Privacy Policy

Privacy Policy

Privacy Policy

Our Privacy Policy

Gaus, Inc. DBA Astor

Last Updated: February 2026

1. Introduction

Gaus, Inc., operating as Astor ("Company," "we," "us," or "our"), is committed to protecting your privacy. This Website Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and related online services (collectively, the "Services").

This policy applies to information collected through our website (www.astor.app), mobile applications, chatbots, and other digital platforms operated by Astor. Please read this policy carefully to understand our practices regarding your personal information.

Effective Date: February 1, 2026

Company Information: Gaus, Inc. DBA Astor is an SEC-registered investment adviser (CRD #338424) offering non-discretionary, AI-powered investment advisory services. Our AI-powered platform provides investment recommendations and chatbot assistance to help you make informed financial decisions.

2. Information We Collect

2a. Information You Provide Directly

We collect information that you voluntarily provide to us when using our Services:

  • Identity Information: Full name, date of birth, Social Security Number (for account opening and regulatory compliance)

  • Contact Information: Email address, phone number, mailing address

  • Account Credentials: Username, password, security questions, and authentication factors

  • Financial Information: Annual income, total assets under management, investment goals, risk tolerance, investment preferences, and trading activity obtained through our suitability questionnaire and account setup process

  • Communication Data: Messages, emails, and communications you send to us via our chatbot, support channels, or contact forms

  • Uploaded Documents: Account statements, tax documents, or other financial documents you voluntarily upload

2b. Information Collected Automatically

When you access or use our Services, we automatically collect certain technical information:

  • Device Information: Device type, operating system, device identifier, and device settings

  • Browser Information: Browser type, browser version, and browser language settings

  • Network Information: IP address, Internet Service Provider (ISP), referring/exit pages, and URLs visited

  • Usage Data: Pages or sections accessed, time spent on each page, links clicked, search queries, interaction patterns, and clickstream data

  • Location Information: General geographic location derived from IP address (city, state, country level)

  • Cookies and Similar Technologies: Data collected through cookies, web beacons, pixels, and similar tracking mechanisms (see Section 5)

  • Log Files: Server logs containing access times, pages viewed, and error messages

2c. Information from Third Parties

We may receive information about you from third-party sources to enhance our Services and verify your identity:

  • Account Aggregation Services: Financial account data from aggregation providers to display your portfolio and account information

  • Identity Verification Services: Verification of identity information and address validation from third-party identity verification providers

  • Financial Data Providers: Credit bureaus or financial information aggregators used for suitability assessment and account eligibility verification

  • Service Providers: Information from custodians, brokerage partners, and payment processors necessary to execute transactions

  • Publicly Available Sources: Information from public records or other publicly available sources to verify information you provide

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: Establishing and maintaining your account, delivering our AI-powered investment advisory recommendations, and providing chatbot assistance

  • Account Management: Processing account registrations, verifying your identity, managing your account preferences, and processing account closures

  • Suitability Assessment: Conducting suitability analysis to ensure investment recommendations align with your financial situation, investment objectives, and risk tolerance

  • Investment Recommendations: Generating AI-powered investment recommendations, portfolio analytics, and financial guidance based on your profile and market conditions

  • Communications: Sending you service-related announcements, account notifications, transaction confirmations, password resets, and other operational communications

  • Marketing Communications: Sending marketing emails, newsletters, product updates, and promotional materials (only if you have opted in)

  • Service Improvement: Analyzing usage patterns, user behavior, and platform performance to improve and personalize our Services

  • Regulatory Compliance: Maintaining books and records required by SEC Rule 204-2, responding to regulatory inquiries and examinations, complying with anti-money laundering (AML) and Know Your Customer (KYC) requirements

  • Fraud Prevention: Detecting, investigating, and preventing fraudulent transactions, unauthorized access, and other security violations

  • Legal Obligations: Complying with applicable laws, regulations, court orders, and government requests

  • Enforce Terms: Enforcing our Terms of Service and other agreements, and protecting our legal rights and interests

  • Aggregate Analytics: Creating anonymized, aggregated data for research, analytics, and business intelligence purposes

4. How We Share Your Information

We may share your information with third parties in limited circumstances:

Service Providers

We share your information with third-party service providers who perform services on our behalf and are contractually obligated to maintain the confidentiality and security of your information. These providers include cloud hosting and infrastructure providers, email delivery and communication platforms, analytics providers (e.g., Google Analytics), payment processors and financial transaction providers, and customer support and ticketing platforms.

