Axonius Privacy Policy

Our commitment to your privacy.

Last Updated: November 20, 2020


Axonius, Inc. (“us”, “we”, or “our”) operates the https://www.axonius.com website (the “Website”) and the Axonius platform (the “Service”). We prepared this Privacy Policy to describe the manner in which we collect, use, share and store personal information in compliance with applicable laws, including the General Data Protection Regulation (EU) (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Website or Service and the choices you have associated with that data.

By using the Website or Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from https://www.axonius.com

1. Definitions

  • Website – The Website is the https://www.axonius.com website operated by Axonius, Inc.
  • Service – The Service is the Axonius asset management platform offered as a product by Axonius, Inc.
  • Personal Data – Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
  • Usage Data – Usage Data is data collected automatically either generated by the use of the Website, Service, or from either’s infrastructure (for example, the duration of a page visit).
  • Cookies – Cookies are small pieces of data stored on your device (computer or mobile device).
  • Data Controller (or Business) – Data Controller (or Business) means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data for our Website.
  • Data Processors (or Service Providers) – Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. For the Purpose of this Privacy Policy, we are Data Processors with regards to our Service. In addition, we may use the services of various Service Providers in order to process data more effectively.
  • Data Subject (or User, Consumer) –Data Subject is any living individual who is the subject of Personal Data.

2. Website Privacy Policy

A. Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Website.

Types of Data Collected

Personal Data

While using our Website, we may ask you to provide us with certain personal information that can be used to contact or identify you (“Personal Data”). Personal Data may include, but is not limited to:

  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Cookie Data, and
  • Usage Data

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.

Usage Data

We collect information on how the Website is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Website that you visit, the time and date of your visit, your location, the time spent on those pages, unique device identifiers and other diagnostic data.

Use of Job Application Data

If you apply for a job at Axonius, you may provide us with certain personal information about yourself, such as information contained in a resume and/or CV, cover letter, or similar employment-related materials. We may also collect personal information from third-party social networking websites including but not limited to, your LinkedIn profile, blog, website or similar portfolio. We also may use third-party job sites and recruiters. We may use this information when considering and responding to your application and assessing your suitability for current and future career opportunities. If you qualify under the CCPA or the GDPR, please contact privacy@axonius.com if you wish to have your data erased or have any questions.

Cookie & Other Tracking Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. For information on how we use cookies and other tracking technology, please review our Cookie Policy.

  • Google Analytics – Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visit activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

Use of Personal Data

Axonius, Inc. uses the collected data for various purposes:

  • To provide and maintain our Website
  • To notify you about changes to our Website
  • To allow you to participate in interactive features of our Website when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Website
  • To monitor the usage of our Website
  • To detect, prevent and address technical issues
  • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information

B. Transfer of Data

Your Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Axonius, Inc. will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

C. Disclosure of Data

Disclosure for Law Enforcement

Under certain circumstances, Axonius, Inc. may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

Axonius, Inc. may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Axonius, Inc.
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

In the event of a corporate transaction

Axonius, Inc. may disclosure your Personal Data to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets, provided that we inform such third parties that they must use your Personal Data only for the purposes disclosed in this Website Privacy Policy;

D. Retention of Data

Axonius, Inc. will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Axonius, Inc. will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

E. Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

F. Notice to Individuals in California

This section only applies to individuals who are residents of California under the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws (together “California Laws”).

“Do Not Track” Signals

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

Marketing

California residents have the right to request in writing, (i) a list of the categories of Personal Data, such as name, address, e–mail address, and the type of services provided to the customer, that a business has disclosed to third parties (including Independent Affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes, and (ii) the names and addresses of all such third parties.

Privacy Rights

We collect Personal Data through our Website as set forth above, which are categorized under the CCPA as follows:

  • Identifiers
  • Commercial Information
  • Electronic Data
  • Inferred Data

If you are a California resident, you have a number of rights.

