Privacy policy

1. Scope

This privacy policy explains how Accelerated Software Development B.V. ("ASD", "we", "us") processes personal data when you:

• visit asd.host and related pages operated by Accelerated Software Development B.V.;
• use asd.engineer in connection with ASD's tunneling services;
• create and use an ASD account;
• manage your privacy preferences (analytics and session tooling toggles).

The domain asd.engineer is operated under the responsibility of Accelerated Software Development B.V. and is used exclusively for the provision of tunneling and related technical services.

For processing of customer data in connection with ASD's paid or provisioned services, the applicable contract terms and Data Processing Addendum (DPA) govern. See our Terms of Service.

2. Controller & contact

ASD is the data controller for:

• website analytics consent choices;
• marketing communications;
• user accounts and billing and administrative operations;
• technical metadata processed in connection with tunneling services.

Contact (privacy):

• Email: privacy@asd.host

3. What personal data we process

Depending on your use, we may process the following categories of personal data:

A. Website and marketing pages (asd.host)

• IP address (may be truncated or anonymized depending on tool settings);
• device and browser information (user agent);
• approximate location (derived from IP address);
• pages visited, referrers, and interaction events (only if you opt in to specific tools).

B. Tunneling services (asd.engineer)

We may process technical metadata required to provide, secure, and troubleshoot tunneling services, such as:

• connection metadata (for example timestamps, assigned identifiers, technical status);
• IP address and network-related technical data;
• operational and security logs required for reliability, abuse prevention, and incident investigation.

This data does not include customer content, decrypted traffic, or request payloads unless explicitly agreed under contract.

C. Account and service administration

• email address, account identifiers, and authentication metadata;
• billing-related information (if applicable);
• security logs and audit events (for example login events and abuse prevention).

D. Privacy preference data

• your choices to enable or disable Google Analytics, Pirsch, and Smartlook;
• preference storage key and timestamp.

4. Why we process personal data

We process personal data in order to:

• operate and secure our website, accounts, and tunneling services;
• provide customer support;
• deliver and maintain tunneling functionality;
• measure and improve our website (only with consent where required);
• comply with legal obligations;
• prevent fraud, abuse, and service misuse.

5. Legal bases (GDPR/UK GDPR)

We rely on the following legal bases:

• Contract – to provide services you requested, including tunneling services;
• Legitimate interests – for security, abuse prevention, and service reliability;
• Consent – for optional analytics and session recording tools;
• Legal obligation – for tax, accounting, and mandatory retention requirements.

6. Subprocessors / service providers

We use the following providers to operate our platform and infrastructure:

Supabase (data platform)

We use Supabase for platform components such as data storage and related processing.

• Supabase DPA

Hetzner (infrastructure)

We run parts of our services on Hetzner infrastructure.

• Hetzner DPA (PDF)

IONOS (hosting & infrastructure)

We use IONOS for hosting and infrastructure services.

• IONOS DPA (PDF)

We may use additional subprocessors for operational needs. Where required, we will disclose material subprocessors in the relevant contractual DPA and/or annexes for the service.

7. Analytics & session tooling

We use Pirsch (cookie-free) by default under legitimate interest. Cookie-based tools (GA4, Smartlook) are only enabled if you explicitly opt in.

8. Your privacy preferences

You can change your privacy preferences at any time on asd.host. Your choices control whether cookie-based tools (Google Analytics and Smartlook) load.

How we store your choices

• Logged in: stored in your user profile (so your settings follow you across devices).
• Not logged in: stored in your browser using localStorage.

Withdrawing consent is as easy as toggling a tool off. Once disabled, we stop loading that tool going forward.

9. International data transfers

Some providers may process data outside your country. Where applicable, providers rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

10. Retention

We keep personal data only as long as needed for:

• the purposes described above;
• legal retention requirements;
• resolving disputes and enforcing agreements.

Operational logs and security-related data, including tunneling metadata, are retained for limited, defined periods in line with legal, contractual, and operational requirements.

When accounts are closed, we delete or anonymize data unless retention is legally required.

11. Your rights

Depending on your location (EU/EEA/UK), you may have rights to:

• access, rectification, deletion,
• restriction/objection,
• data portability,
• withdraw consent (for opt-in analytics/session tools).

To exercise rights: email privacy@asd.host.

12. Data breaches

In the event of a personal data breach, ASD follows applicable legal notification and remediation requirements, including notification obligations under GDPR and UK GDPR where relevant.

13. Changes

We may update this privacy policy from time to time. The latest version will always be available on asd.host.