Last updated: 04/03/2025

Axion Ray Inc. and its related companies (“Axion,” ”Company,” “we,” “us,” or “our”) respect the privacy of our users (“User(s),” “you,” “data subject(s),” or “Visitor(s)”) and our customers (“Customer(s)”). We are committed to safeguarding your personal data, which you share with us through our website located at www.axionray.com (the “Site”) and our web application, Axion platform (the “Software” or “App”). Together, the Site, Software, and any other related services we offer are referred to as the “Services.”

Our Privacy Policy (the "Policy" or “Privacy Policy”) outlines the data collection and processing practices used in connection with our Services. This Policy aims to provide transparency regarding the types of personal information we collect and how we use it. By accessing our Site, using our Software, or utilizing our Services, you acknowledge and agree to the data practices described in this Policy.

Axion specializes in AI-driven solutions that help businesses detect, investigate, and resolve quality issues early, minimizing downtime and enhancing customer satisfaction. Our Software empowers teams to identify hidden issues in complex data, prioritize critical problems, collaborate effectively across departments, and monitor the success of implemented countermeasures—all while maintaining secure and efficient operations.

Please note that if you access a third-party website through a link provided in our Services, we encourage you to review their privacy policies before submitting any personal information. By visiting our Site or registering for our Services, you consent to our collection and use of your information in accordance with this Privacy Policy.

Please read this Privacy Policy and contact us if you have any questions at: privacy@axionray.com


Preliminary Notes

Please read this policy and make sure you fully understand our practices in relation to your personal information before you access or use the Site or our Services. If you have read this Privacy Policy and remain opposed to our practices, you must immediately leave this Site, and discontinue all use of the Services.

Binding Agreement - This Privacy Policy constitutes an integral part of our Terms of Service.

Content - Our Site and Services do not contain inappropriate content. Nevertheless, we use appropriate technical and organizational measures to ensure the protection and retention of data subjects.

Axion provides this Privacy Policy, as will be updated from time to time to inform you of our policies and procedures regarding the collection, use and disclosure of personal information we receive when you use the Site and our Services.

Changes and updates to this Privacy Policy - We reserve the right to modify or update this Privacy Policy, to reflect changes in our Services or data processing practices or to conform to a regulatory requirement. Such changes will be effective immediately upon the display of the revised Privacy Policy. The last revision date will be reflected in the "Last Updated" heading. If we make material changes to this Privacy Policy, we will do our best to notify you by email or through a notice on our Site.

About This Privacy Policy

We created this Privacy Policy to emphasize our commitment to protecting your privacy. Using our Site and Services may require you to provide certain Personal Data (as defined below), but only if you choose to do so voluntarily. Some features of our Site and Services, such as accessing our Platform, may require registration and submission of Personal Data, as detailed in this Policy. We will retain and handle the Personal Data you provide in accordance with this Privacy Policy.

This Privacy Policy has been developed in accordance with the EU & UK General Data Protection Regulation (GDPR), US state-specific privacy laws, and other applicable privacy regulations. Depending on your country of residence, additional rules may apply to your personal data (referred to below as "Applicable Privacy Laws").

If you would like to learn more about Axion’s region-specific processing of personal data, please refer to the relevant notices below for individuals in different regions.

Please read the Privacy Policy carefully to ensure you understand it and agree with its terms before using the Site and the Services. You have no legal requirement to provide us your Personal Data. We collect, process and retain your Personal Information only if you choose to access and engage with our Site and/or our Services and in accordance with this privacy policy. You can always avoid providing us certain Personal Data; however, you acknowledge that it may prevent us from providing you with certain Services or from using our Site. If you do not agree with any of the terms provided in this Privacy Policy, and the choices we provide do not mitigate your concerns, please do not access or use our Services and avoid accessing and using our Site.

Definitions

"Adequate Country" means a country or territory recognised by the European Commission or by the United Kingdom (as applicable) under the Data Protection Laws as providing adequate protection for Personal Data;

Applicable Privacy Laws means any data protection and privacy laws relevant to our operations, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and related regulations in European Union Member States, Switzerland, and the United Kingdom; the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), Cal. Civ. Code §§ 1798.100 et seq.; and other U.S. state-specific privacy laws, including, but not limited to, the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), and the Texas Data Privacy and Security Act (TDPSA), as well as any similar state privacy laws enacted or amended in the future. These laws collectively grant individuals specific rights regarding their personal data, including access, correction, deletion, and data portability, subject to certain exceptions.

