Privacy Policy Overview
This Privacy Policy explains how Embera (operating at asbera.tech) collects, uses, stores and shares personal data in connection with our custom business software development services. We aim to be transparent about data handling so clients and users can make informed decisions. The policy covers data submitted directly by users, data collected automatically through our systems, and information shared with third parties necessary to deliver and improve our services. For questions or requests, contact our Data Protection contact listed below.
Key Definitions
This section defines terms used throughout the policy to clarify what we mean by key concepts related to personal data and our services.
- Personal data means any information that identifies or can reasonably be used to identify an individual, such as name, email address, phone number, company affiliation, billing details, and identifiers generated by devices or services.
- Processing refers to any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, use, disclosure, erasure and destruction.
- User refers to an individual who interacts with Embera’s services, including clients, client employees, prospects and visitors to asbera.tech.
- Service means the custom business software products, tools, hosted applications, APIs and related professional services provided by Embera to clients.
- Cookies are small text files placed on a user’s device by websites or applications to store information such as session identifiers, preferences, and analytics data.
Data We Collect
We collect a combination of data you provide directly and data gathered automatically when you use our services or visit our website. Collection is limited to what is necessary to onboard clients, deliver contracted services, ensure security and continuously improve our products.
Data You Provide Directly
When you engage with Embera, you or your representatives may provide personal data during onboarding, support interactions, project configuration, or communications. This information is used to deliver the services you request.
- Contact information such as name, business email, phone number and job title
- Company and billing information including company name, address and invoicing details
- Project specifications, configuration data and user credentials submitted for system setup
- Support and correspondence records, including chat logs and support tickets
- Feedback, survey responses and feature requests provided by clients or their users
- Any additional documents or files you upload to our systems as part of the service
Automatically Collected Data
When you visit asbera.tech or use hosted Embera applications, we and authorized service providers collect technical and usage data to operate and improve the service, secure systems, and generate aggregated insights.
- Device and browser information such as device type, operating system, browser version and screen resolution
- IP address and approximate geolocation inferred from IP for security and fraud prevention
- Usage data including pages visited, session duration, feature usage and error logs
- Cookie identifiers and similar local storage vouchers used to maintain sessions and preferences
- Performance and diagnostic data such as crash reports and server logs to troubleshoot issues
- Analytics data collected to understand product usage and improve user experience
Data from Third Parties
We may receive personal data from third parties as necessary to deliver services or respond to lawful requests. Where data is shared by partners, we rely on contractual commitments that require appropriate protection.
- Payment processors for billing and transaction verification
- Cloud infrastructure providers that host applications and store backups
- Analytics and monitoring providers used to maintain service performance and security
How We Use Personal Data
We use personal data for specific business purposes that align with providing and improving our services, meeting legal obligations, and communicating with clients and prospects.
- To deliver and operate custom software solutions, including setup, hosting and maintenance
- To process invoicing and payments for services provided
- To communicate with clients and respond to support requests and inquiries
- To analyze product usage and performance for continuous improvement
- To secure systems, detect and prevent fraud, and contribute incidents
- To comply with legal obligations, contractual requirements and regulatory requests
- To conduct client satisfaction surveys and gather feedback to enhance service delivery
- To carry out limited marketing communications where consent or legitimate interest applies
Legal Basis for Processing
For individuals located in jurisdictions with specific data protection laws, we rely on appropriate legal bases for processing personal data, depending on the context and type of processing activity.
- Performance of a contract: processing necessary to provide the services you requested
- Consent: where you have provided clear consent for a specific purpose, such as marketing communications
- Legal obligation: where processing is necessary to meet legal or regulatory requirements
- Legitimate interests: for activities such as fraud prevention, security and product improvement when those interests are balanced with individual rights
Cookies and Tracking Technologies
We use cookies and similar technologies on asbera.tech to enable essential site functionality, remember preferences and gather analytics. You can manage cookie preferences via your browser settings or the cookie controls provided on the site.
Common types include session cookies (temporary, expire when you close your browser), persistent cookies (stored between sessions), and tracking cookies used by analytics providers to measure site usage.
Cookies fall into categories such as strictly necessary (required for site operation), performance and analytics (used to understand usage), and functional (to remember preferences). Some cookies may be set by third-party services integrated into the site.
You can disable or delete cookies through your browser settings or use the cookie preference tool on asbera.tech. Disabling certain cookies may affect functionality or your experience with our services.
Cookie Policy
When We Share Data
We share personal data only as necessary to provide services, meet legal obligations, or with your consent. Third parties are required to process data in accordance with contractual and security obligations.
