Astra Charts

Your Privacy Matters: Comprehensive Data Protection

At Astra Charts, we believe that innovation in productivity should never come at the expense of privacy. Our commitment to data protection not only meets but exceeds GDPR requirements, ensuring your information is handled with the utmost care and transparency.

Stylized shield icon representing GDPR compliance and data protection, with digital lines flowing around it.
Astra Charts' robust framework for data protection.

Our Unwavering Commitment

Astra Charts (Veridia Charts Ltd) is dedicated to safeguarding the personal data of our users across all our bespoke productivity applications, analytics platforms, and organizational tools. As the data controller, we uphold the highest standards of data protection excellence, aligning fully with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).

This policy, effective from 15th May 2024, outlines our procedures for data collection, processing, and protection. We regularly review and update our policy to reflect best practices and legal requirements. We empower you with control over your personal information, detailing your data subject rights and how to easily exercise them.

Should you have any questions, our dedicated privacy team can be reached at info@veridiacharts.co.uk. We are headquartered at 17 Regent Terrace, Unit 2C, Edinburgh, Scotland, EH7 5BN, UK.

What Data We Collect and How We Use It

Infographic depicting various types of data entering a secure digital vault, representing data collection and protection.
Visualizing secure data flow and purpose-driven collection.

We meticulously collect data with a clear purpose: to enhance your productivity, personalize your experience, and improve our services. Our approach is rooted in lawful basis, purpose limitation, and data minimization, ensuring we only collect what is strictly necessary.

Types of Data Collected:

  • Account Information: Name, email, password (hashed) – for service access.
  • Usage Data: Interactions with our platforms, feature usage, time spent – for service improvement.
  • Technical Data: IP address, device type, browser information – for security and compatibility.
  • Preferences: Custom settings and choices within applications – for personalized UX.

Our Lawful Basis for Processing:

Processing is primarily based on contractual necessity (to provide requested services), your explicit consent (for specific optional features), legitimate interests (for security, product improvement), and legal obligations. We never engage in automated decision-making or profiling that would significantly affect your rights without explicit consent.

Data Sharing, Transfers, and Third-Party Processing

Abstract network diagram demonstrating secure data sharing between encrypted nodes.
Securely connecting trusted partners for seamless service delivery.

Astra Charts works with select, trusted third-party service providers (data processors) who assist us in delivering and improving our services. These partners are meticulously vetted for their commitment to data protection and are bound by strict contractual agreements and data processing addendums.

International Data Transfers:

Where data transfers outside the UK/EU are necessary, we implement robust safeguards, including Standard Contractual Clauses (SCCs) or reliance on adequacy decisions, to ensure your data receives the same level of protection as within the European Economic Area.

Our Principles for Sharing:

  • Minimization: Only essential data is shared, strictly for the agreed-upon purpose.
  • Strict Contracts: All third-parties are legally obligated to uphold our privacy standards.
  • Guaranteed Safeguards: Robust mechanisms ensuring international transfers are secure and compliant.

We practice subprocessor notification and, where required, seek your approval. For UK and EU data residency, we offer specific data localization options to meet regulatory needs.

Your Data Protection Rights and How to Exercise Them

User interface of a digital dashboard showing data privacy settings and options to manage personal data.
Empowering users with control over their data.

The GDPR grants you comprehensive rights regarding your personal data. Astra Charts makes exercising these rights simple and effective:

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure ('Right to be Forgotten'): Request deletion of your data under certain conditions.
  • Right to Restriction of Processing: Limit how we use your data.
  • Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to Object: Object to processing carried out in our legitimate interests or for direct marketing.

To exercise any of these rights, please contact us directly at info@veridiacharts.co.uk. We commit to responding to all legitimate requests within one month. Verification of identity may be required to protect your data.

Data Security Measures and Retention Policies

Abstract representation of a digital data vault with glowing security layers, illustrating strong data encryption.
Protecting your data with multiple layers of defense.

The security of your data is paramount. We implement a comprehensive suite of technical and organizational measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Our Security Infrastructure Includes:

  • End-to-End Encryption: Securing data in transit and at rest.
  • Strict Access Controls: Limiting data access to authorized personnel only.
  • Regular Security Audits: Proactive identification and mitigation of vulnerabilities.
  • Data Integrity Checks: Ensuring data remains accurate and unaltered.

Data Retention Policy:

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Once data is no longer needed, it is securely deleted or anonymized. Our retention periods are regularly reviewed and strictly adhered to.

In the unlikely event of a data breach, we have a robust incident response plan in place to swiftly address the issue, mitigate harm, and notify affected parties and regulatory bodies in accordance with legal obligations.

Privacy Contact Information and Complaint Procedures

Professional customer support representative helping a client, symbolizing privacy assistance and contact.
Our team is here to assist with all your privacy inquiries.

Your peace of mind is important to us. If you have any questions, concerns, or wish to make a complaint regarding our privacy practices, our Data Protection Officer and privacy team are readily available to assist you.

Contact Our Data Protection Officer (DPO):

DPO Name: Eleanor Vance

Email: privacy@veridiacharts.co.uk

Address: 17 Regent Terrace, Unit 2C, Edinburgh, Scotland, EH7 5BN, UK

Complaint Procedures and Escalation:

We encourage you to contact us directly in the first instance to resolve any privacy-related concerns. If you remain unsatisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority. For UK residents, this is the Information Commissioner's Office (ICO):

ICO Website: ico.org.uk/concerns/