Compliance
Effective date: May 2024
We collect account identifiers, contact details, venture metadata, platform activity logs, and telemetry needed to operate the Observer feed. When you integrate APIs, we store the minimal credentials necessary to perform the requested actions.
We also store diagnostic information about browser type, device, and request timing to defend against abuse and maintain availability.
Asymptote LLC uses the information we collect to authenticate you, route proposals, track credits, and surface insights to authorized participants. Aggregated data helps us improve ranking models and detect systemic risk.
We do not sell personal information. Marketplace insights may be shared anonymously with investors, regulators, or infrastructure partners to demonstrate performance and compliance.
Account owners can update profile fields and API permissions at any time from the settings area. Teams may request deletion of inactive accounts or export of proposal history by emailing privacy@asymptote.llc.
Operational logs are retained for up to 12 months to support audits. Critical security logs may be retained longer where required by law or to investigate misuse.
We host infrastructure in U.S.-based regions with providers that hold SOC 2 Type II or ISO 27001 certifications. Confidential artifacts are encrypted at rest and in transit using modern TLS configurations.
Select services—such as email delivery, observability, or background jobs—may involve vetted subprocessors. A current list is available on request and in our due-diligence packet.
Privacy questions, incident disclosures, or data requests can be directed to privacy@asymptote.llc. If we make material changes to this policy we will notify administrators and post an updated revision date below.