  • Disclosure Rights: California residents have the right to request that we disclose to them (i) the categories of Personal Data we have collected about them, (ii) the categories of sources from which Personal Data is collected, (iii) the business or commercial purpose for the information collection, (iv) the categories of third parties with whom we have shared personal information, and (v) the specific pieces of Personal Data we hold about an individual.
  • Deletion Rights: Californian consumers have the right to have their Personal Data deleted, unless the Personal Data is necessary for us or our service provider to:
    • complete a transaction for which the Personal Data was collected, provide a good or service requested by the consumer or otherwise perform a contract between the business and the consumer;
    • detect security incidents;
    • protect against malicious, deceptive, fraudulent or illegal activity (or prosecute those responsible);
    • debug to identify and repair functionality errors;
    • exercise or ensure the right of another to exercise free speech or another legal right;
    • comply with the California Electronic Communications Privacy Act, which compels the production of or access to electronic communication information or electronic device information with a search warrant;
    • engage in research in the public interest (if the consumer has provided informed consent);
    • to enable solely internal uses aligned with the consumer’s expectations given their relationship with the business;
    • comply with a legal obligation;
    • otherwise use the information internally in a lawful manner compatible with the context in which the consumer provided it.
  • Do Not Sell: Californian consumers have the right to opt-out of having their Personal Data sold. We do not sell Personal Data, but we do engage in data sharing with our digital marketing and targeted marketing service providers.

Please visit the Axonius Data Subject Access Request page to effectuate your privacy rights. We will handle the request under California Law. When a request is made, we may verify your identity to protect your privacy and security. We will respond to written rights requests within 45 days following receipt at the e–mail or mailing address stated above. If reasonably necessary, we may extend our response time by an additional 45 days. Please note that we are only required to respond to each customer twice per calendar year. For further questions on how we use your data, please visit our Privacy Policy, Cookie Policy, or email us at privacy@axonius.com

G. Notice to Individuals Located in the EEA

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are visiting our Website from the European Economic Area (EEA), Axonius, Inc’s. legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

Axonius, Inc. may process your Personal Data because:

  • We need to perform a contract with you
  • You have given us permission to do so (provided your consent)
  • It is our legitimate interests and it’s not overridden by your rights
  • To comply with the law

Your Data Protection Rights Under the GDPR

If you are a resident of the EEA, you have certain data protection rights. In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Axonius, Inc. relied on your consent to process your personal information. Your withdrawal will not affect the lawfulness of our processing based on consent before your withdrawal.

Please visit the Axonius Data Subject Access Request page to effectuate your privacy rights. Please note that we may ask you to verify your identity before responding to such requests. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. For further questions on how we use your data, please visit our Privacy Policy, Cookie Policy, or email us at privacy@axonius.com

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

H. Service Providers

We may employ third party companies and individuals to facilitate our Website (“Service Providers”, “Processors”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

I. Links to Other Sites

Our Website may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

J. Children’s Privacy

Our Website does not address anyone under the age of 18 (“Children”).

We do not knowingly collect Personal Data from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

3. Services Privacy Policy

Axonius, Inc. only processes the Personal Data that is stored in our Services as a data processor (also known as a service provider) on behalf of our customers and in accordance with their instructions (as defined in our customer agreements), and we have no direct relationship with the individuals whose Personal Data we may process in connection with our customers’ use of our Services. This section does not apply to our Customers, whose Personal Data we may process according to the applicable Services Agreement.

A. Personal Data We Process

Axonius, Inc. processes certain Personal Data input or uploaded into our Services by our customers’ employees and contractors, including contact information and communications.

Axonius, Inc. will use such Personal Data only as necessary to provide and deliver the Services to the customer, to prevent or address any service or technical issues, to respond to a customer’s support request, or for any other purpose provided for in the customer agreement, or in accordance with or as may be required by law.

How Axonius, Inc. Uses Your Personal Data

Axonius, Inc. may access or use the Personal Data collected through the Services for a range of reasons, which may include:

  • To provide, operate, optimize and maintain the Services;
  • To address customer questions and support requests;
  • To manage Axonius’s platform, system administration and security;
  • To compile aggregated statistics about the operation and use of the Services and to better understand the preferences of our customers;
  • To send customers technical alerts, reports, updates, security notifications and other Service-related communications;
  • To carry out research and development to improve our products and services;
  • To investigate and prevent fraud, unauthorized access or use of Services, breaches of terms and policies, and other wrongful behavior;
  • To carry out other legitimate business purposes, as well as other lawful purposes.