Minor refers to a data subject underage (under 16 years or less depending on the legal jurisdiction applicable), which processing their personal data is only lawful if parent or guardian consent has been obtained.

Data Controller refers to the person, organization, public authority, agency, or other body who, either alone or with others, determines the purposes for which and the manner in which any Personal Data is to be processed, and defines the controls required for such processing.

Data Privacy Framework (or DPF) refers to the framework established by the United States Department of Commerce, in collaboration with the European Commission, to facilitate compliant cross-border data transfers between the United States and countries in the European Economic Area (EEA), providing safeguards equivalent to those under the GDPR.

Data Processor refers to any person or organization (other than an employee of the Data Controller) who undertakes the processing of Personal Data on behalf of the Data Controller.

Data Subject refers to an individual who is the subject of Personal Data.

Data Subject Consent refers to the approval given by a Data Subject after being informed of the activity's benefits and risks. For consent to be valid, the Data Subject needs to be informed, have the capacity and knowledge to decide, and to have given their consent voluntarily.

Personal Data (or Personal Information) refers to any information about a living individual that can identify them directly or indirectly. This includes data that, on its own or combined with other information, could reasonably be linked to a specific person, now or in the future, as outlined in this Privacy Policy.

Non-Personal Data means information that does not personally identify you and does not reveal your specific identity as an individual, such as anonymized information.

Standard Contractual Clauses (or SCCs) refers to legal mechanisms recognized under applicable privacy laws, including the GDPR, to enable the lawful transfer of Personal Data from countries within the European Economic Area (EEA) or the United Kingdom to countries without an adequate decision by the European Commission or the UK. The SCCs are based on the Commission Implementing Decision (EU) 2021/915, issued on 4 June 2021, which establishes standard contractual terms for ensuring adequate safeguards for such transfers.

Subprocessor refers to any entity engaged by us or by one of our Subprocessors to Process Personal Data on our behalf or on behalf of that Subprocessor. This excludes employees of the Subprocessor or its affiliates but includes contractors, affiliates, or other third parties authorized to perform specific data processing activities under our instructions or the instructions of the Subprocessor.

The terms "Processing" (and/or "Process"), "Personal Data Breach", the "Union", "Member State" and "Special Categories of Personal Data" shall have the meanings given in the GDPR and related EU data protection laws.

The terms "Business", "Business Purpose", "Consumer", "Service Provider", "Third Party" and "Contractor" shall have the same meanings as defined in the CCPA, as amended.

To the extent that CCPA applies, the term "Controller" shall also mean "Business", and "Processor" shall also mean "Service Provider", "Contractor" or "Third Party", as the context requires.

This Policy was originally written in English. If you are reading a translation and it conflicts with the English version, please note that the English language version prevails.

Roles and Responsibilities

Data Processor: Concerning Axion's core operations, Axion acts as the Data Processor when delivering services through its Software. In this capacity, Axion processes Personal Data on behalf of its Customers, following their instructions and as governed by applicable data processing agreements.

Data Controller: In accordance with the Applicable Privacy Laws, Axion serves as the Data Controller for the processing of Personal Data collected through the Site, as well as through other B2C interactions, including but not limited to account registration, Customer inquiries, subscription services and more.

Our main registered office is: 10 Grand Street, Floor 11, Brooklyn, NY 11211


To Whom Does This Privacy Policy Apply?

This Privacy Policy applies to Personal Data we collect online and offline, and applies in the following situations:

• Users and Visitors of the Site: We collect Personal Data through your use of Axion's Site, including platforms and websites that post or link to this Privacy Policy. This includes information you provide when contacting us, requesting a demo, applying for open roles, or engaging with us for other purposes. We may also collect data through cookies and similar technologies for personalization, analytics, and service improvements. For more details, refer to our Cookie Policy.
  
  

• Customers and Their Employees: We may collect Personal Data from employees of our Customers (e.g., names, roles, contact details) to enable effective communication, deliver our services, and maintain operational collaboration. Data provided as part of our software and services is processed securely and in compliance with relevant regulations. Customers remain the Data Controllers of the raw data they provide, and Axion operates as a Data Processor as defined under Applicable Privacy Laws.

  
  

• Suppliers and Vendors: We collect and process information from suppliers, vendors, and service providers, including contact details of their representatives, for procurement, coordination, and supply chain management purposes. Where relevant, processing of such data may also be governed by specific contractual arrangements.

