Skip to content
    Search
    Request A Free Trial
    Request A Demo

    Axonius Global Privacy Policy

    Effective October 16, 2023

    This Privacy Policy describes Axonius, Inc. and its affiliated companies (collectively, “Axonius”, “we”, “our” or “us”) privacy practices regarding: 

     

    Personal Data 

    When we use the term Personal Data or Personal Information, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable individual or, where applicable, a household (“Data Subject”). 

    If you are a job candidate or applicant, please refer to our Global Job Candidate Privacy Notice

    Personal Data does not include aggregated or de-identified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual or household, nor data that solely relates to a non-human entity.

    The categories of Personal Information listed below have been collected, processed and disclosed within the last 12 months.

     

    Data Collection

    We collect Personal Data directly from a Data Subject (such as when a Data Subject submits a form via our website), indirectly from a Data Subject (such as when a Data Subject interacts with our website), or via third parties or sources (such as our customers, vendors, or channel partners). We may combine the Personal Data that the Data Subject provides us with Personal Data provided via third parties and sources.

    The provision of Personal Data is voluntary. We suggest that individuals avoid interacting with us if they do not wish to provide Personal Data.

    We do not knowingly collect sensitive data, special categories of Personal Data, protected classification characteristics under applicable laws, or Personal Data from children under the age of 16 and do not wish to do so. We will make our best efforts to prohibit and block such use and, in case of unwilling collection, to promptly delete any of such Personal Data. 

     

    Data Uses 

    Data Subjects

    Personal Data

    (Business) Purposes of the processing

    Legal basis

    Guest, Prospect, Customer, Vendor and Partner Representative

    Personal Data collected in relation to our marketing initiatives and events, and specifically: 

    Contact Data, including full name, e-mail address, mobile phone number, address, job title (Identifiers).

    Business contact Data, including employer or company name, company department, company address, company website (Identifiers).

    Communication Data, including Personal Data contained in correspondence with us, as well as video call recordings (voice, image and screen sharing images), chats, surveys, feedbacks, and analyses thereof (Commercial Information and related Inferences; Audio, electronic, visual or similar information).

    Contact activity Data, including event attendance, history of interactions with us (Commercial Information).

    To contact with general or personalized product-related messages (as new features, additional offerings, special opportunities), to answer/fulfill website form enquiries, to follow up on our conversations and improve our relationship in order to enter in a contract or renew a contract.

    Performance of contract or of steps prior to a contract; Legitimate interest; Consent where appropriate.

    To manage and deliver advertisements as well as promotional messages, including newsletters and blog updates, that may be of specific interest to the Data Subject, also on other websites and applications. This includes contextual, behavioral and interest-based advertising based on Data Subject's activity, preferences or other data available to us.

    Legitimate interest; Consent where appropriate.

    To facilitate and optimize our marketing campaigns, ad management and sales operations.

    Legitimate interest; Consent where appropriate.

    To facilitate, sponsor and offer certain events and webinars, contests and promotions.

    Legitimate interest; Consent where appropriate.

    Internal employee training.

    Consent. 

    To enforce our agreements, policies or Terms and Conditions, to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties.

    Legitimate interest. 

    To comply with our contractual and legal obligations and requirements.

    Performance of contract; Legitimate interest; Legal obligation.

    For any other additional marketing purpose that Data Subject consents to.

    Legitimate interest; Consent where appropriate.

    Website User

    Personal Data collected in relation to our website visits (www.axonius.com), and specifically:


    Website usage Data related to the manner in which the website user uses our website, including connectivity, technical and aggregated usage data, user agent, IP address, device identifiers (such as type, OS, device ID, browser version, locale and language settings used), approximate geolocation, page visited, time and date of the visit, communication and performance logs, session recordings, issues and bugs, and cookies and pixels installed or utilized on the User device (Internet or other network activity Information; Geolocation Data).

    To gain a better understanding of how website users use and interact with our website, and how we can improve their and other users’ experience, so we can continue improving our website. 

    Legitimate interest; Consent where appropriate.

    To manage and deliver advertisements as well as promotional messages, including newsletters, that may be of specific interest to the Data Subject, also on other websites and applications. This includes contextual, behavioral and interest-based advertising based on Data Subject’s activity, preferences or other data available to us.

    Legitimate interest; Consent where appropriate.

    To enforce our agreements, policies or Terms and Conditions, to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties, to help ensure the security and integrity of our website.

    Legitimate interest.