Financial Partners and Custodians

To execute your investment transactions and manage your accounts, we share necessary information with custodians and brokerage partners who hold and execute trades for your accounts, account aggregation services to retrieve your financial data, and payment processors and banks to facilitate deposits and withdrawals.

Legal and Regulatory Compliance

We may disclose your information when required by law or when we believe in good faith that such disclosure is necessary to comply with applicable laws, regulations, and legal processes; respond to subpoenas, court orders, or government requests; cooperate with regulatory authorities including SEC examinations and inquiries; enforce our Terms of Service and other agreements; and protect against fraud and security threats.

Business Transfers

If we are involved in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction, your information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.

With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, including when you authorize integration with other financial platforms or services.

Data Sales and Advertising

We do NOT sell your personal information to third parties for their marketing or commercial purposes. We do NOT share your financial transaction data with third parties for advertising or any purpose other than providing our Services. For information about limited sharing of nonpublic personal information as permitted by law (including for everyday business purposes, marketing, and joint marketing), please refer to our Regulation S-P Privacy Policy, which provides detailed information about our sharing practices and your right to opt out of certain types of sharing.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and understand how you interact with our Services.

Essential Cookies

These cookies are necessary for the functioning of our Services and include session cookies that maintain your login status and authentication, security cookies that protect against unauthorized access, and preference cookies that remember your language and display settings.

Analytics and Performance Cookies

These cookies help us understand how you use our Services, which pages are most popular, and how to improve user experience. We may use Google Analytics and similar analytics tools that collect data about your visits to our website, including pages visited and time spent on each page, referring website and navigation patterns, browser type and operating system, and general geographic location (country/region level).

Marketing Cookies

Third-party advertising networks may place cookies on our website to deliver targeted advertising based on your interests. You can adjust your preferences for marketing cookies.

How to Manage Cookies

You can control cookie preferences through:

  • Browser settings: Most web browsers allow you to refuse cookies or alert you when cookies are being sent. Refer to your browser's help documentation for instructions.

  • Cookie consent tools: We provide cookie preference controls on our website to manage which types of cookies you accept.

  • Opt-out programs: Visit http://optout.aboutads.info or https://www.youradchoices.com for industry opt-out options.

Please note that disabling certain cookies may limit your ability to use certain features of our Services.

Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Currently, there is no industry standard for recognizing DNT signals. Our website does not currently respond to DNT browser signals, though we provide you with choices regarding the collection and use of your information through the cookie management tools described above.

6. Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, and destruction.

Security Measures

  • Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL (Transport Layer Security). Sensitive data at rest is encrypted using AES-256 encryption.

  • Access Controls: We implement role-based access controls and limit employee access to personal information on a need-to-know basis.

  • Authentication: Multi-factor authentication and strong password requirements protect your account.

  • Firewalls and Intrusion Detection: Industry-standard firewalls and intrusion detection systems monitor for unauthorized access attempts.

  • Regular Security Assessments: We conduct regular security audits, vulnerability assessments, and penetration testing.

  • Data Integrity: We employ database integrity controls and checksums to ensure data accuracy.

  • Incident Response: We maintain incident response procedures to address any potential security breaches.

However, no method of transmission over the Internet or method of electronic storage is completely secure. While we use industry-standard security measures, we cannot guarantee absolute security of your information. You acknowledge and accept this inherent limitation.

7. Data Retention

We retain your personal information for as long as necessary to provide our Services and to comply with applicable legal and regulatory requirements.

Retention Periods

  • Account Data: While your account is active and for a reasonable period thereafter to comply with legal obligations and wind down your account.

  • SEC Records: Certain records, including books and records as required by SEC Rule 204-2, are retained for at least five (5) years from the date of creation or receipt.