  
  

• Software and Services: Through interactions with Axion’s Software and Services, we may collect and process Personal Data required for account setup, support requests, and service functionality. While Axion does not control the raw data Customers provide, we ensure secure processing to deliver actionable insights in accordance with our agreements.

  
  

When Does This Privacy Policy Apply?

This Privacy Policy applies to Personal Data about you that we collect, use or otherwise process regarding your relationship with us as a Visitor of our Site or a User of our Services.

The Types of Personal Data That We Collect

We collect Personal Data about you through various methods. This section outlines the ways we gather your Personal Data and explains how it is used.

This Policy applies to the collection of Personal Data, which may occur through one or more of the following methods:

Data You Share with Us Directly:

Submitting information to us is optional in certain cases and required in others, depending on the Service you choose to use or access. This category includes one or more of the following data categories:

1. Contact details. We may process your contact details, including your name, email address, phone number, job title, company name, and any other information you provide to us. This information is collected when you engage with us through our Site, such as by requesting a demo, applying for support, or learning about how our solutions can help you counter measure emerging issues.

   Purpose: We use this information, based on your consent, for the purpose for which it was provided, respectively, including, responding to your inquiry and providing you with the support or information you have requested.

   Retention: We retain such information for as long as needed to provide you with the inquiry requested or as required under applicable law.

   
   
   

2. Account Registration and Service Sign-Up To access Axion’s Software and services, such as our AI-driven quality management tools, registration and account creation may be required. During this process, you will be asked to provide information such as your email address and login credentials. This data is essential for creating a secure and unique account that links your usage to your identity and enables secure access to our Software and related features. We use this information to authenticate your account, enhance security, and ensure seamless access to the services.

   Purpose: We use your account information to create and maintain your account, secure your access, and enable you to manage and interact with the Software effectively.

   Retention: We retain account information for as long as you actively use the Services and as long as it is necessary to provide the Services or comply with applicable legal requirements.

   
   

3. Providing the Services. To deliver Axion’s Software Services, we may process certain types of Personal Data, including information provided by authorized Users, such as names, email addresses. This information is necessary to create and manage user accounts, authenticate access, and enable secure and efficient use of the Software and its features. Personal Data may also be used to facilitate communication, provide support, and tailor the services to the Customer's needs.

   Purpose: This information is used to facilitate secure and personalized access to our digital platforms, deliver our services, tailor features to your needs, and enable effective communication and support. All data collected will be handled in accordance with this Privacy Policy and solely for the purposes described.

   Retention: Personal Data related to authorized Users is retained for as long as the Customer uses the Services or as required by applicable law.

   
   

4. Raw data provided by the Customers. Customers may upload raw data into Axion’s Software to enable the functionality of our AI-driven tools, such as quality management, issue detection, and operational optimization. This data, controlled solely by the Customer, may include Personal Data of Data Subjects, such as customer queries, feedback forms, or other operational data specific to the Customer's use case. While we do not control or have full visibility into the raw data uploaded by Customers, they are responsible for ensuring that the data complies with Applicable Privacy Laws and is suitable for processing in the Software. To protect this data, Axion implements advanced technical and organizational measures, ensuring the highest levels of security.

   Purpose: Raw data is processed solely to deliver the functionality of the Software and generate insights or outputs as requested by the Customer, in compliance with our contractual obligations.

   Retention: Raw data is retained for as long as necessary to provide the Services, based on the Customer’s instructions, or as required by applicable law.

   
   

5. Payment information. When utilizing our Services, we may collect and process certain payment-related information, such as your full name, email address, billing address, bank account details, and other necessary data. This information is used for issuing invoices, processing payments, and providing Service-related confirmations or notifications. Please note that depending on the specific Service or payment method chosen, some payment information may be collected directly by third-party payment processors. Axion ensures that all payment-related data it processes is handled securely and in accordance with applicable legal and contractual obligations.

   Purposes: Payment information is collected and processed to facilitate the billing and payment of fees for the Services provided, as outlined in your ‘Order Form’ or agreement with Axion.

   Retention: We retain payment information for as long as necessary to fulfill our billing and payment obligations or as required by applicable law.

