Security and privacy commitments
Astell's security and privacy commitments and what "controller vs processor" means when you connect integrations.
What privacy commitments does Astell make?
Astell's core privacy commitments:
- No data selling
- No AI training on your data
- Data minimization, process only what's needed to provide the service
- Transparent practices around how data is handled
- User control, including easy data export and deletion
When I connect integrations, who is the controller and who is the processor?
When you connect integrations, you (or your organization) are the data controller: you decide what data to connect and how it's used. Astell is the data processor, handling that data on your behalf and only to provide the Astell service. Astell does not access your data unless it's needed for troubleshooting, and only with your permission.
Do you have a Data Processing Agreement (DPA)?
A Data Processing Agreement (DPA) is available for all customers. Email legal@labtwofour.com to request a signed DPA. Enterprise customers receive customized DPAs as part of their contract.
Can I get a copy of your security policies?
Enterprise customers can request detailed security policy documentation via legal@labtwofour.com, including the information security policy, incident response procedures, and more.
How do I export all my data?
You can export your user data from your Astell account settings. For help with bulk exports or specific data formats, contact support@labtwofour.com.
Do you help complete vendor security questionnaires?
Yes, Astell helps complete vendor security questionnaires. Email legal@labtwofour.com with your questionnaire. For complex assessments, calls can be scheduled, and supporting documentation is available.
What happens to my data if I delete my account?
When you delete your account, all data is deleted within 14 days. See the Privacy Policy for data retention details.
Who do I contact for security and privacy questions?
legal@labtwofour.com handles legal and contractual matters: Data Processing Agreement (DPA) requests, security policy documentation, vendor security questionnaires, and HIPAA requirements / Business Associate Agreements.
関連記事
関連するヘルプ記事で学習を続けましょう
- 読む
How Astell protects your data
Infrastructure, access controls, and operational practices that keep customer data secure.
- 読む
Data Processing Agreement
How Astell's Data Processing Agreement works and how to request a signed copy.
- 読む
CCPA privacy rights
Your California privacy rights under CCPA and how to submit a request.
- 読む
GDPR privacy rights
Your GDPR rights and how cross-border data transfers are handled.
- 読む
SOC 2 and HIPAA
SOC 2 and HIPAA statuses, BAA, and who to contact for compliance reviews.