Legal

Privacy Policy

Last Updated: March 9, 2026

1. Introduction

Ad Astrum LLC ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website adastrum.co and use our mobile applications (Aromi.ai, Finanly.ai, Organiko.ai, Kayro), collectively referred to as our "Services."

By accessing or using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

2. Information We Collect

We may collect the following types of information when you use our Services:

Personal Information You Provide

When you contact us, create accounts, or subscribe to our services, we may collect your name, email address, phone number, and mailing address.

Account Information

When you create an account in any of our applications, we collect your username, password (stored in encrypted form), and profile details necessary for the functionality of the application.

Payment Information

Billing details are processed through third-party payment processors, including Apple's in-app purchase system. We do not directly store your credit card numbers or full payment account details on our servers.

Usage Data

We automatically collect information about how you interact with our Services, including pages visited, features used, time spent on pages, clicks, navigation paths, and referring URLs.

Device Information

We collect device-specific information such as your device type, operating system and version, browser type and version, IP address, unique device identifiers, and mobile network information.

App-Specific Data

Each of our applications may collect data specific to its functionality:

  • Aromi.ai — IoT device data, machine telemetry, brewing preferences, and usage patterns from connected coffee machines.
  • Finanly.ai — Financial data, transaction records, budgets, and analytics information you input or authorize us to access.
  • Organiko.ai — Compliance records, certification data, inspection reports, and regulatory documentation.
  • Kayro — Messaging metadata, contact lists, communication preferences, and call records (content of messages is end-to-end encrypted where applicable).

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide, operate, maintain, and improve our Services
  • Process transactions and send you related information, including purchase confirmations and invoices
  • Send you administrative information, such as updates, security alerts, and support and administrative messages
  • Respond to your comments, questions, and requests and provide customer service and support
  • Monitor and analyze trends, usage, and activities in connection with our Services to improve user experience
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities and protect the rights and property of Ad Astrum LLC and others
  • Personalize and improve the Services and provide content, features, or advertisements that match your interests and preferences
  • Facilitate contests, sweepstakes, and promotions and process and deliver entries and rewards
  • Comply with legal obligations, resolve disputes, and enforce our agreements

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We share information with third-party vendors, consultants, and service providers who perform services on our behalf, such as hosting, data analytics, email delivery, customer service, and marketing assistance.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities, including court orders, subpoenas, or government regulations.
  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Protection of Rights: We may disclose information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation in which we are involved.
  • With Your Consent: We may share your personal information for any other purpose with your consent or at your direction.

5. Data Storage and Security

We use industry-standard security measures to protect your personal information, including encryption in transit and at rest, secure servers, firewalls, and strict access controls. Our data is stored on secure servers located in the United States.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. These measures include, but are not limited to:

  • SSL/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Regular security audits and vulnerability assessments
  • Role-based access controls and multi-factor authentication for internal systems
  • Secure software development practices

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

6. Third-Party Services

Our Services may contain links to or integrate with third-party websites, services, and applications that are not operated by us. These third-party services have their own privacy policies, and we have no responsibility or liability for the content, privacy policies, or practices of any third-party services.

Third-party services we may integrate with include, but are not limited to:

  • Apple App Store and Apple services (Sign in with Apple, In-App Purchases, Push Notifications)
  • Google Analytics and other analytics providers
  • Cloud infrastructure providers (AWS, Google Cloud)
  • Payment processing services
  • Customer support and communication tools

We encourage you to review the privacy policies of any third-party services you access through our Services.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Services and hold certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier.

Types of cookies we use:

  • Essential Cookies: Required for the operation of our website. They enable basic functions like page navigation, secure access to areas of the website, and remembering your preferences.
  • Analytics Cookies: Allow us to recognize and count the number of visitors and see how visitors move around our website. This helps us improve the way our website works.
  • Functionality Cookies: Used to recognize you when you return to our website. This enables us to personalize our content for you and remember your preferences.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services. Most web browsers are set to accept cookies by default. You can usually modify your browser settings to decline cookies if you prefer.

8. Your Rights and Choices

Depending on your location and applicable law, you may have the following rights regarding your personal information:

  • Access: You may request access to the personal information we hold about you.
  • Correction: You may request that we update or correct inaccurate personal information.
  • Deletion: You may request deletion of your personal information, subject to certain exceptions.
  • Opt-Out: You may opt out of receiving marketing communications from us at any time by clicking the "unsubscribe" link in our emails or contacting us directly.
  • Data Portability: You may request a copy of your personal information in a structured, commonly used, and machine-readable format.
  • Withdraw Consent: Where we rely on consent to process your information, you may withdraw that consent at any time.

To exercise any of these rights, please contact us at info@adastrum.co. We will respond to your request within 30 days or as required by applicable law.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
  • Right to Delete: You have the right to request deletion of personal information we collected from you, subject to certain exceptions.
  • Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you.
  • Right to Opt-Out: You have the right to opt out of the sale or sharing of your personal information. We do not sell your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of sensitive personal information to what is necessary.

To exercise your California privacy rights, please contact us at info@adastrum.co. We will verify your identity before fulfilling your request and respond within 45 days as required by law.

10. International Users (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and similar laws.

Legal Basis for Processing

We process your personal information based on one or more of the following legal grounds:

  • Consent: You have given clear consent for us to process your personal information for a specific purpose.
  • Contract Performance: Processing is necessary for the performance of a contract with you.
  • Legitimate Interests: Processing is necessary for our legitimate interests, provided these are not overridden by your rights and interests.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation.

Your GDPR Rights

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right not to be subject to automated decision-making, including profiling

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

International Data Transfers

Your information may be transferred to and maintained on servers located outside of the EEA. We ensure that any such transfers are carried out in accordance with applicable data protection laws and with appropriate safeguards in place, including Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

Our Services are not directed to individuals under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to promptly delete such information from our servers.

If you are a parent or guardian and you believe your child has provided us with personal information, please contact us at info@adastrum.co so we can take appropriate action.

12. Data Retention

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to:

  • Fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements
  • Maintain your account while it is active and for a reasonable period thereafter
  • Resolve disputes and enforce our legal agreements and policies
  • Comply with applicable laws and regulations regarding data retention

When your personal information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policies and applicable law.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will be effective immediately when we post the revised Privacy Policy on this page with an updated "Last Updated" date.

Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

For material changes, we will provide notice through our Services or by sending you an email notification, where possible. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Ad Astrum LLC

1401 21st ST #STE R, Sacramento, CA 95811, US

info@adastrum.co

adastrum.co