   
   

6. Chat communication. When using the chat functionality within Axion’s Software, we may collect information provided during your interactions. This includes details such as your name, email address, and the content of your messages. Additionally, technical information, such as IP address, browser type, and session metadata, may be collected to ensure the proper functionality of the chat service. The chat service is powered by a trusted third-party provider, and Axion ensures that all aspects of privacy and data protection are strictly upheld. We have implemented safeguards to ensure compliance with applicable data protection laws and maintain the security of the information shared via the chat.

   Purpose: This information is collected to respond to your inquiries, provide support, and improve your overall experience with our Software. It may also be used for troubleshooting and analytics to enhance the quality of our Services.

   Retention: Chat data is retained for as long as necessary to resolve your inquiries or as required under applicable law.

   
   

7. Vulnerability reporting. When submitting a vulnerability report, we may collect Personal Data to review, validate, and resolve the issue. This may include your name, email address, summary title, technical severity classification, vulnerability description, and related details like URLs or specific locations. Attachments such as proof-of-concept scripts, screenshots, or recordings may also be collected, along with optional information like additional contact details or embedded media. We rely on a third-party platform to manage and store reports, adhering to strict data protection and privacy standards. Axion ensures all data is

   Purpose: The Personal Data collected during vulnerability reporting is used to validate, investigate, and resolve reported vulnerabilities. It also allows us to maintain communication with you throughout the process and ensure an efficient and secure resolution.

   Retention: We retain data related to vulnerability reports for as long as necessary to address the reported issue or as required by applicable law.

   
   

8. Recruitment and job applications. When applying for a position through our Careers page, we may collect and process your Personal Data to evaluate your application and manage the recruitment process. This may include information such as your name, email address, phone number, resume, and any additional information you provide in the application form. Specific questions, such as your visa sponsorship needs or availability to work in certain locations, may also be collected to assess your suitability for the role. We use a third-party platform to process applications securely and in compliance with data protection laws.

   Purpose: Personal Data is used to evaluate your qualifications, communicate regarding the role, and manage the recruitment process.

   Retention: Recruitment data is retained for the duration of the hiring process and, where applicable, to comply with legal requirements or to consider you for future opportunities. Unless you request its deletion, this data may be retained for up to two years.

   
   

9. Aggregate Information. We may collect and retain metadata and statistical information concerning the use of the Services to operate, maintain, manage, and improve the Services. Some data may be retained on our third-party service providers’ servers in accordance with their retention policies. This retained metadata or statistical information does not identify you personally. When data is aggregated and anonymized using reasonable and practical methods to ensure it cannot identify any individual, it is no longer considered Personal Data and is therefore not subject to applicable data protection laws.

Data We Collect When You Use Our Services

This category covers the ways we enhance your experience and improve the performance of our Services.

When you access our Site, Software, or use our Services, we may process information related to your activities, device, and visit. This processing enables us to deliver, maintain, and enhance the Services, analyze usage patterns, develop new features and updates, provide effective support, and ensure the security and integrity of our platforms.

1. Online identifiers. We may process various online identifiers, such as IP addresses assigned to your device by your internet provider, data from cookies and pixel tags collected when you visit our Site, and information from log files. This data may include online usage data, login data (when applicable), timestamps, and device-specific details like your operating system. These identifiers are used to enhance your experience, maintain system functionality, ensure security, and support our Services.
   Purposes: These identifiers are used for various purposes: to perform analytics and statistical evaluations to better understand user behavior and improve our Services (legitimate interests); to monitor, detect, and prevent fraud or automated activities and ensure compliance with regional regulations by determining the country from which you access our Services (legitimate interests); and to provide proper access and functionality of the Services you have requested (contractual necessity). In certain cases, third-party cookies and tags may also be used for advertising, marketing, and retargeting campaigns, based on your consent or, where applicable, notice where consent is not legally required.

   Retention: We retain online information for as long as necessary to achieve the purpose for which it is processed, to begin with, or, until we make it Non-Personal Data, in which case, we reserve the right to retain the information without any time limitation, based on our discretion and commercial necessities.

   
   

2. Device Information. We may collect certain information about the device from which you access the Services, such as the user-agent (including IP address, operating system type and version), device type (e.g., mobile, tablet, desktop), and the system language settings configured on your device.

   Purposes: Based on your consent, or in certain cases, our legitimate interest, we may process device information to ensure the software or service is compatible with your device type and operating system version. This helps optimize the functionality and user experience by tailoring features to your device’s capabilities and ensuring smooth operation.

   Retention: We retain device information for as long as necessary to provide the Service’s functionality, to maintain a record of your license key and usage of the product, to associate license terms and renewals.

