Privacy policy.
This policy describes what data we collect about you, how we use it, who we share it with, and how you can delete it. We comply with GDPR and applicable Moldovan law.
1. Who we are
ASYDATA is a product operated by ASYNC DATA SRL, company ID 1023600061838, headquartered at 29/1 Dimo Nicolae St., apt. 36, Râșcani sector, Chișinău, Moldova. Contact: valeriu@asydata.com.
2. What we collect
• Account data (when you create an account): name, email, hashed password, chosen language. • Usage data: technical logs (anonymized IP, timestamp, browser), analytics events (pages visited, CTA clicks). • Contact data (when you fill the demo form): name, company, email, phone, message. • Data processed through the product: primary documents you entrust to us (invoices, statements, contracts). These data are NOT used for profiling or to train shared AI models.
3. Why we collect it
• To deliver the service (automated document processing). • To answer your questions and schedule demos. • To improve the product (anonymous aggregated analytics). • Legal obligations (billing, tax audit).
4. Who we share with
• Google (OAuth authentication, Gmail/Drive/Calendar APIs) — only on your initiative and with your explicit permission. • Infrastructure providers (EU hosting, transactional email). • Authorities, only when required by law. We don't sell or rent your data to anyone.
5. How long we keep it
• Account data: while the account is active + 12 months after closure. • Processed documents: per your settings (default 7 years for MD accounting obligations). • Technical logs: 90 days. • Contact data (demo): 24 months from last interaction.
6. Your rights
Under GDPR and Moldovan data protection law, you have the right to: access, rectify, delete, restrict, port your data, and withdraw consent. Send your request to valeriu@asydata.com — we respond within 30 days max.
7. Cookies
We only use necessary technical cookies (authentication, locale preferences, theme). We do NOT use advertising or cross-site tracking cookies. Our analytics (Plausible) is self-hosted, cookie-less, no personal data collected.
8. Security
Data encrypted in transit (TLS 1.3) and at rest (AES-256). Your 1C stays on your server — we don't move the database. Internal access limited per «need-to-know». Full audit log.
9. Changes
We notify you by email at least 30 days before any significant change. The current version is dated at the top of the page.
10. Google services used and data accessed
ASYDATA uses the following Google APIs, only with your explicit OAuth permission: • Gmail API — we read metadata and content of emails containing accounting documents (invoices, statements) to process them automatically. We do not read your other emails. • Google Drive API — we access only the files/folders you explicitly select for sync. We do not index or search through your entire Drive. • Google Calendar API — we read/write events only in the calendars you authorize (e.g. for reporting reminders). Accessed data is processed exclusively for the described functionality, never for other purposes.
11. Limited Use — compliance with Google API Services User Data Policy
ASYDATA's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Explicitly, we do NOT use Google data for: • advertising or targeted ads; • training or improving generalized shared AI models; • credit assessment / financial scoring; • sale, rental, or transfer to data brokers or any third party for commercial purposes; • any purposes not disclosed in this policy or not permitted by Google policies. Human access to your Google data is strictly limited to: (a) with your explicit consent, (b) for security / fraud prevention, (c) for compliance with law, (d) for internal aggregated and anonymized operations.
12. Contact
Data-related questions or GDPR requests: valeriu@asydata.com. For complaints, you may also contact the National Center for Personal Data Protection of Moldova — datepersonale.md.