Asamano

Privacy Policy

Last updated: January 12, 2026

This Privacy Policy explains how Asamano, operated by Sinoel AB, Sweden ("we", "us", "our"), processes personal data when you use our services. We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

1. Scope and Roles (GDPR)

This Privacy Policy applies to all users of Asamano, including consumers and business users. Depending on the context: • We act as a data controller for account, billing, and service-related data. • We act as a data processor for content uploaded by users within customer accounts (such as item descriptions and images). Business customers remain responsible for personal data uploaded by their users.

2. Personal Data We Collect

We collect the following categories of data: a) Account and Contact Data • Name • Email address • Organization name (if applicable) • Login credentials (hashed) b) Usage and Technical Data • Log data (e.g. login timestamps) • Device and browser information • IP address (for security and fraud prevention) c) User Content • Text descriptions • Images • Organizational metadata (e.g. building, shelf, location labels) User Content is provided at your discretion. You should not upload sensitive or unnecessary personal data. d) Payment and Billing Data Payments are processed by Stripe. We do not store full payment card details.

3. How We Use Personal Data

We process personal data to: • Provide and operate the Service • Authenticate users and manage access • Process subscriptions and payments • Communicate service-related information • Improve functionality and reliability • Ensure security and prevent abuse • Comply with legal obligations

4. Legal Bases for Processing (GDPR)

We process personal data based on: • Contract – to provide the Service • Legitimate interests – security, service improvement, fraud prevention • Legal obligations – accounting, compliance • Consent – where required (e.g. certain communications) You may withdraw consent at any time where applicable.

5. Business Accounts and Administrators

For business accounts: • Account administrators may invite users and manage access. • Administrators control which users can access content. • Business customers are responsible for ensuring lawful processing of personal data uploaded by their users. We process such data only according to customer instructions and these Terms.

6. Data Processing and Subprocessors

We use trusted third-party service providers ("subprocessors") to operate the Service, including: • Hosting and infrastructure providers • Payment processing (Stripe) • Email delivery • Error monitoring and security services All subprocessors are subject to contractual confidentiality and data protection obligations. A list of subprocessors can be provided upon request.

7. International Data Transfers

Personal data may be processed outside your country of residence. Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, such as: • EU Standard Contractual Clauses • Adequacy decisions where applicable

8. Data Retention

We retain personal data: • for as long as your account is active, or • as necessary to provide the Service, or • as required by law (e.g. accounting records). You may request deletion of your account and associated personal data at any time, subject to legal retention requirements.

9. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including: • Access controls • Encryption in transit and at rest where appropriate • Monitoring and logging • Principle of least privilege No system is completely secure, but we continuously work to protect your data.

10. Cookies and Similar Technologies

We use essential cookies required for: • authentication • session management • user preferences We do not use cookies for advertising or cross-site tracking.

11. Your Rights Under GDPR

If you are located in the EU/EEA, you have the right to: • access your personal data • rectify inaccurate data • request erasure • restrict or object to processing • data portability • lodge a complaint with a supervisory authority Requests can be made using the contact details below.

12. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or via email. Continued use of the Service after the effective date constitutes acceptance.

14. Contact Information

For privacy-related questions or to exercise your rights, contact: legal@asamano.com

© 2026 Asamano. All rights reserved.

We use cookies to measure traffic and improve our advertising. You can accept or decline tracking. Privacy Policy