle disputes, or enforce our Terms of Service.

Security: To detect, prevent, and respond to fraud, misuse, or security issues.

Marketing (Optional): If you consent, we may use your contact details to send promotional materials about our services, events, or trainings. You can opt out at any time.

  1. Sharing Your Information

We do not sell your personal data. However, we may share your information in the following scenarios:

Service Providers: We engage third-party vendors, subcontractors, or partners who assist in providing services (e.g., IT hosting, training platforms, email services). These parties are authorized to use your data only to perform services on our behalf.

Regulatory / Certification Bodies: We may share certain business or certification-relevant information with accreditation or certification bodies (e.g., NABCB) when required as part of the certification process.

Legal & Safety: If required by law, regulation, legal process, or to protect our rights, we may disclose personal data to authorities, courts, or other third parties.

Business Transfers: In the event of a merger, acquisition, reorganization, or asset sale, personal data may be transferred as part of the transaction.

Aggregate / Anonymous Data: We may share aggregated or anonymized data (which does not identify individuals) publicly or with third parties for analytical or business purposes.

  1. Data Retention

We will retain your personal data only for as long as is necessary for the purposes for which it was collected (e.g., certification history, audit trails, legal obligations).

For certification and inspection records, we may keep data for a number of years (as per regulatory/accreditation requirements).

When retention is no longer required, we will securely delete or anonymize your data.

  1. Security

We use appropriate technical and organizational measures to protect the confidentiality, integrity, and availability of your personal data. These may include:

Encryption of data in transit (e.g., using HTTPS)

Access controls and role-based permissions

Regular security assessments and audits

Secure backups and disaster recovery plans

However, no system is completely secure, and while we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach, we will comply with applicable legal obligations regarding breach notification.

  1. Cookies & Tracking Technologies

We use cookies and similar technologies (e.g., web beacons, local storage) on our Site to:

Recognize you when you return

Remember your preferences

Analyze site traffic and usage

Secure our site and detect malicious behavior

Types of cookies used may include:

Essential / Strictly Necessary Cookies: Required for basic site functionality (e.g., page navigation, security)

Performance / Analytics Cookies: To understand how visitors use our Site, e.g., Google Analytics or similar tools

Functional Cookies: To remember choices you make (e.g., language, region)

You can usually control cookie preferences via your browser settings. However, blocking or deleting some cookies may affect the functionality of the Site.

  1. Your Rights

Depending on applicable data protection laws (such as the GDPR or local laws), you may have the following rights:

Access: You can request access to the personal data we hold about you.

Correction: You can ask us to correct inaccurate or incomplete data.

Deletion / Erasure (“Right to be Forgotten”): You can request deletion of your personal data (subject to legal / contractual obligations).

Restriction of Processing: You may ask us to restrict how we process your data in certain circumstances.

Data Portability: If technically feasible, you can ask us to provide your data in a commonly used, machine-readable format.

Objection: You may object to certain processing activities (e.g., direct marketing).

Withdraw Consent: Where we rely on consent (e.g., for marketing), you can withdraw your consent at any time.

To exercise these rights, please contact us using the details in Section 10.

  1. International Data Transfers

If your data is transferred outside your country (for instance, for data processing or storage), we will ensure that such transfers are done in compliance with applicable data protection laws and that adequate safeguards (such as standard contractual clauses) are in place.

  1. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us at:

Email: info@asplcert.com

Mailing Address: Astraleus Services Private Limited, Corporate Office No. 404 & 405, 4th Floor, Skye Privilon, Nipania, Indore, MP 452010, India

Phone: +91 93038 54400 / +91 96443 1795

  1. Changes to This Privacy Policy

We may update this Privacy Policy periodically (for example, when our practices change or due to legal requirements). If we make material changes, we will:

Post the updated policy on this page, with a new “Last Updated” date.

Where appropriate, notify you (e.g., via email or via a notice on the Site).

Please check back regularly to stay informed about how we are protecting your data.

  1. Policy for Minors

Our Site and services are primarily intended for businesses / professionals. We do not intentionally collect personal data from minors (e.g., individuals under 18), and no part of our services is directed at minors. If you believe we have collected data from a minor, please contact us, and we will take reasonable steps to delete that data.

  1. Legal Basis for Processing (if under GDPR or similar regulation)

Where applicable, we rely on one or more of the following legal bases to process your personal data:

Performance of a contract: e.g., to deliver certification or inspection services.

Legitimate interests: e.g., to improve our services, secure our systems, or for record-keeping.

Consent: e.g., for marketing communications.

Compliance with legal obligations: e.g., to retain records for accreditation bodies.