Privacy Policy
Last updated: May 20, 2026
01 — Introduction
AstraShip ("we", "our", or "us") operates the agentic transportation management platform — software that helps enterprises plan, execute, track, and settle logistics operations with AI agents. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and your rights.
This policy applies to astraship.com (and related domains), our customer dashboard, our APIs, and any product or page that links to it. Third-party carriers and systems we integrate with are governed by their own policies.
In short: We only collect what we need. We never sell your data. Export or delete requests: info@astraship.io.
02 — Who we are
AstraShip, with registered office in Hyderabad, Telangana, India. Under EU/UK GDPR we are a controller for data collected via our marketing site and onboarding, and a processor for data in customer workspaces on their behalf.
03 — Data we collect
3.1 You give us
- Account & demo data: name, work email, phone, company, fleet/shipment volume, team size.
- Billing: billing contact, GST/VAT, address, last four digits of payment method.
- Communications: emails, tickets, calls, and content you send.
3.2 When you use AstraShip
- Workspace: agent configs, workflows, audit logs, KPIs, control-tower events.
- Connectors: data you authorise from TMS, WMS, carriers, ERP, telematics — only what agents need.
- Telemetry: usage, browser, IP, device IDs, error reports.
3.3 Third parties
- SSO (Google, Microsoft): name, email, photo.
- Enrichment vendors for firmographics in sales.
04 — How we use data
| Purpose | Examples |
|---|---|
| Provide the service | Agents, connectors, control tower, settlements |
| Improve | Aggregated analytics, debugging, UI tests |
| Communicate | Onboarding, updates, security, billing |
| Sales | Demo follow-up |
| Compliance | Abuse, fraud, audits, lawful requests |
We do not use workspace data to train foundation models. We do not sell personal data.
05 — Legal basis (EEA / UK)
Contract; legitimate interest (security, product improvement); consent where required; legal obligation.
06 — Sharing
Sub-processors; connectors you authorise; advisers; acquirers with notice; authorities when lawfully compelled.
07 onward
Sub-processor list on request from info@astraship.io. Retention: account data 90 days after deletion; connectors up to 30 days cached; audit logs 12 months default; marketing 24 months; tax records per Indian law.
Security: TLS 1.2+, AES-256, SSO, MFA, RBAC. Vulnerability reports to info@astraship.io. International transfers use SCCs and equivalents.
Rights: access, correct, delete, port, object, withdraw consent. Contact info@astraship.io — we respond within 30 days.
Contact
AstraShip
Email: info@astraship.io
Hyderabad, Telangana, India