    For any other lawful purpose, or additional purpose that Data Subject consents to.

    Legal obligation; Consent where appropriate.

    Corporate Use: The use of our products within a third-party organization (e.g., the data subject’s employer) is managed and provided by that organization in accordance with its policies regarding the use and protection of personal information. Please refer to the organization's privacy policy and direct any questions to the organization's system administrator.

    If the Data Subject is located in a territory governed by privacy laws under which “Consent” is the only or most appropriate legal basis for the processing of Personal Data as described herein, the acceptance of this Privacy Policy will be deemed to constitute consent to the processing of Personal Data for all purposes detailed in this Privacy Policy.

     

    Data Location

    We, our service providers and contractors maintain, store and process Personal Data in the US, the UK, the EEA, and Israel as well as other locations as reasonably necessary for the purposes of processing listed above, or as may be required by law.

    While privacy laws may vary between jurisdictions, Axonius, its service providers and contractors are committed to handling the transfer of Personal Data in accordance with any appropriate lawful mechanisms and contractual terms, including (where appropriate) standard contractual clauses or similar mechanism adopted by the EU or the UK, to ensure an adequate level of protection.

     

    Data Retention

    We retain Personal Data for as long as we deem reasonably necessary to fulfill the purposes of processing listed above, taking into account the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure, and applicable legal and regulatory requirements. 

     

    Data Security

    We implement systems, applications, and procedures to safeguard Personal Data, to minimize the risks of theft, damage, loss, or unauthorized access or use of information. These measures provide robust, industry-standard security. To learn more about our cybersecurity program, please visit https://www.axonius.com/security.

     

    Data Disclosure

    In order to pursue the purposes of processing listed above, we may disclose Personal Data in the following ways:

    Axonius affiliated companies; Change of control: We may disclose Personal Data internally within our group. In addition, should Axonius or any of its affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, or will be considered or found eligible for a governmental grant and/or a potential investment, Personal Data may be shared with the parties involved in such an event. 

    Service providers and contractors: We may, upon the execution of a written contract, engage selected service providers, to perform services on our behalf, or contractors, to provide complementary services to our own and, limited to this purpose, grant them access to Personal Data as necessary. Such service providers and contractors may include hosting and server co-location services, communications and content delivery networks (CDNs), internet service providers, operating systems and platforms, data analytics services, marketing and advertising services, data and cybersecurity services, web analytics, e-mail and SMS distribution and monitoring services, session or activity recording services, remote access services, performance measurement services, data optimization services, social and advertising networks, content providers, support and customer relation management systems; and our business, legal, financial and compliance advisors. 

    Governmental or law enforcement authorities: We may disclose Personal Data to governmental or law enforcement authorities if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request; (b) to enforce our agreements, policies, and terms of service; (c) the disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (d) such disclosure is required to protect our legitimate business interests, including the security or integrity of our assets, personnel, and rights. 

    Additional disclosures: We may disclose Personal Data in additional manners, pursuant to the Data Subject request or consent, if we are legally obligated to do so, or if we have successfully anonymized such Personal Data.

     

    Selling and Sharing Practices

    We may share limited Personal Information related to our Website User for cross-context behavioral advertising purposes, as that term is defined in the California Consumer Privacy Act (“CCPA”). Specifically, our website hosts targeting cookies which may share Personal Information to third parties. To manage cookies preferences, please refer to the section Cookie and Data Collection Technology below.

    We do not sell Personal Information to third parties.

     

    Cookies and Data Collection Technologies

    Cookies: Axonius and our service providers use cookies and other technologies to make sure the Website User has the best experience on our website, to improve functionality and performance, ad personalization, and analyzing traffic. Website Users can manage their cookie preferences, including whether or not to accept cookies and how to remove them, through their browser settings or by clicking on our cookie banner, which provides more information about the cookies used. For more information about cookies, please visit: www.allaboutcookies.org, www.youronlinechoices.co.uk.

    Google Analytics: we use Google Analytics only to collect Website usage Data (as described above). We do not merge the information collected through the use of Google Analytics with other Personal Data. Google’s ability to use and share website usage data collected by Google Analytics is restricted by Google Analytics Terms of Service, Google Privacy Policy, and by enabling restricted data processing through our account page. You can learn more about how Google collects and processes data specifically in connection with Google Analytics here. Further information about your option to opt-out of these analytics services is available here

    Do Not Track Signals; GPC: We do not support Do Not Track signals. We have implemented changes to respect the Global Privacy Control signals we receive.

