Skip to content

Privacy Policy

Last updated: 16 April 2026

This Privacy Policy describes how Asthra AI (“Asthra”, “we”) collects and handles personal data across two surfaces: the public website (asthra-writer.ai) and the Asthra product. The two surfaces have different data handling obligations and are described separately below.

1. Website: asthra-writer.ai

What we collect

  • Contact form submissions: name, email, company, document types of interest, and message content — submitted by you through the “Request a demo” form.
  • Server logs: IP address, user agent, timestamps, and the URL requested. Retained for security and performance monitoring.
  • No third-party advertising trackers. The site does not set advertising cookies.

How we use it

Contact form submissions are used to respond to your demo request and nothing else. We do not sell, rent, or share this data with third parties for marketing purposes.

2. Product: the Asthra Word add-in and backend

Customer documents

When you use the Asthra product, you upload source documents (e.g., trial protocols, TFL, PSURs, BMRs) for drafting. These documents stay within your isolated workspace. They are not shared with other customers. They are not used to train or fine-tune any model — ours or a third party's.

Model provider

Asthra uses Anthropic's Claude as its underlying language model. Claude processes prompts and source excerpts sent by the Asthra backend. Anthropic does not use customer data submitted through the API to train its models. Our commercial agreement with Anthropic governs these terms.

Retention and deletion

Customer documents and generated outputs are retained for the duration of your subscription. Deletion requests are honoured within thirty (30) days of written request and confirmed by email. Audit log records required for regulatory traceability may be retained longer where required by the customer's validation posture, and will be described in the commercial agreement.

Security

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Role-based access controls and audit logging are built in. See Data Security for the full posture.

3. Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete personal data we hold about you. Requests should be sent to info@asthra-writer.ai and will be acknowledged within five (5) business days.

4. Contact

Privacy questions? Email info@asthra-writer.ai.

This page is a plain-language summary. Commercial customers receive a detailed Data Processing Addendum (DPA) as part of their master services agreement.