Transfer of Data

Your Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Axonius, Inc. will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

B. Disclosure of Personal Data

We do not sell or otherwise disclose Personal Data we process in our Services, except as described in this Services Privacy Policy or as we disclose to our customer at the time this information is collected. As described in more detail below, we may share Personal Data from our Services:

  • with third-party data subprocessors. We authorize these subprocessors to use the information only as necessary to assist Axonius, Inc. in providing the Services (for example, to provide cloud storage services, support ticketing, or to help to enhance security). We require these subprocessors by contract to safeguard the privacy and security of any Personal Data that they process on our behalf;
  • to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect our customer’s vital interests or those of any other person;
  • to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets, provided that we inform such third parties that they must use your Personal Data only for the purposes disclosed in this Services Privacy Policy; and
  • to any other person with consent to the disclosure.

C. Retention

We retain Personal Data we process where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

Any Personal Data we process on behalf of our customers is retained in accordance with the timeframes set out in the relevant customer agreements.

D. Security

We care about the security of our Services, and take appropriate steps including technical and organizational measures to ensure that Personal Data is treated securely and in accordance with this Services Privacy Policy. The measures we use are designed to provide a level of security appropriate to the risk of processing, and to protect it loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Such measures shall include , as appropriate:

  • the pseudonymization and encryption of Personal Data;
  • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  • the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident;
  • a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

E. Notice to Individuals in California

If you are a California resident, you have a number of privacy rights.

  • Disclosure Rights: California residents have the right to request that we disclose to them (i) the categories of Personal Data we have collected about them, (ii) the categories of sources from which Personal Data is collected, (iii) the business or commercial purpose for the information collection, (iv) the categories of third parties with whom we have shared personal information, and (v) the specific pieces of Personal Data we hold about an individual.
  • Deletion Rights: Californian consumers have the right to have their Personal Data deleted, unless the Personal Data is necessary for us or our service provider to:
    • complete a transaction for which the Personal Data was collected, provide a good or service requested by the consumer or otherwise perform a contract between the business and the consumer;
    • detect security incidents;
    • protect against malicious, deceptive, fraudulent or illegal activity (or prosecute those responsible);
    • debug to identify and repair functionality errors;
    • exercise or ensure the right of another to exercise free speech or another legal right;
    • comply with the California Electronic Communications Privacy Act, which compels the production of or access to electronic communication information or electronic device information with a search warrant;
    • engage in research in the public interest (if the consumer has provided informed consent);
    • to enable solely internal uses aligned with the consumer’s expectations given their relationship with the business;
    • comply with a legal obligation;
    • otherwise use the information internally in a lawful manner compatible with the context in which the consumer provided it.
  • Do Not Sell: Californian consumers have the right to opt-out of having their Personal Data sold. We do not sell or otherwise disclose Personal Data we process in our Services.

Please note that you should direct any requests related to the privacy rights described above to the Axonius customer who holds the relevant Axonius account. As a data processor of any Personal Data stored and processed on the Services, Axonius, Inc. will not be able to respond directly to such requests and will refer any such requests to the relevant customer.

F. Notice to Individuals in the EEA

Your Data Protection Rights Under the GDPR

If you are a resident of the EEA, you have certain data protection rights. In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Axonius, Inc. relied on your consent to process your personal information. Your withdrawal will not affect the lawfulness of our processing based on consent before your withdrawal.

Please note that you should direct any requests related to the data protection rights described above to the Axonius customer who holds the relevant Axonius account. As a data processor of any Personal Data stored and processed on the Services, Axonius, Inc. will not be able to respond directly to such requests and will refer any such requests to the relevant Customer.

3. Changes to this privacy policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

4. Contact us

If you have any questions about this Privacy Policy, please contact us: