1. Introduction
This Privacy Policy establishes the standards for the collection, use, and protection of personal data by Astrontech (Pvt) Ltd (NTN: 0148666-7) in accordance with:
- Prevention of Electronic Crimes Act (PECA) 2016
- Personal Data Protection Bill (PDPB) 2023 principles
- E-commerce Policy 2.0 (2025-30)
- International data protection best practices
We are committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, store, and safeguard your data when you interact with astron.pk.
2. Data Controller Information
Astrontech (Pvt) Ltd is the data controller responsible for your personal information. We can be contacted at:
Email: info@astron.com.pk
Phone: +92-42-35952334-6
NTN: 0148666-7
3. Data Collection and Legal Basis
Astrontech collects information necessary to facilitate business-to-business (B2B) and business-to-consumer (B2C) interactions. All data collection is limited to lawful purposes directly related to our business activities and is not excessive in relation to those purposes.
3.1 Information We Collect
We collect data through the following channels:
Account Registration
- Full name and contact person details
- Organizational/company name (for corporate accounts)
- National Tax Number (NTN) for registered businesses
- Email address and phone numbers
- Billing and shipping addresses
- Business registration documents (when required)
Contact Forms and Complain Logs
- Messages, inquiries, and feedback provided by users
- Technical issues or complaints reported
- Ideas or suggestions for service improvement
- Correspondence history with customer support
Direct Correspondence
- Information shared via regional email addresses (sales.lhr@astron.com.pk, sales.khi@astron.com.pk, sales.isb@astron.com.pk)
- Phone call records and conversation notes
- Meeting notes and purchase order details
Transaction Data
- Order history and purchase details
- Payment information (processed securely, we do not store complete card details)
- Delivery addresses and shipping preferences
- Invoice records integrated with FBR system
Technical Data
- IP address and browser information
- Device type and operating system
- Website usage data and page interactions
- Cookie data (see our Cookies Policy for details)
3.2 Legal Basis for Processing
We process your personal data based on:
- Contractual Necessity: To fulfill orders and provide services
- Legal Obligation: To comply with FBR tax requirements and consumer protection laws
- Legitimate Interest: To improve our services and prevent fraud
- Consent: For marketing communications and optional services
4. How We Use Your Data
Your personal information is used for the following purposes:
Primary Business Operations
- Processing and fulfilling orders
- Communicating about your orders and deliveries
- Providing customer support and technical assistance
- Managing warranty claims and returns
- Maintaining business relationship records
Legal and Regulatory Compliance
- Generating FBR-compliant electronic invoices with QR codes
- Maintaining statutory records for tax purposes (6-year retention)
- Responding to legal requests and court orders
- Complying with consumer protection regulations
Service Improvement
- Analyzing website usage to enhance user experience
- Conducting customer satisfaction surveys
- Developing new products and services
- Improving our complaint resolution processes
Marketing and Communications (With Consent)
- Sending product updates and promotional offers
- Informing about new partnerships (Dell, HP, Lenovo, MSI products)
- Sharing industry news and technical insights
- Newsletter distribution
5. Your Data Protection Rights
In anticipation of the Personal Data Protection Bill (PDPB) 2023, Astrontech recognizes and respects the following fundamental rights:
Right to Access
You may request a copy of your personal data held by us in an intelligible format. A reasonable administrative fee may apply for complex requests.
Right to Correction
You can request amendment of inaccurate or misleading personal information. We will update your data promptly upon verification.
Right to Erasure
You may request deletion of your data once the purpose for collection is fulfilled, subject to statutory retention requirements (e.g., 6-year tax records).
Right to Data Portability
You can request your data in a structured, commonly used format for transfer to another service provider where technically feasible.
Right to Restrict Processing
You may request limitation of how we process your data under certain circumstances, such as during dispute resolution.
Right to Withdraw Consent
You may withdraw consent for data processing at any time, though this may limit your ability to use certain website features.
To exercise any of these rights, please contact us at info@astron.com.pk or through your regional office contact.
6. Data Security Measures
Astrontech employs robust security measures to protect personal data, taking into consideration the nature of the data and potential harm from unauthorized access:
SSL/TLS encryption for data transmission, secure server infrastructure, regular security audits and vulnerability assessments, firewall protection and intrusion detection systems
Role-based access permissions, multi-factor authentication for administrative accounts, session IP verification to prevent hijacking, regular password updates and complexity requirements
Employee training on data protection, confidentiality agreements with staff and partners, incident response procedures, regular backup and disaster recovery protocols
Secured server rooms with restricted access, surveillance monitoring of facilities, visitor logging and escort requirements, secure disposal of physical documents containing personal data
7. Data Breach Notification
In alignment with PDPB 2023 standards, Astrontech commits to:
User Notification: If the breach poses a high risk to you, we will also inform you directly without undue delay, providing details about the nature of the breach and steps you can take to protect yourself.
8. Data Retention Periods
Personal data is retained only as long as necessary to fulfill collection purposes or as required by Pakistani law:
| Data Type | Retention Period | Primary Purpose |
|---|---|---|
| Account Registration Details | Duration of account activity | Service access and identification |
| Transaction Invoices | 6 Years | Statutory tax compliance (FBR) |
| Customer Support Logs | 3 Years | Grievance resolution and quality control |
| Marketing Preferences | Until consent withdrawal | Communication and updates |
| Website Analytics | 26 Months | User experience optimization |
9. Data Sharing and Disclosure
Astrontech does not sell or rent your personal data to third parties. We may share your information only in the following circumstances:
Service Providers and Partners
- OEM Partners (Dell, HP, Lenovo, MSI): For warranty registration and technical support
- Logistics Companies: For order fulfillment and delivery
- Payment Processors: For secure transaction processing (they do not retain card data)
- IT Service Providers: For website hosting and maintenance
Legal Requirements
- Compliance with court orders or legal processes
- Response to government agency requests (FBR, PTA)
- Protection against fraud or security threats
- Enforcement of our Terms and Conditions
Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.
10. International Data Transfers
As Astrontech partners with international OEMs, some personal data may be transferred outside Pakistan for:
- Warranty processing with manufacturer systems
- Technical support escalation
- Cloud service hosting
When data is transferred internationally, we ensure adequate safeguards are in place, including:
- Standard contractual clauses
- Data processing agreements
- Verification of recipient's data protection standards
11. Children's Privacy
Astron.pk is not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Significant changes will be communicated through:
- Prominent notice on our website
- Email notification to registered users
- Updated "Last Modified" date at the top of this policy
We encourage you to review this policy regularly to stay informed about how we protect your information.
13. Contact Us
For questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact:
Astrontech (Pvt) Ltd
71 – Ata Turk Block, Garden Town, Lahore
Email: info@astron.com.pk
Phone: +92-42-35952334-6
Regional Contacts:
Karachi: sales.khi@astron.com.pk | +92-21-35151052-53
Islamabad: sales.isb@astron.com.pk | 051-4842299
14. Regulatory Oversight
While awaiting the establishment of the National Commission for Personal Data Protection (NCPDP) under PDPB 2023, data protection concerns may be addressed through:
- Pakistan Telecommunication Authority (PTA) for electronic communications
- Federal Investigation Agency (FIA) Cyber Crime Wing under PECA 2016
- Provincial consumer protection authorities
