Skip to main content
Asterlio CRM

Privacy Policy

Effective Date: April 10, 2026Version: 1.0Product Owner: Omniswift

1.Introduction

Asterlio ("Asterlio", "we", "our", or "us") is a Customer Relationship Management (CRM) platform developed and operated by Omniswift. Asterlio enables organisations to manage real-time customer support interactions through an integrated chat widget, ticket management system, and multi-channel communication — including integration with WhatsApp via the Meta (Facebook) Business Platform.

This Privacy Policy explains how Asterlio collects, uses, stores, shares, and protects information about users of the Asterlio platform and its services, including end-users (customers) who interact with organisations that deploy Asterlio on their websites or channels.

By using Asterlio — whether as an Admin, Agent, Technical Support user, or Customer — you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the platform.

2.Scope of This Policy

This Privacy Policy applies to:

  • All users of the Asterlio CRM platform, including Admins, Customer Support Agents, Technical Support Agents, and Customers.

  • Organisations that subscribe to and deploy Asterlio as a customer support tool.

  • Interactions facilitated through the Asterlio chat widget embedded on client websites.

  • Communications conducted via the WhatsApp integration powered by the Meta Business Platform (WhatsApp Business API).

  • Data processed, stored, or transmitted through any Asterlio service or interface.

This Policy does not apply to third-party products or services that are linked from or integrated with Asterlio but operate under their own privacy frameworks.

3.Data Controller and Contact Information

Asterlio is a product of Omniswift. For the purposes of applicable data protection law, Omniswift acts as the Data Controller in respect of personal data processed through the Asterlio platform.

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Omniswift — Asterlio Privacy Team · Email: privacy@asterlio.com · Website: https://www.asterlio.com

4.Information We Collect

4.1 Information Provided Directly

When users interact with Asterlio, we collect information provided voluntarily, including:

  • Full name and email address (required from customers before initiating a chat session).

  • Complaint categories selected by customers during support interactions.

  • Text messages, files, images, and attachments shared during chat sessions.

  • Internal notes and activity logs entered by Agents and Admins.

  • Star-rating feedback (1–5) submitted by customers after ticket closure.

  • Account credentials (email and password) for registered users such as Admins and Agents.

4.2 Information Collected Automatically

Asterlio automatically collects certain technical and operational information when users access or use the platform:

  • IP addresses and device/browser metadata.

  • Session timestamps and login activity.

  • Ticket creation, status transitions, escalation actions, and closure events.

  • Activity logs, including timestamps and actor identifiers for all ticket-related actions.

  • System-generated notifications and SLA performance data.

  • Error logs and failed action records for debugging and audit purposes.

4.3 Information from WhatsApp (Meta Business Platform)

Where organisations enable the WhatsApp Business integration, Asterlio may process the following data received via the Meta (WhatsApp) Business API:

  • Phone numbers used to initiate or respond to WhatsApp messages.

  • Message content (text, images, documents, and other media) exchanged through WhatsApp chats.

  • Message delivery and read status metadata.

  • User-generated content provided during WhatsApp-based support interactions.

This data is processed solely to deliver customer support services. Asterlio does not use WhatsApp-sourced data for advertising, profiling, or any purpose beyond the delivery of support operations. Message content received from WhatsApp is governed by Meta's WhatsApp Business API policies in addition to this Privacy Policy.

4.4 Information from Organisations (Clients)

Organisations that deploy Asterlio may configure and provide additional data such as:

  • Organisation name, contact details, and branding preferences.

  • Complaint category definitions and workflow configurations.

  • Agent and Admin account details for onboarding.

5.How We Use Your Information

Asterlio uses the information it collects for the following purposes:

5.1 Service Delivery

  • To facilitate real-time customer support interactions through the chat widget and WhatsApp channel.

  • To create, manage, track, and close support tickets.

  • To enable ticket escalation, reassignment, and internal notes between agents.

  • To deliver in-app and email notifications for key events.

5.2 Platform Administration

  • To authenticate users and enforce role-based access controls.

  • To allow Admins to onboard organisations, manage agents, and monitor performance.

  • To log all platform activity for audit trails, accountability, and compliance.

5.3 Performance and Analytics

  • To calculate and display support performance metrics (e.g., average resolution time, SLA compliance, agent ratings).

  • To generate reporting dashboards for Admins.

  • To monitor SLA warnings and breach thresholds.

5.4 System Reliability

  • To detect, investigate, and resolve technical errors and failures.

  • To maintain system uptime and security.

  • To improve and iterate on the platform based on operational patterns.

5.5 Communication

  • To send transactional emails including account verification, password reset, ticket closure notifications, and new client assignment alerts.

  • To display in-app system notifications relevant to user roles.

5.6 Legal and Compliance

  • To comply with applicable laws, regulations, and law enforcement requests.

  • To enforce our Terms of Service and protect the rights and safety of users and the platform.

6.Legal Basis for Processing

Where applicable under data protection regulations (including the NDPR — Nigeria Data Protection Regulation, GDPR — General Data Protection Regulation, and similar frameworks), Asterlio processes personal data on the following legal bases:

Contractual Necessity: Processing is required to deliver the services agreed upon between Asterlio and subscribing organisations, and between agents and customers initiating support requests.

Legitimate Interests: Processing for platform security, fraud prevention, audit logs, SLA monitoring, and service improvements.

Consent: Where required, users provide consent at the point of data collection (e.g., customers entering their name and email in the chat widget).

Legal Obligation: Processing necessary to comply with applicable laws and regulatory requirements.

7.Data Sharing and Disclosure

Asterlio does not sell personal data. We do not share personal data with third parties for marketing or advertising purposes. We may share data in the following limited circumstances:

7.1 With Subscribing Organisations

Customer support interactions (including chat content and ticket data) are accessible to the organisation that deployed the Asterlio widget and their assigned agents and admins, as necessary to deliver support.

