Data & Security Policies

0. Overview

SASAL, INC. (“SASAL,” “we,” “our,” or “us”) is committed to maintaining a secure, transparent, and trustworthy ecosystem for cross-border business collaboration.

This Policy defines the core governance principles for data usage, platform control, and security management within the SASAL platform.

This Policy functions as a central control layer, separate from:

  • Privacy Policy (personal data handling)
  • Terms of Service (legal and contractual obligations)
  • Acceptable Use Policy (detailed prohibited actions)

 

1. Core Principles

SASAL operates under the following principles:

  • Data is not public information, but a controlled ecosystem asset
  • Access does not grant ownership or unrestricted reuse rights
  • All data is intended for trusted collaboration within the platform
  • External extraction, storage, or commercial reuse is strictly restricted

 

2. Scope of Data

This Policy applies to all data within the platform, including:

  • Corporate information (business data, deals, strategy)
  • User profile data (roles, affiliations, expertise)
  • Platform activity (interactions, engagement, logs)
  • Communication and matching-related data

 

3. Data Usage Policy

We collect and use data only as necessary to operate and improve the SASAL platform.

Data we may collect:

  • Account and profile information
  • Platform activity and interactions
  • Communication and engagement data

Purpose of use:

  • Providing and improving services
  • Facilitating connections and matching
  • Analytics and service optimization
  • Ensuring platform integrity and security

We do not use personal data beyond what is reasonably necessary without appropriate notice or consent.

 

4. Visibility & Disclosure

By registering on SASAL, users agree that:

  • Their corporate and profile information may be displayed within the platform
  • Such information may be used for matching, comparison, and evaluation
  • Data may be shared with other users within the SASAL ecosystem

Important:

Visibility does not grant permission for external use.

 

5. Restriction on Data Usage

Users may use platform data only within the SASAL ecosystem.

Allowed use:

  • Matching and evaluation within the platform
  • Communication with other users
  • Legitimate business collaboration

Prohibited use:

  • External outreach using platform data
  • Copying, storing, or exporting data externally
  • Uploading to external systems (CRM, databases, tools)
  • AI / machine learning training usage
  • Data resale, redistribution, or listing

 

6. Scraping & Automated Access

Users shall not:

  • Use bots, crawlers, scripts, or automation tools
  • Extract or collect data in bulk
  • Access data through unauthorized APIs
  • Use AI agents or automated systems for data collection

This prohibition applies to all structured and unstructured data extraction methods.

 

7. Platform-Only Usage

All data obtained through SASAL must remain:

👉 within the SASAL ecosystem

Strictly prohibited:

  • Exporting or transferring data outside the platform
  • Building external business lists or databases
  • Integrating data into third-party services
  • Reusing data for independent commercial purposes

 

8. Nature of Data Rights

  • Visibility ≠ ownership
  • Access ≠ usage rights
  • All user access is limited, revocable, and non-exclusive

 

9. Security Policy

We implement reasonable technical and organizational measures, including:

  • Access controls and authentication systems
  • Encryption and secure data transmission
  • Monitoring and logging of system activity
  • Regular security reviews and updates

While we strive to protect all data, no system can be guaranteed to be completely secure.

 

10. AI & Algorithm Policy

SASAL may use automated systems and internal logic to support recommendations and matching, including:

  • Profile-based matching
  • Activity-based prioritization
  • Combined human and system-based curation

However:

  • Matching results are not guaranteed
  • Algorithms do not make final decisions independently
  • Users remain fully responsible for their decisions

 

11. Data Processing (DPA Overview)

For applicable regulations (e.g., GDPR):

  • SASAL may act as a data controller
  • In certain cases, SASAL may act as a data processor

We implement safeguards for:

  • Data processing and storage
  • Cross-border data transfers
  • Subprocessor management

A separate Data Processing Agreement (DPA) may be provided upon request.

 

12. Data Breach & Incident Response

In the event of a data security incident, SASAL will:

  • Promptly investigate the issue
  • Contain and mitigate impact
  • Notify affected users where required
  • Implement corrective actions to prevent recurrence

 

13. Enforcement & Violations

Violations of this Policy may result in:

  • Account suspension or termination
  • Access restrictions
  • Data blocking
  • Legal action

Users may be held responsible for any damage caused by violations.

 

14. Limitation of Responsibility

  • SASAL does not guarantee the accuracy of user-provided data
  • SASAL does not guarantee outcomes of matching or transactions
  • Users are solely responsible for their decisions

 

15. Policy Updates

This Policy may be updated as necessary. Continued use of SASAL constitutes acceptance of any updates.