Privacy Policy

Last updated: April 2026

1. Who We Are

ASDA (Autonomous Salesforce Delivery Agent) is a product of Keneland. This Privacy Policy explains how we collect, use, and protect information when you use our platform at tryasda.com.

2. Information We Collect

We collect information you provide directly to us, including:

  • Account registration details (name, email address, organisation name, job title)
  • Early access application data (team size, Salesforce clouds, project readiness, delivery pain points)
  • OAuth credentials and tokens for third-party integrations (Salesforce, GitHub, Jira, Google Drive)
  • Content you submit, such as project descriptions, deliverables, and configuration settings
  • Usage data, such as actions performed within the platform and LLM token consumption

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the ASDA platform
  • Authenticate you and manage your account
  • Score and process early access applications
  • Enable integrations with third-party services you authorise (e.g. Salesforce, GitHub, Jira, Google Drive)
  • Route AI agent tasks to the appropriate large language models on your behalf
  • Send you service-related communications
  • Comply with legal obligations

4. Third-Party Integrations

When you connect a third-party service (such as Salesforce or GitHub), we store OAuth tokens on your behalf to maintain the connection. We only request the scopes necessary to provide the features you use. Tokens are encrypted at rest using AES-256-GCM encryption. You can disconnect any integration at any time from the Settings page.

5. AI and Large Language Models

ASDA uses large language models (LLMs) from providers such as Anthropic, OpenAI, and Google to power its AI agent capabilities. Your project data (requirements, code, deliverables) may be sent to these providers as part of generating outputs. We do not use your data to train models. Each tenant's data is isolated and never shared across workspaces.

6. Data Retention

We retain your data for as long as your account is active or as necessary to provide our services. Early access application data is retained to manage the waitlist and onboarding pipeline. You may request deletion of your account and associated data by contacting us at the address below.

7. Security

We implement appropriate technical and organisational measures to protect your information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • AES-256-GCM encryption for secrets at rest (API keys, OAuth tokens, credentials)
  • TLS encryption for all data in transit
  • Tenant workspace isolation with row-level security
  • Short-lived authentication tokens (4-hour session expiry)
  • Role-based access controls for administrative functions

8. Cookies

We use essential cookies to maintain your session and authentication state. For details on the cookies we use, please see our Cookie Policy.

9. Your Rights

Depending on your location, you may have rights to access, correct, or delete your personal data, restrict or object to processing, and data portability. To exercise these rights, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related enquiries, please contact us at privacy@tryasda.com or visit keneland.com.