  • Communications: Email and correspondence records may be retained for regulatory compliance and dispute resolution purposes.

  • Transaction Records: Trading activity, order records, and account statements are retained in accordance with SEC Rules 204-2 and 206(4)-2.

  • Compliance Records: Records related to KYC (Know Your Customer), AML (Anti-Money Laundering), and regulatory compliance are retained as required by law.

  • Aggregated Data: Anonymized and aggregated data that cannot identify you may be retained indefinitely for analytics and business purposes.

When personal information is no longer needed, we securely delete or anonymize it, except where applicable law requires us to retain records.

8. Your Rights and Choices

Rights Available to All Users

Regardless of where you live, you have the right to:

  • Access: Request access to the personal information we hold about you.

  • Correction: Request that we update, correct, or amend inaccurate or incomplete information.

  • Deletion: Request deletion of your personal information, subject to certain legal and regulatory requirements.

  • Opt-Out of Marketing: Unsubscribe from marketing emails and communications by clicking the "Unsubscribe" link in any marketing email or adjusting your account preferences.

  • Data Portability: Request a copy of your personal information in a portable, machine-readable format.

  • Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, please contact us using the information provided in Section 13.

California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with the following rights:

  • Right to Know: You have the right to request what personal information we collect, use, share, and sell about you.

  • Right to Delete: You have the right to request deletion of personal information we have collected from you.

  • Right to Correct: You have the right to request that we correct inaccurate personal information.

  • Right to Opt-Out: You have the right to opt out of the sale or sharing of your personal information (we do not sell or share your information).

  • Right to Limit Use: You can limit our use of sensitive personal information.

  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.

  • Authorized Agent: You may designate an authorized agent to submit requests on your behalf.

To submit a CCPA/CPRA request, please contact us at support@astor.app or use the online form on our website. We will verify your identity and respond within 45 days.

Other State Privacy Laws

Residents of other states may have privacy rights under their respective state laws, including:

  • Virginia: Virginia Consumer Data Protection Act (VCDPA)

  • Colorado: Colorado Privacy Act (CPA)

  • Connecticut: Connecticut Data Privacy Act (CTDPA)

  • Utah: Utah Consumer Privacy Act (UCPA)

  • Montana: Montana Consumer Data Privacy Act (MCDPA)

If you are a resident of any of these states, you may have similar rights as described above. Please contact us if you wish to exercise any of these rights.

9. Children's Privacy

Our Services are intended for users aged 18 years and older. We do not knowingly collect personal information from anyone under 18 years of age. If we become aware that we have collected personal information from a minor without parental consent, we will take steps to delete such information and terminate the minor's account.

Parents or guardians who believe we have collected information about a child should contact us immediately at support@astor.app.

10. International Users

Our Services are intended for residents of the United States. We primarily serve U.S. residents and our facilities are located in the United States. If you access our Services from outside the United States, you acknowledge that your personal information will be transferred to, stored in, and processed in the United States.

The United States may not have the same level of data protection as your country of residence. By using our Services, you consent to the transfer of your information to the United States and the application of United States law.

11. Links to Third-Party Services

Our website may contain links to third-party websites, applications, and services that are not operated by us. This Privacy Policy applies only to our Services and does not cover the privacy practices of third-party websites or services.

We are not responsible for the privacy practices, content, or security of third-party services. We recommend reviewing the privacy policies of any third-party services before providing your personal information. Your use of third-party services is subject to their terms and privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. We will notify you of material changes by posting the updated policy on our website with an updated "Last Updated" date, sending you an email notification of significant changes, and requesting your explicit consent if required by law.

Your continued use of our Services following any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to periodically review this policy to stay informed about how we protect your information.

13. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our privacy practices, please contact us:

Email: support@astor.app
Mailing Address: Gaus, Inc. DBA Astor, 35 Mirabel Ave Unit A, San Francisco, CA 94110
Phone: (650) 661-9880
CRD Number: 338424
Website: www.astor.app

We will respond to your inquiries within thirty (30) days.