7.2 With Service Providers

We engage trusted third-party service providers who assist in delivering the Asterlio platform, including:

  • Email delivery providers (e.g., Mailtrap) for transactional notifications.

  • Cloud hosting and file storage providers for storing attachments.

  • Authentication and security services.

All service providers are bound by contractual obligations to process data only on Asterlio's instructions and in accordance with this Policy.

7.3 Meta (WhatsApp Business API)

To enable WhatsApp messaging, Asterlio operates through the Meta WhatsApp Business API. Certain data (such as phone numbers and message content) is transmitted through Meta's infrastructure in accordance with Meta's Business API Terms of Service and Privacy Policy. Asterlio does not share WhatsApp user data with Meta for advertising purposes.

7.4 Legal Requirements

We may disclose personal data if required to do so by law, court order, or governmental authority, or if we believe in good faith that such disclosure is necessary to protect the rights, property, or safety of Asterlio, its users, or the public.

7.5 Business Transfers

In the event of a merger, acquisition, or sale of assets involving Omniswift, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.

8.WhatsApp Integration — Specific Disclosures

Asterlio integrates with the WhatsApp Business API provided by Meta Platforms, Inc. The following disclosures apply specifically to the WhatsApp channel:

  • Asterlio uses the WhatsApp Business API solely for the purpose of enabling customer support communication between organisations and their end-customers.

  • Message content transmitted through WhatsApp is processed within Asterlio's platform and stored as part of the relevant support ticket record.

  • Asterlio does not use WhatsApp message content for advertising, profiling, analytics beyond support operations, or any purpose not directly related to service delivery.

  • End-users communicating via WhatsApp should be aware that their messages are received and processed by the organisation's Asterlio CRM system.

  • WhatsApp users may opt out of receiving messages from an organisation by following standard WhatsApp opt-out mechanisms (e.g., replying "STOP" or blocking the business number).

  • Asterlio complies with Meta's WhatsApp Business API Terms of Service and all applicable policies governing the use of the WhatsApp platform.

Users seeking information about Meta's data practices should refer to Meta's Privacy Policy available at https://www.facebook.com/privacy/policy/.

9.Data Retention

Asterlio retains personal data for as long as necessary to fulfil the purposes described in this Policy and to comply with legal obligations:

  • Active ticket and chat data is retained for the duration of the support interaction and stored in the ticket archive thereafter.

  • Account data for Admins and Agents is retained for the duration of the subscription and for a reasonable period following account termination.

  • Activity logs and audit records are retained for a minimum of 12 months to support accountability and compliance.

  • Email notifications and templates are retained as transaction records.

  • Customer feedback (star ratings) is retained for reporting and performance analysis.

Where data is no longer required for any lawful purpose, it will be securely deleted or anonymised.

10.Data Security

Asterlio implements appropriate technical and organisational security measures to protect personal data against unauthorised access, loss, destruction, or alteration, including:

  • SSL/TLS encryption for all data transmitted between users and the Asterlio platform.

  • Role-based access control (RBAC) ensuring users only access data relevant to their role.

  • Secure credential management including hashed passwords and OTP-based email verification.

  • Internal logging and audit trails for all data access and modification events.

  • Secure file storage for attachments shared during support interactions.

While we take data security seriously, no system is completely immune to security threats. We encourage users to maintain strong passwords and report any suspected security incidents to privacy@asterlio.com promptly.

11.Your Rights and Choices

Subject to applicable law, you may have the following rights with respect to your personal data:

  • Right of Access: To request a copy of the personal data we hold about you.

  • Right to Rectification: To request correction of inaccurate or incomplete personal data.

  • Right to Erasure: To request deletion of your personal data where it is no longer necessary or where you withdraw consent.

  • Right to Restrict Processing: To request that we limit the processing of your data in certain circumstances.

  • Right to Data Portability: To receive your data in a structured, machine-readable format.

  • Right to Object: To object to processing based on legitimate interests.

  • Right to Withdraw Consent: Where processing is based on consent, to withdraw that consent at any time.

To exercise any of these rights, please contact privacy@asterlio.com. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

12.Cookies and Tracking Technologies

Asterlio uses cookies and similar technologies to maintain user sessions, support authentication, and improve platform functionality. These include:

  • Session cookies necessary for login and navigation.

  • Security tokens to protect against cross-site request forgery (CSRF).

We do not use advertising or tracking cookies. You may configure your browser to block cookies, though this may affect certain platform features.

13.Children's Privacy

Asterlio is designed for use by professionals and organisations. The platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided personal data through our platform, please contact us at privacy@asterlio.com and we will take steps to delete such information.

14.International Data Transfers

Asterlio operates primarily within Nigeria and serves organisations across multiple regions. In the course of providing our services — including the WhatsApp integration via Meta's infrastructure — data may be transferred to and processed in countries outside your country of residence. Where such transfers occur, we ensure appropriate safeguards are in place in accordance with applicable data protection law.

15.Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, services, or applicable law. When we make material changes, we will:

  • Update the "Effective Date" at the top of this document.

  • Notify registered users via email or in-app notification where required.

Continued use of the Asterlio platform following the effective date of any update constitutes acceptance of the revised Policy. We encourage you to review this Policy periodically.

16.Governing Law

This Privacy Policy is governed by the laws of the Federal Republic of Nigeria, including the Nigeria Data Protection Regulation (NDPR) issued by the National Information Technology Development Agency (NITDA). Where users are located in other jurisdictions, applicable local data protection laws may also apply.

17.Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact:

Asterlio Privacy Team — Omniswift