Privacy Policy
1. Who is responsible (controller)
10 Anson Road, #10-11 International Plaza
Singapore 079903
Email: hi@asaphub.io
Privacy contact: privacy@asaphub.io
ASAP Hub Pte. Ltd. ("ASAP HUB", "we", "us") is the controller for personal data processed through this website. Because we address visitors in the European Union, this policy is written to meet the EU/EEA General Data Protection Regulation (GDPR / DSGVO) as well as Singapore's PDPA.
2. The short version
- We don't load any analytics or advertising trackers until you consent. You choose, and you can change your mind anytime via
- We use your data to answer you, deliver our services, and — with your consent — measure and improve our marketing.
- We never sell your personal data.
- You have the right to access, correct, delete, and port your data, to object, to withdraw consent, and to complain to a supervisory authority.
3. What we collect and why
a) When you contact us or request a Growth Audit / Business Diagnosis
Data you enter — name, email, business name, website, and what you tell us about your situation. We use it to respond, prepare your audit, and follow up about our services. Legal basis: steps taken at your request prior to a contract and our legitimate interest in responding (Art. 6(1)(b) and (f) GDPR).
b) When you chat with "Ben", our website assistant
The messages you send in the chat are processed to generate a reply and, if you ask about working with us, to create a lead so we can follow up. The chat runs on Anthropic's Claude API (see processors below); Anthropic processes the message content to return an answer and does not use website API content to train its models. Please don't enter sensitive personal data or passwords in the chat. Legal basis: your request / consent and our legitimate interest in supporting visitors (Art. 6(1)(a), (b), (f) GDPR).
c) When you book a call
Booking a call sends your name, email and chosen time to Calendly to schedule the meeting. Legal basis: steps prior to a contract (Art. 6(1)(b) GDPR).
d) When you subscribe to emails
If you opt in to our newsletter or email updates, we process your email (and any name you give) to send them. You can unsubscribe from any email at any time. Our email is handled by Brevo (see processors). Legal basis: consent (Art. 6(1)(a) GDPR).
e) Automatically, when you visit
Our host records standard server log data (IP address, browser/device type, pages requested, timestamps) to operate and secure the site. Legal basis: legitimate interest in a secure, functioning website (Art. 6(1)(f) GDPR). Statistics and marketing data are collected only after you consent — see the cookie section.
f) Proof-of-consent log
When you make a cookie choice, we store a record of it — a random consent ID, the categories you accepted, a timestamp, the page, your language, and your IP address — so we can demonstrate that valid consent was given. Legal basis: our legal obligation and legitimate interest in demonstrating consent (Art. 6(1)(c) and (f), Art. 7(1) GDPR).
4. Cookies & tracking
On your first visit, nothing but strictly necessary cookies is set. A consent banner lets you accept or reject statistics and marketing with equal ease. Google Consent Mode v2 is set to denied by default, and no Google or Meta tag loads until you opt in. You can withdraw or change consent anytime:
| Category | Purpose | Examples | Set before consent? |
|---|---|---|---|
| Necessary | Run the site securely, remember your language and your cookie choice. | Consent cookie (asap_consent), security, load balancing. | Yes (essential) |
| Statistics | Understand — anonymously — how the site is used, so we can improve it. | Google Analytics 4 (IP-anonymised). | No — consent only |
| Marketing | Measure ad performance and reach the right audiences. | Meta Pixel, Google Ads. | No — consent only |
5. Processors & third parties we use
We share data only with the service providers needed to run the website and our business. Each processes data on our behalf under a data-processing agreement. Providers marked "US" may process data in the United States; transfers are covered by the EU-US Data Privacy Framework and/or the EU Standard Contractual Clauses.
| Provider | What it does | Data | Region |
|---|---|---|---|
| DreamHost | Website hosting & server logs | IP, request logs, anything you submit | US |
| Anthropic (Claude API) | Powers the "Ben" chat assistant | Your chat messages | US |
| Brevo | Email delivery & newsletter | Email, name, engagement | EU |
| Google (Analytics 4, Ads) | Statistics & advertising — consent only | Usage & device data, ad interactions | US |
| Meta Platforms (Pixel) | Advertising measurement — consent only | Usage & ad interaction data | US |
| Google Workspace / Sheets | Storing leads & the consent log | Lead details, consent records | US/EU |
| Free Up OS | Our CRM — managing leads & follow-up | Lead details you submit | See provider |
| Calendly | Scheduling calls | Name, email, chosen time | US |
Fonts are self-hosted on our own server — we do not call Google Fonts or any external font CDN, so no data is shared with them.
6. How long we keep data
We keep personal data only as long as needed for the purpose it was collected, or as required by law. Leads and CRM records are kept while there is a prospective or active business relationship and for a reasonable follow-up period afterwards; consent records are kept for as long as the consent is relied on plus a limitation period; server logs are kept short-term for security. You can ask us to delete your data at any time (see your rights).
7. International transfers
As a Singapore company serving EU visitors, and because some processors are US-based, your data may be processed outside the EEA. Where that happens, we rely on the EU-US Data Privacy Framework, the EU Standard Contractual Clauses, and additional safeguards where appropriate.
8. Your rights
Under the GDPR/DSGVO you have the right to: access your data; correct it; delete it ("right to be forgotten"); restrict or object to processing; data portability; and to withdraw consent at any time without affecting prior processing. Under Singapore's PDPA you have equivalent access and correction rights. To exercise any of these, email privacy@asaphub.io. EU/EEA visitors also have the right to lodge a complaint with their local data-protection supervisory authority.
9. Data security
The site is served over HTTPS and we apply reasonable technical and organisational measures to protect your data. No method of transmission or storage is fully secure, but we work to protect your information and to limit access to it.
10. Children
Our services are aimed at businesses and are not directed to children. We do not knowingly collect data from children under 16.
11. Changes to this policy
We may update this policy. Material changes are reflected by the "Last updated" date, and — where a new use requires it — by asking for renewed consent.
12. Contact
For any privacy request or question, contact privacy@asaphub.io or hi@asaphub.io.
← Back to home