14. Regulatory Privacy Notice

Important Note: This Website Privacy Policy is supplemental to and does not replace the firm's Regulation S-P Privacy Policy. If you are a client or prospect of Astor advisory services, you will also receive a separate Regulation S-P Privacy Notice. That notice describes our privacy practices for nonpublic personal information ("NPI") collected in the course of providing or offering to provide investment advisory services, including but not limited to your Social Security Number, date of birth, banking information, financial account numbers and balances, sources of income, and credit card numbers.

The Regulation S-P Privacy Policy complies with SEC Regulation S-P requirements and contains important information about our information sharing practices (including sharing for everyday business purposes, marketing, joint marketing, and with affiliates), your right to limit certain types of sharing by opting out, and how we protect the confidentiality of current and former client information using security measures that comply with federal law.

In the event of any conflict between this Website Privacy Policy and the Regulation S-P Privacy Policy, the Regulation S-P Privacy Policy shall govern with respect to nonpublic personal information related to investment advisory services.

This document is confidential and for informational purposes only. If you have any questions regarding our privacy practices, please contact us at support@astor.app.

© 2026 Gaus, Inc. DBA Astor. All rights reserved.

Blurred background of nature

Clarity Compounds.

 Download now

Blurred background of nature

Clarity Compounds.

 Download now

Blurred background of nature

Clarity Compounds.

 Download now

2026 Gaus, Inc. DBA Astor. Gaus, Inc. is an SEC-registered investment adviser. Registration with the U.S. Securities and Exchange Commission does not imply a certain level of skill or training. Investment advisory services are provided by Gaus, Inc. DBA Astor pursuant to a written investment advisory agreement with each client. Astor provides non-discretionary investment advisory services only. All investments involve risk, including possible loss of principal, and past performance does not guarantee future results.


Information provided through Astor’s website and platform is for informational purposes and should not be construed as a recommendation, offer, or solicitation to buy or sell any security, except as provided through Astor’s advisory services. Astor does not provide legal or tax advice. Clients should consult their own legal, tax, or financial advisors before making investment decisions. Advisory services are offered only to clients in jurisdictions where Astor is registered or exempt from registration. For additional disclosures and important information, please visit https://www.astor.app/legal.

Company

About

Contact

Product

Pricing

Legal

Socials

TikTok

Instagram

LinkedIn

2026 Gaus, Inc. DBA Astor. Gaus, Inc. is an SEC-registered investment adviser. Registration with the U.S. Securities and Exchange Commission does not imply a certain level of skill or training. Investment advisory services are provided by Gaus, Inc. DBA Astor pursuant to a written investment advisory agreement with each client. Astor provides non-discretionary investment advisory services only. All investments involve risk, including possible loss of principal, and past performance does not guarantee future results.


Information provided through Astor’s website and platform is for informational purposes and should not be construed as a recommendation, offer, or solicitation to buy or sell any security, except as provided through Astor’s advisory services. Astor does not provide legal or tax advice. Clients should consult their own legal, tax, or financial advisors before making investment decisions. Advisory services are offered only to clients in jurisdictions where Astor is registered or exempt from registration. For additional disclosures and important information, please visit https://www.astor.app/legal.

Company

About

Contact

Product

Pricing

Legal

Socials

TikTok

Instagram

LinkedIn

2026 Gaus, Inc. DBA Astor. Gaus, Inc. is an SEC-registered investment adviser. Registration with the U.S. Securities and Exchange Commission does not imply a certain level of skill or training. Investment advisory services are provided by Gaus, Inc. DBA Astor pursuant to a written investment advisory agreement with each client. Astor provides non-discretionary investment advisory services only. All investments involve risk, including possible loss of principal, and past performance does not guarantee future results.


Information provided through Astor’s website and platform is for informational purposes and should not be construed as a recommendation, offer, or solicitation to buy or sell any security, except as provided through Astor’s advisory services. Astor does not provide legal or tax advice. Clients should consult their own legal, tax, or financial advisors before making investment decisions. Advisory services are offered only to clients in jurisdictions where Astor is registered or exempt from registration. For additional disclosures and important information, please visit https://www.astor.app/legal.

Company

About

Contact

Product

Pricing

Legal

Socials

TikTok

Instagram

LinkedIn