Effective Date: 7th August 2025
Last Updated: 7th August 2025
1. Introduction
1.1 This Security Policy outlines the technical and organizational measures implemented by ASPHARE UG (Haftungsbeschränkt) to protect data submitted through the public-facing websites www.asphare.com and www.asphare.de (“Website”), including form submissions, contact information, and related marketing interactions.
1.2 The Website is operated by ASPHARE UG (Haftungsbeschränkt), a private limited liability company registered in Germany under company number [Insert Number], with its registered office at [Insert Address] (“ASPHARE”, “we”, “our”, or “us”).
2. Data Collection on the Website
2.1 Visitors may submit personal and business information via embedded forms to apply for early access, receive product updates, or contact ASPHARE.
2.2 The following forms and data points are collected:
2.2.1 Early Access Program Form
First and last name
Business email address
Company size (select)
Your role (select)
Business needs or platform-related challenges (free text)
Purpose: To qualify prospective users for our early access program and initiate direct communication.
2.2.2 Product Update Subscription Form
Business email address
Purpose: To send non-automated product updates and launch announcements to interested users.
2.3 No tracking or profiling is conducted prior to consent. Form fields are marked as required where applicable and are submitted over encrypted channels.
3. Data Processing Tools
3.1 Form submissions are processed using the following tools:
3.1.1 Mautic
Type: Open-source marketing automation platform
Hosting: Self-hosted on EU-based infrastructure (Germany)
Purpose: Email communication, lead nurturing, campaign analysis
Legal Basis: Consent under Art. 6(1)(a) GDPR
3.1.2 HubSpot
Type: CRM and marketing software
Provider: HubSpot Inc., EU and US (Standard Contractual Clauses in place)
Purpose: Lead capture, contact management, and communication support
Legal Basis: Consent under Art. 6(1)(a) and/or legitimate interest under Art. 6(1)(f) GDPR
3.2 Tracking cookies and embedded scripts related to Mautic or HubSpot are only loaded after explicit consent via the cookie popup.
4. Hosting and Infrastructure Security
4.1 The Website is hosted by IONOS SE, in certified data centers located in Frankfurt, Germany.
4.2 The infrastructure includes:
ISO 27001-certified data centers
TLS encryption for all traffic
Firewall and DDoS protection systems
24/7 monitoring and restricted physical access
Encrypted data backups retained on EU servers
5. Application and Plugin Security
5.1 The Website is operated using WordPress and the following verified components:
Fluent Forms Pro for secure form submission
WP DSGVO Tools for cookie consent and privacy compliance
Security controls, including:
HTTPS encryption
Limited user roles and access
Regular updates to core, themes, and plugins
Malware and brute-force protection
6. Data Access and Retention
6.1 Access to personal data collected via the Website is restricted to authorized ASPHARE personnel and select third-party processors (Mautic, HubSpot) for the purpose of follow-up, onboarding, or product communication.
6.2 Data is retained:
Only as long as necessary for the stated purpose
Or until the user withdraws consent or unsubscribes
In accordance with internal retention and deletion policies
6.3 Users may opt out or request deletion at any time using the unsubscribe links in emails or by contacting us directly.
7. Data Subject Rights
7.1 In accordance with the General Data Protection Regulation (GDPR), you have the right to:
Access your personal data
Request correction or deletion
Withdraw your consent
Restrict or object to processing
Lodge a complaint with a supervisory authority
7.2 To exercise your rights, contact us at: [email protected]
8. Responsible Entity
ASPHARE UG (Haftungsbeschränkt)
[Insert Address]
Email: [email protected]
Commercial Register: HRB [Insert Number], Local Court Bonn, Germany
9. Security Contact
For questions, concerns, or reports regarding website or data security, please contact:
Email: [email protected]
Subject Line: Security Inquiry
