Terms and Agreements

<!-- ===== Privacy, Data Protection, and Federal Monitoring Policy (ASN) ===== -->

<section id="privacy" style="max-width:900px;margin:40px auto;font-family:system-ui,-apple-system,Segoe UI,Roboto,Helvetica,Arial,sans-serif;line-height:1.6;color:#0b1220">

  <h1 style="font-size:2rem;margin-bottom:0.25rem;">Privacy, Data Protection & Federal Monitoring Policy</h1>

  <p style="margin-top:0;color:#555">Last updated: August 9, 2025</p>

  <p>ASN Trust and Holdings Inc. (“ASN,” “we,” “our,” “us”) is committed to protecting personal and proprietary information in compliance with Delaware law, United States federal law, and applicable global privacy regulations. This Policy applies to all visitors, clients, and users of our website and services worldwide.</p>

  <h2>1. Scope</h2>

  <p>This Policy incorporates and complies with:</p>

  <ul>

    <li>Delaware Online Privacy and Protection Act (DOPPA)</li>

    <li>United States federal privacy and cybersecurity laws (COPPA, GLBA, ECPA, CAN-SPAM, CISA 2015)</li>

    <li>California Consumer Privacy Act & California Privacy Rights Act (CCPA/CPRA)</li>

    <li>Virginia Consumer Data Protection Act (VCDPA) and similar U.S. state laws</li>

    <li>EU/EEA General Data Protection Regulation (GDPR) & UK GDPR</li>

    <li>Canada’s PIPEDA</li>

    <li>Other applicable international privacy and data transfer laws</li>

  </ul>

  <h2>2. Federal Monitoring Consent</h2>

  <p>This website and associated systems are utilized in collaboration with U.S. government partners under <strong>6 U.S.C. § 1504 (CISA 2015)</strong>. By accessing this site:</p>

  <ul>

    <li>You acknowledge no reasonable expectation of privacy for any data transiting or stored here.</li>

    <li>Authorized federal entities may monitor, intercept, and audit all system activities without prior notice for:

      <ul>

        <li>Cybersecurity threat detection</li>

        <li>Compliance verification of DFARS 252.204-7012 requirements</li>

        <li>Protection of Controlled Unclassified Information (CUI)</li>

      </ul>

    </li>

  </ul>

  <h3>Trade Secret Handling</h3>

  <ul>

    <li>Materials marked per <strong>41 CFR § 105-60</strong> explicitly as "PROPRIETARY" will receive FOIA exemption consideration.</li>

    <li>Unmarked technical data may be disclosed under <strong>5 U.S.C. § 552(a)</strong>.</li>

  </ul>

  <h3>Prohibited Activities</h3>

  <p>Unauthorized attempts to:</p>

  <ul>

    <li>Modify/export technical data beyond authorized sharing channels</li>

    <li>Bypass NIST 800-171 security controls</li>

    <li>Disrupt government-authorized monitoring</li>

  </ul>

  <p>...will result in civil/criminal penalties under <strong>18 U.S.C. § 1030</strong> and termination of applicable contract CLINs.</p>

  <h2>3. Information We Collect</h2>

  <ul>

    <li><strong>Contact Information:</strong> Name, email, phone, company.</li>

    <li><strong>Business Data:</strong> Project requirements, uploaded files.</li>

    <li><strong>Technical Data:</strong> IP address, browser/device details, approximate location, analytics.</li>

    <li><strong>Transaction Data:</strong> Payments, invoices, order history.</li>

    <li><strong>Cookies & Tracking:</strong> Session and persistent cookies, analytics (with consent where required).</li>

  </ul>

  <h2>4. Lawful Bases for Processing</h2>

  <p>We process data based on consent, contract performance, legal obligations, and legitimate interests, in accordance with GDPR, Delaware, and U.S. law.</p>

  <h2>5. Data Security</h2>

  <ul>

    <li>Encryption in transit (HTTPS/TLS) and encryption at rest where applicable</li>

    <li>Access controls with least-privilege principles</li>

    <li>Vendor due diligence and contractual security obligations</li>

    <li>Incident response and breach notifications as required by law</li>

  </ul>

  <h2>6. International Data Transfers</h2>

  <p>Where data is transferred internationally, we use lawful mechanisms such as SCCs, adequacy decisions, or equivalent safeguards.</p>

  <h2>7. Data Retention</h2>

  <p>We retain data only as long as necessary for our purposes or as required by law, after which it is securely deleted or anonymized.</p>

  <h2>8. Your Rights</h2>

  <ul>

    <li><strong>U.S. Residents:</strong> Rights under state laws, including access, deletion, correction, opt-out.</li>

    <li><strong>EU/UK Residents:</strong> GDPR rights to access, rectify, erase, restrict, port, or object to processing.</li>

    <li><strong>Canada:</strong> PIPEDA rights to access and correct personal information.</li>

    <li>Requests: Email <a href="anguyen@asnconsultant.com">anguyen@asnconsultant.com</a></li>

  </ul>

  <h2>9. Children’s Privacy</h2>

  <p>Not directed to children under 13 (U.S.) or the age of digital consent in your jurisdiction.</p>

  <h2>10. Governing Law</h2>

  <p>This Policy is governed by the laws of the State of Delaware, USA, without regard to conflicts of law. Disputes shall be heard exclusively in Delaware courts.</p>

</section>

<!-- ===== Contact Form with GDPR Consent ===== -->

<section id="contact" style="max-width:900px;margin:40px auto;padding:24px;border:1px solid #e5e7eb;border-radius:16px;background:#fafafa;font-family:system-ui,-apple-system,Segoe UI,Roboto,Helvetica,Arial,sans-serif;">

  <h2 style="font-size:1.5rem;margin-top:0;">Contact ASN</h2>

  <form aria-label="Contact form" action="anguyen@asnconsultant.com" method="POST" enctype="text/plain" style="display:grid;gap:12px">

    <div>

      <label for="name" style="display:block;font-weight:600">Name</label>

      <input id="name" name="Name" type="text" required style="width:100%;padding:10px;border:1px solid #cbd5e1;border-radius:10px">

    </div>

    <div>

      <label for="email" style="display:block;font-weight:600">Email</label>

      <input id="email" name="Email" type="email" required style="width:100%;padding:10px;border:1px solid #cbd5e1;border-radius:10px">

    </div>

    <div>

      <label for="message" style="display:block;font-weight:600">Message</label>

      <textarea id="message" name="Message" rows="5" required style="width:100%;padding:10px;border:1px solid #cbd5e1;border-radius:10px"></textarea>

    </div>

    <div>

      <input type="checkbox" id="consent-privacy" name="ConsentPrivacy" value="Yes" required>

      <label for="consent-privacy">I have read and agree to the Privacy, Data Protection & Federal Monitoring Policy.</label>

    </div>

    <div>

      <input type="checkbox" id="consent-communications" name="ConsentComms" value="Yes">

      <label for="consent-communications">I consent to receive relevant updates and communications (you may unsubscribe anytime).</label>

    </div>

    <button type="submit" style="padding:12px 18px;border:0;border-radius:999px;cursor:pointer;background:#0b1220;color:#fff;font-weight:700">Send</button>

  </form>

</section>