Privacy Policy
Last updated: February 28, 2026
AssetBase ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our asset tracking and borrowing management platform at assetbasehq.com (the "Service").
By using the Service, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
Account Information
When you sign up for AssetBase, we collect:
- Full name
- Email address
- Organisation name
- Organisation type
- Your role within the organisation
- Selected subscription plan
Asset & Operational Data
In the course of using the Service, you and your team may enter:
- Asset information (names, descriptions, serial numbers, custom fields)
- People/contact records (names, emails, phone numbers, departments)
- Assignment and borrowing records
- Uploaded files, photos, and documents
- Audit logs and activity history
Automatically Collected Information
- Browser type and version
- IP address
- Pages visited and time spent
- Referring website
- Device type
2. How We Use Your Information
We use the information we collect to:
- Provision and maintain your AssetBase account and organisation workspace
- Deliver notifications to borrowers via WhatsApp and Telegram
- Process subscription payments and billing
- Send transactional emails (confirmations, password resets, assignment alerts)
- Improve the Service through usage analytics
- Respond to support requests
- Comply with legal obligations
We never sell your personal data to third parties.
3. Data Storage & Security
Your data is stored on Cloudflare's global edge network using Cloudflare D1 (database) and Cloudflare R2 (file storage). All data is:
- Encrypted in transit using TLS 1.2+
- Encrypted at rest
- Stored with strict tenant isolation โ your organisation's data is never accessible to other tenants
- Backed up regularly with automatic redundancy
We implement role-based access controls, session management, and audit logging to protect your account from unauthorised access.
4. Cookies & Analytics
We use Google Analytics (via gtag.js) on our marketing website to understand traffic patterns and improve our landing page. This may set cookies in your browser to:
- Distinguish unique visitors
- Track page views and referral sources
- Measure conversion events (e.g., sign-up form submissions)
The AssetBase dashboard application does not use third-party tracking cookies.
5. Third-Party Services
We use the following third-party services to operate AssetBase:
| Service | Purpose | Data Shared |
|---|---|---|
| Cloudflare | Hosting, database, file storage, CDN | All platform data (encrypted) |
| Google Analytics | Marketing site analytics | Anonymous usage data |
| Dodo Payments | Subscription billing | Payment & billing info |
| WhatsApp / Telegram | Borrower notifications | Borrower name, asset details, due dates |
When you connect enterprise directory integrations (Okta, Azure AD, Google Workspace, OneLogin, Microsoft Teams), authentication credentials are stored encrypted and used solely to sync your organisation's user directory.
6. Data Retention
- Active accounts: Data is retained for the duration of your subscription.
- Cancelled accounts: Data is retained for 30 days after cancellation to allow for reactivation, then permanently deleted.
- Audit logs: Retained for the lifetime of the account to support compliance requirements.
You may request earlier deletion by contacting us.
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your personal data ("right to be forgotten")
- Export your data in a portable format
- Restrict or object to certain processing activities
To exercise any of these rights, email us at privacy@assetbasehq.com. We will respond within 30 days.
8. California Privacy Rights (CCPA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act:
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to Opt-Out: We do not sell personal information. If this ever changes, we will provide an opt-out mechanism.
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
To make a CCPA request, email privacy@assetbasehq.com with the subject line "CCPA Request".
9. Children's Privacy
AssetBase is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this page periodically.
For material changes, we will notify you via email or a prominent notice within the Service.
11. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us:
- Email: privacy@assetbasehq.com