     

    Data Subject Rights

    To the extent available in the appropriate jurisdiction, Data Subjects may have rights concerning their Personal Data. To exercise these privacy rights – please submit a Data Subject Request via our dedicated page or contact us by e-mail at privacy@axonius.com

    When Data Subjects ask us to exercise any of their privacy rights, we may require additional information, including certain Personal Data, in order to authenticate and process the request. Such additional information may be then retained by us for legal purposes (e.g., as proof of the identity of the person submitting the request). 

    US Data Protection Rights

    Depending on the US state of residence and applicable laws, Data Subjects may have the right to:

    • know whether or not we currently process (or have processed in the last 12 months) Personal Information, as well as information regarding our privacy practices related to the handling of Personal Information;
    • access and receive a copy of the Personal Information we have collected in the prior 12 months;
    • request that we correct inaccuracies in Personal Information;
    • request the deletion of Personal Information that we have collected, subject to certain conditions and exceptions;
    • opt-out of targeted advertising; 
    • opt-out of sale or sharing of Personal Information. We do not currently sell Personal Information;
    • opt out of automated decision-making or profiling in furtherance of decisions that produce a legal or similarly significant effect. If applicable, this right applies to Colorado, Virginia or Connecticut residents.  We do not currently process Personal Information in this manner;
    • receive a copy of Personal Information in a portable and readily usable format;
    • not be subject to discrimination for the exercise of these privacy rights;
    • appeal if we decline to take action regarding a Data Subject’s request. We will notify the Data Subject providing our reasons and instructions for appealing the decision. If applicable, this right applies to Virginia, Colorado and Connecticut residents. Colorado resident also have the right to contact the Colorado Attorney General if they have concerns about the result of the appeal;
    • designate someone as an authorized agent to submit requests and act on Data Subject’s behalf. To do so, the Data Subject must provide us with written permission to the authorized agent. 

    Provided that we only interact with Data Subjects in a commercial context, some of the above rights may not apply. 

    European Economic Area (EEA) and United Kingdom (UK) Data Protection Rights 

    Subject to applicable laws, Data Subjects may have the right to:

    • request access to, or to receive copies of, Personal Data, as well as with information regarding our privacy practice related to the handling of Personal Data;
    • request rectification of any inaccuracies in Personal Data;
    • request, on legitimate grounds, the erasure of Personal Data; 
    • request, on legitimate grounds, the restriction of Personal Data processing activities;
    • object, on grounds relating to their particular situation, to the processing of Personal Data by us or on our behalf; and the right to object to the processing of Personal Data, by us or on our behalf for direct marketing purposes; 
    • have the Personal Data transferred to another controller, to the extent applicable;
    • withdraw consent, where we process the Personal Data on the basis of it;
    • not be subject to automated decision making, including profiling, which produces legal effects concerning the Data Subject, under certain conditions;
    • lodge complaints with a data protection authority regarding the processing of Personal Data by us or on our behalf.

    Additional Information

    Third-party event. Our website may contain links to third-party events, webinars or other similar activities. For information about how third-parties may use or access your Personal Data, please refer to the third-party privacy policy.

    Updates and Amendments: We may update and amend this Privacy Policy from time to time by posting an updated version on our website. The amended version will be effective as of the date it is published.

     

    Contact Details

    Questions, comments or concerns: For any questions, concerns or complaint regarding our Privacy Policy, or our privacy practices, please contact us at:

    - privacy@axonius.com

    - via post at: 41 Madison Ave Floor 37, New York, NY 10010, USA, to the attention of the Legal Team

    - via post at: 16 Great Queen Street, Covent Garden, London, United Kingdom, WC2B 5AH, to the attention of the Legal Team

    - via post at: 32 Menachem Begin Street, The Circular Tower, Floor 23 Tel Aviv, Israel 6701101, to the attention of the Legal Team.

    Representation for Data Subjects in the EU: We value Data Subject’s privacy and rights in the EU and have therefore appointed Prighter Group with its local partners as our privacy representative and point of contact. Prighter gives an easy way to exercise privacy-related rights (e.g. requests to access or erase personal data). To contact us via our representative, Prighter, or make use of your data subject rights, please visit the following website

    Data Protection Officer: Axonius has appointed PrivacyTeam in person of Aner Rabinovitz as our Data Protection Officer (DPO) for monitoring and advising on Axonius ongoing privacy compliance and serving as a point of contact on privacy matters for Data Subjects and supervisory authorities.