- With service providers and subcontractors who perform services such as hosting, payments, analytics and customer support
- With professional advisors and auditors when needed for legal or compliance matters
- With law enforcement or regulatory authorities when required by law or to respond to lawful requests
- With potential buyers or partners in the event of a merger, sale or business transfer, subject to appropriate safeguards
- With analytics and marketing partners when consent is provided or legitimate interest applies
- Within our corporate group and affiliates to administer accounts and services
International Data Transfers
Embera operates from Canada and may transfer data to service providers or affiliates located in other countries, including the United States. When transfers occur, we apply appropriate safeguards such as contractual protections, standard contractual clauses, and encryption to protect personal data.
Safeguards for international transfers may include standard contractual clauses, data processing agreements, technical measures like encryption, and assessments of recipient practices to ensure an adequate level of protection.
Data Retention
We retain personal data only as long as necessary to fulfill the purposes described in this policy, to comply with legal obligations, and to resolve disputes. Retention periods vary depending on the type of data and the nature of the relationship.
Account and client project data is retained for the duration of the contractual relationship and for a reasonable period afterward to allow for billing, record-keeping and potential dispute resolution.
Support correspondence, tickets and related communications are generally retained for a period aligned with operational needs and legal obligations, typically up to several years unless a shorter retention period is required.
System logs and diagnostic data used for security monitoring are retained according to internal policies that balance troubleshooting needs with privacy considerations; retention is typically limited and reviewed regularly.
When data is no longer required, we securely delete or anonymize it. Clients may request deletion of their account data in accordance with applicable law and any contractual obligations that require retention.
Security Measures and Practices
Protecting personal data is a priority. Embera uses a combination of organizational, technical and physical measures to safeguard data against unauthorized access, disclosure, alteration and destruction. Measures are designed to be appropriate to the sensitivity of the data and the risks involved.
- Encryption in transit (TLS) and encryption of stored data where practical
- Access controls, strong authentication, and role-based permissions to limit data access
- Regular security assessments, patch management and employee awareness training
Your Privacy Rights
Depending on your location and the applicable law, you may have rights regarding your personal data. We provide mechanisms to exercise these rights and will respond to requests in accordance with legal timelines.
- Right to access: request a copy of the personal data we hold about you
- Right to rectification: request correction of inaccurate or incomplete data
- Right to erasure: request deletion of personal data in certain circumstances
- Right to restriction and objection: request limits on processing or object to certain processing activities
- Right to data portability: request a machine-readable copy of data you provided
- Right to withdraw consent where processing is based on consent; withdrawal will not affect processing already performed
- Right to restrict processing: You may request temporary limitation of data processing while accuracy or lawfulness is verified.
- Right to withdraw consent: Where processing is based on consent, you can withdraw that consent at any time without affecting prior lawful processing.
How to exercise your data rights
To request access, correction, deletion, portability, restriction, or objection to processing, contact Embera at the address or email below. Provide a clear description of the request and identity verification to help us respond accurately and promptly.
We will acknowledge receipt within 10 business days and strive to respond fully within 30 days of verification. Complex requests may require additional time; we will notify you if more time is needed.
GDPR and International Data Protection
Although Embera is based in Canada, we respect the principles of the EU General Data Protection Regulation for users in the EU and EEA. If GDPR applies to your interactions with our services, the following outlines how those rights are recognized and implemented.
- Lawful basis for processing: We rely on contractual necessity, legitimate interests, consent where applicable, and legal obligations as legal bases for processing personal data.
- Data minimization: We collect only the personal data necessary to deliver our services and to improve operational performance.
- Purpose limitation: Personal data is processed only for the specific, explicit purposes disclosed at the time of collection or for compatible uses.
- Data subject rights: You may exercise rights to access, rectify, erase, restrict processing, object, and receive data portability as applicable under GDPR.
- Automated decision-making: Embera does not use profiling or automated decision-making that produces legal or similarly significant effects without manual review and user notice.
- Transfers outside the EU/EEA: When personal data is transferred outside the EU/EEA, we implement appropriate safeguards such as standard contractual clauses or equivalent protective measures.
If you believe your GDPR rights have not been respected, you may lodge a complaint with the supervisory authority in your member state. Embera will cooperate with any contribute authority during review.
Marketing communications
We may use your contact details to send product updates, industry insights, and promotional offers if you have consented or if there is a legitimate interest, such as transactional relationship updates. Messages include clear information about why you received them.
To stop marketing emails, follow the unsubscribe link in any email or visit https://asbera.tech/unsubscribe. You can also contact [email protected] with a request to opt out; we will process unsubscribes promptly.
Children's privacy
Embera's services are intended for businesses and professionals. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected data from a minor, we will take steps to delete it promptly.
Third-party links
Our website may contain links to third-party sites and services. Embera is not responsible for the privacy practices of those external sites. Review the privacy policies of any third-party service before providing personal information.
Changes to This Policy
We may update this privacy policy to reflect changes in our practices or legal obligations. Material changes will be communicated on our website at https://asbera.tech and, where appropriate, via direct notice. Continued use after changes indicates acceptance of the updated policy.