Privacy Policy

Effective Date: February 12, 2026 Last Updated: February 12, 2026

Asoba Corporation (“Asoba,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal and operational data you share with us. This Privacy Policy explains how we collect, use, store, share, and protect information when you use our platform, APIs, SDKs, and related services (collectively, the “Services”), including the Ona Intelligence Layer, Ona Edge, Nehanda, Zorora, and the ASB-P Protocol.

By accessing or using our Services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Account Information

When you create an account or contact us, we may collect:

Name and contact details (email address, phone number)
Company or organization name
Job title or role
Billing and payment information
Authentication credentials

1.2 Usage Data

When you interact with our Services, we automatically collect:

API call logs (endpoints accessed, request/response metadata, timestamps)
Platform usage patterns and feature interactions
Device and browser information (IP address, user agent, operating system)
Session duration and navigation paths within documentation and dashboards

1.3 Energy and Asset Data

Through our APIs and data ingestion pipelines, you may provide:

Energy production and consumption data (solar, wind, battery, and other asset types)
Weather and environmental data associated with your assets
Asset metadata (equipment manufacturer, model, capacity, location)
SCADA and IoT sensor data
Historical performance records

1.4 ML Model and Forecast Data

As part of our Services, we process:

Training datasets uploaded for model creation
Nowcast and forecast input data
Model configuration and hyperparameters
Prediction outputs and accuracy metrics

2. How We Use Your Information

We use the information we collect to:

Deliver Services: Process your data, generate forecasts, detect anomalies, and provide API responses
Improve Models: Train, validate, and improve our machine learning models (using anonymized and aggregated data unless you opt in to customer-specific model training)
Maintain and Improve the Platform: Monitor system performance, debug issues, and develop new features
Communicate with You: Send service updates, security alerts, and respond to support requests
Billing and Administration: Process payments, manage your account, and enforce usage limits
Comply with Legal Obligations: Meet regulatory, legal, and compliance requirements
Security: Detect, prevent, and respond to fraud, abuse, and security incidents

We do not sell your personal or operational data. We may share information with:

Service Providers: Cloud infrastructure providers (for hosting and compute), payment processors, and analytics tools that help us operate the platform. These providers are contractually bound to protect your data.
With Your Consent: When you explicitly authorize sharing with third-party integrations or partners
Legal Requirements: When required by law, regulation, court order, or governmental authority
Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate data protection safeguards
Aggregated Data: We may share anonymized, aggregated statistics that cannot identify you or your assets

4. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this policy. Specifically:

Account Data: Retained for the duration of your account and for a reasonable period thereafter for legal and business purposes
Energy and Asset Data: Retained as long as needed to deliver forecasting and analytics services, or as specified in your service agreement
Usage Logs: Retained for up to 24 months for analytics and security purposes
ML Training Data: Anonymized and aggregated training data may be retained indefinitely to improve model performance

You may request deletion of your data at any time (see Section 6).

5. Data Security

We implement industry-standard security measures to protect your data, including:

Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
Access Controls: Role-based access controls with the principle of least privilege
Infrastructure Security: Regular security audits, vulnerability assessments, and penetration testing
Monitoring: Continuous monitoring for unauthorized access and anomalous activity
Incident Response: Documented incident response procedures with defined notification timelines
On-Premises Option: For customers with stringent security requirements, Ona Edge supports fully on-premises deployment with all data processed locally

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your data:

Access: Request a copy of the personal and operational data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your data, subject to legal retention requirements
Portability: Request your data in a structured, machine-readable format
Restriction: Request that we limit processing of your data in certain circumstances
Objection: Object to processing of your data for specific purposes
Withdraw Consent: Where processing is based on consent, withdraw that consent at any time

To exercise any of these rights, contact us at support@asoba.co. We will respond to requests within 30 days.

7. Cookies and Tracking

Our documentation site and platform may use:

Essential Cookies: Required for basic functionality (authentication, session management)
Analytics Cookies: To understand how users interact with our documentation and platform (may include third-party analytics tools)
Preference Cookies: To remember your settings and preferences

You can control cookie settings through your browser. Disabling essential cookies may affect platform functionality.

8. International Data Transfers

Asoba operates globally and may transfer your data to servers located in different jurisdictions. When transferring data internationally, we ensure appropriate safeguards are in place, including:

Standard contractual clauses
Data processing agreements with service providers
Compliance with applicable data transfer regulations (including POPIA for South African data subjects and GDPR for European data subjects where applicable)

9. Children’s Privacy

Our Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the “Last Updated” date at the top of this page
Notify you via email or through the platform for significant changes
Provide a reasonable period for you to review changes before they take effect

Your continued use of our Services after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@asoba.co Website: asoba.co

For data protection inquiries specific to South African data subjects, we comply with the Protection of Personal Information Act (POPIA). For European data subjects, we comply with the General Data Protection Regulation (GDPR) where applicable.

Get Help & Stay Updated

Contact Support

For technical assistance, feature requests, or any other questions, please reach out to our dedicated support team.

Email Support Join Discord