Privacy Policy

Effective Date: 23 April 2025

This Privacy Policy ("Policy") describes how Asothia Ltd. ("Asothia", "we", "us", or "our") collects, uses, shares, and protects personal information of users ("you") in connection with our platform, accessible at www.asothia.com and related services (collectively, the "Services"). We are committed to complying with the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018.

1. Information We Collect

When you sign up or interact with the Services, we collect:

a. Account & Identity Information:

  • Full name
  • Email address
  • Nationality
  • Gender (optional)
  • Institutional affiliation
  • Career stage

b. Research & Preference Data:

  • Type of funding sought
  • Research Area Tags (broad and specific research fields)
  • Research Method Tags (research methods used)
  • Research bio (optional)
  • Research abstract (optional)

c. Technical Data:

  • IP address
  • Browser type and version
  • Device information
  • Interaction data (pages visited, links clicked)

2. Legal Basis for Processing

We process your personal data based on:

  • Performance of a contract: to provide grant matches and maintain your account.
  • Legitimate interests: for analytics, product improvement, and ensuring platform security.
  • Consent: for optional data and marketing communications (you may withdraw consent at any time).
  • Legal obligations: to comply with applicable law or lawful requests.

3. How We Use Your Data

We use your data to:

  • Provide tailored grant matching services
  • Improve and personalise our platform
  • Communicate with you (e.g., updates, support)
  • Conduct research on funding trends (aggregated/anonymised)

We never sell your data. Data may be anonymised and used in aggregate for product improvement or research purposes.

4. Data Sharing

We share data only when necessary:

  • With trusted third-party service providers (e.g.) under contractual obligations
  • With law enforcement when legally required
  • Within Asothia for internal operations and product development

5. International Data Transfers

If personal data is transferred outside the UK, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses).

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by applicable law. When the data is no longer required, we will either delete it securely or anonymise it for analytical purposes.

You may request the deletion of your personal data or your entire account at any time by contacting us at info@asothia.com. We will respond to your request in accordance with applicable data protection laws, typically within one month.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access and receive a copy of your data
  • Correct or update your data
  • Erase your data ("right to be forgotten")
  • Object to or restrict processing
  • Port your data to another service

To exercise these rights, contact: info@asothia.com

8. Security

We use industry-standard measures to protect your data, including encrypted storage, secure cloud infrastructure and access controls (such as Supabase). However, no system is 100% secure.

9. Changes to This Policy

We may update this Policy. Major changes will be communicated via email or in-app notification. Continued use of the Services indicates your acceptance of the revised policy.

10. Contact

Asothia Ltd.

Email: info@asothia.com

Registered in the United Kingdom.