Privacy Policy

We ASE PLC, value your privacy and take the protection of your personal data very seriously. We strictly adhere to applicable law and all data protection regulations. This policy may be updated to adhere to current regulations. The latest version is available here:

Below, please find details of how we handle your data responsibly:

Who is responsible for processing your data?


Contact for data processing (UK):


20-22 Wenlock Road,

London N1 7GU, United Kingdom


Contact for data processing (AT):

Edentity Software Solutions GmbH

Columbusplatz 7-8/1/DG

1100 Vienna, Austria

What is Personal Data?

“Personal data” is any information that directly or indirectly relates to a natural person.

What kind of data is processed and what is the source of this data?

The primary source for the personal data we process is you, as part of a business relationship (including, but not limited to):

  • Employees & Contractors (including prospective)
  • Clients (including prospective)
  • Information provided via our website
  • Information provided via other methods

Additionally, we may process personal data from publicly accessible sources (including but not limited to: commercial register, media) and personal data collected or generated to fulfil pre-contractual or contractual obligations.

Key personal data including, but not limited to:

  • Name
  • Address
  • Private contact details
  • Business related contact details

Employee contract personal data including, but not limited to:

  • Position
  • Date of birth
  • Salary

Job Application personal data including, but not limited to:

  • Curriculum Vitae
  • Employment references
  • Certificates

Accounting personal data including, but not limited to:

  • Bank details
  • Invoice details

We may, in some circumstances, collect personal financial data including, but not limited to

  • Credit rating

Marketing data including, but not limited to:

  • Website cookies
  • Web analytics
  • Marketing consent

Data for business process documentation purposes including, but not limited to

  • Meeting notes
  • E-mail traffic

What purpose do we collect and process your personal data for? - How long is the data stored? - What is the legal basis for processing your personal data?

We process personal data for the following purposes and based on the below legal foundation:

As part of your consent (Art. 6 Para. 1 cl. a GDPR)

If you have explicitly consented to storing and processing of your personal data, we will only process it for the purposes specified in the declaration of consent and to the extent agreed therein. You can withdraw your consent at any time. Withdrawal of consent does not affect the legitimacy of data processing up to that point in time.

To fulfil (pre-) contractual obligations (Art. 6 Para. 1 cl. b GDPR)

If the processing of your personal data is necessary to fulfil pre-contractual terms or a contract concluded with you, the purpose of the processing corresponds to the purpose regulated in the contract.  Details can be given in the associated contract documents, if required.

This applies, among other things, but not exclusively to employees at companies who use one or more of our software product solutions. Your data will be stored for the duration of the business relationship with us, provided that corporate retention requirements do not ask for a longer period and in any case in accordance with Art. 6 Para. 1 cl. f GDPR.

To fulfil legal obligations (Art. 6 Para. 1 cl. c GDPR)

Legal obligations can require the disclosure of your personal data. Legitimacy is, among others, based on:

  • Trade regulations
  • Criminal Code
  • Services Act

To safeguard legitimate interests (Art. 6 Para. 1 cl. f GDPR):

We process your data to safeguard our legitimate interest, among others for the following purposes:

  • Invoicing and payment management and administration
  • Marketing of our services and products
  • Development of new products and services
  • Quality assurance and improvement of our offer
  • Proof of statutory mandated prerequisite check

Your data will be stored for the duration of the business relationship with us, provided that corporate retention requirements do not ask for a longer period and in any case in accordance with Art. 6 Para. 1 cl. f GDPR.


ASE holds a registration as a data controller with the Information Commissioner’s Office (ICO). Details concerning the registrations can be viewed at under registration number Z1936284.

You also have the right to lodge a complaint with the ICO, who can be contacted via this link:

What are your contextual rights?

An objection to data processing under the conditions of Art. 21 GDPR is possible at any time.

After establishing your identity, you have a right to information. Accordingly, we will provide you or a third party authorized by you with information of the origin, type, duration, purpose of data storage and business case of your personal data processed by us. Information can only be provided to third parties if the recipient enables this from a technical point of view and the data transfer does not violate either statutory or other confidentiality obligations or considerations nor causes unreasonable effort.

Furthermore, you have the right to request incomplete personal data to be either completed or deleted. In special, justified individual cases, it is also possible that you object to the processing of complete, correct and lawfully retained and processed personal data (e.g. direct mail) if you no longer want to use associated services etc. Revoking your consent does not affect the legitimacy of the processing carried out up to the point of withdrawal of consent.

Please contact us in any of the abovementioned cases.

If despite our best efforts to ensure you feel comfortable to entrust us with your personal data, you are of the opinion that we are using your data in an impermissible manner, you have the right to lodge a complaint with:

UK: The Information Commissioners Office (ICO).

AT: The Austrian Data Protection Authority.

How is the data transfer regulated?

Personal data will only be passed on to third parties if:

  • You have given your explicit prior consent
  • There is a legitimate interest
  • Appropriate documentation exists before the data is collected
  • To fulfil (pre-)contractual and legal obligations (e.g. in the context of official investigations, pending proceedings, to assert, exercise or defend our legal claims, to release data to potential or actual buyers of business areas or assets).

We carefully select our business partners in individual areas of business, who are of course also obliged to act in accordance with data protection regulations and always ensure that data processing and forwarding is carried out exclusively on the basis of the appropriate statutory requirements and related laws. Third-party processors are:

  • Companies, in accordance with the consent you have given
  • Service providers for order processing (including, but not limited to, service providers for website maintenance, marketing agencies, service providers for quality assurance and IT services)
  • Authorities and public bodies if required by law

Is there an obligation to provide data?

The provision of personal data is part of the establishment of a contractual relationship or may be required to process (pre-)contractual business cases. Thus, please note, that a desired contractual relationship or a desired business case processing may not come about if this data is not made available or is not made available to the required extent. Please note that this would not count as a contractual default on our part.

Do we use automated decision-making including profiling?

We do not use automated decision-making according to Art 22. GDPR to bring about a decision on business relations.

Website usage-specific and social media-related information on data protection

To optimise your internet experience, our websites use cookies and data is collected during your visit to the websites. Your IP address is saved as well. The retention period for the IP address information is a maximum of two years.

You can deactivate cookies in your internet browser at any time. Please visit the support pages of your respective browser for details. Please note that some features of our website may not be displayed as intended without activating cookies.

You can manage your cookie preferences by use of the pop-up window on our website. We use third-party software for cookie management. Your consent to the selected cookie setting remains stored in your browser settings until the cookie is deleted or according to the max. retention period set in the cookie management software.

Our social media pages collect anonymous statistical data (for example for the purpose of targeted marketing), which are neither passed on to us or processed by us. For further details, please consult the cookie and website guidelines of the respective platform operator.

In accordance with our internal information security and data protection guidelines, payment data is processed exclusively using SSL (Secure Socket Layer) technology.