A

ASTRIII

Business Platform

Legal

GDPR

How ASTRIII Business processes, protects and supports personal data under UK GDPR and related data protection law.

Last updated: June 2026

1. Roles and responsibilities

For most workspace, website, booking, customer and content data entered by a business using ASTRIII Business, that business is the data controller because it decides what information is collected and why it is used.

Node Dawn Group Ltd, through ASTRIII Business, acts as a data processor where it stores, secures, transmits or otherwise processes that data in order to provide the service.

  • Customer business: controller of its own customer, enquiry, order and contact data.
  • Node Dawn Group Ltd: processor for platform delivery, support, maintenance and security operations.

2. Processing purpose

Personal data is processed only to deliver the platform, maintain account access, support enquiries, manage subscriptions, provide security logging, and keep the service reliable and lawful.

  • Website and content publishing
  • Customer records and enquiries
  • Billing, subscriptions and service administration
  • Support, diagnostics and security monitoring

3. Security and access controls

ASTRIII Business uses HTTPS, role-based access, isolated customer records and controlled administrative access. Sensitive credentials are stored securely and platform actions may be logged for operational and security purposes.

  • Encrypted transport where supported
  • Restricted workspace and portal access
  • Administrative audit and support visibility where needed
  • Reasonable organisational measures to reduce unauthorised access risk

4. Data subject rights

Customers remain responsible for responding to requests from their own users or customers. Node Dawn Group Ltd provides reasonable assistance where ASTRIII Business stores or exports the relevant data.

  • Access and correction requests
  • Deletion or restriction support where appropriate
  • Export routes where platform data can be reasonably extracted
  • Operational help for lawful GDPR requests

5. Retention and subprocessors

Data is retained for as long as reasonably necessary to provide the service, comply with legal obligations, maintain records, resolve disputes and protect the platform. Trusted third-party infrastructure, email, payments or other service providers may be used where needed to operate ASTRIII Business.

6. Incidents and contact

Security or data handling issues are assessed promptly. Where required by law or contract, affected customers will be notified and supported with relevant information.

Contact

Policy questions

For GDPR, controller or processing questions relating to ASTRIII Business, contact cosmos@nodedawn.com and include enough detail for the request to be identified and handled properly.

cosmos@nodedawn.com nodedawn.com

Node Dawn Group Ltd · Company No. 16449681 · 548 Becontree Avenue, Dagenham, England, RM8 3HR