   
   

3. Online activity. We also may collect certain online activity information from Visitors. Under this category, we may also document in log files your clicks on actions and buttons across our Site, Software or Services, if provided, as described under the category of “Online Identifiers”.

   Purpose: This information is used (i) based on your consent, for advertising, marketing, and retargeting of our Services, where required by law; and (ii) based on our legitimate interest, to improve the usability and functionality of the Site, Software, and Services, to analyze user engagement and improve performance, and to ensure the security and integrity of our Services.

   Retention: We retain online activity information for as long as necessary to fulfill the purposes outlined above. If the information is no longer required, it will be deleted or anonymized unless we are required to retain it for legal, regulatory, or contractual obligations.

   
   

4. Engagement and Marketing Data. We may collect and process information related to your interactions with our communications, Services, and marketing activities. This data may include customer interaction metrics (e.g., email opens, subscription preferences, and responses to campaigns), as well as CRM data, behavioral segmentation, and related analytics. Such data is typically collected directly from your interactions with our Services or, in some cases, through third-party analytics and marketing tools integrated into our platform.

   Purpose: This data is processed (i) based on your consent, where required under Applicable Privacy Laws, or otherwise based on notice, to provide personalized communications, advertising, and marketing, including retargeting campaigns; and (ii) based on our legitimate interest, to understand user preferences, analyze campaign effectiveness, improve engagement, and optimize our marketing strategies.

   Retention: Engagement and marketing data is retained only for as long as necessary to achieve the purposes described above or until you withdraw your consent, if applicable. If the data is collected via third-party services, retention will comply with the terms of those services and our agreements with them. Data that is no longer required will be deleted or anonymized unless we are required to retain it for legal, regulatory, or contractual purposes.

   
   

5. Device Location and Usage Data. When you use our Software, we may collect and process data related to your device's location, including historical location information obtained through GPS, Wi-Fi signals, or similar technologies. This data may also include contextual usage patterns and operational activities necessary to support our platform's functionality and services.

   Purpose: We process location and usage data based on your consent or, in certain cases, our legitimate interest. This data enables us to provide location-based services, optimize and personalize features, improve operational workflows, monitor and enhance system performance, and ensure the security and integrity of our Software and Services.

   Retention: Location and usage data is retained only for as long as necessary to achieve the purposes outlined above or to comply with applicable legal or regulatory requirements. Temporary storage may be utilized for operational purposes, and data will be deleted or anonymized once no longer needed.

   
   

   
   

Data we collect from third parties

This category refers to data we may receive from third parties concerning the Services we provide to you.

1. Data from companies that offer their products or services in relation to our Services or whose products or services may be linked from our Service or whose products or services may be linked to their service.

   
   

2. We may share information about you with our related companies located around the world. This enables Axion to detect and resolve emerging issues, improve product quality, and provide consistent and efficient solutions across regions.

   
   

3. Information for marketing operations provided by third-party marketing services. We may also share or receive information about you with/from third parties, including advertising and remarketing providers or similar partners. These partnerships allow us to personalize content and ads based on your interests and preferences, as well as to understand how you engage with our advertising campaigns.

   
   

   The purpose of sharing or receiving information with/from third-party advertisers/remarketers is to tailor, target, analyze, report on, and/or manage advertising campaigns or other initiatives. These third parties may use cookies, pixel tags, or other technologies to collect information in furtherance of such purposes.

   
   

   Depending on your region, you may have the option to opt in or opt out of data sharing and processing activities with third-party advertisers and remarketers. We respect your preferences and comply with applicable regional laws and regulations. Information shared or received with/from these third-party providers is retained only as long as necessary to provide you with the Services or as required by law. By using our Services, you consent to this processing unless you have opted out where permitted.

   
   

4. Analytical information. We use one or more third-party analytics services, such as Google Analytics, to evaluate your use of the Services by compiling reports on activity (based on their collection of IP addresses, Internet service provider, browser type, operating system, and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Site or Software you visit, number of links clicked, search terms and other similar usage data) and analyzing performance metrics. These third parties use cookies and other technologies to help collect, analyze, and provide us with reports or other data. By accessing and using the Services, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy.

   
   

5. We also may receive information about you from third-party social platforms. When you interact with the Site through a third-party social platform, you allow the platform to collect information about your interaction with the Site and you allow us to access or collect information made available by the platform in accordance with its Privacy Policy.

   
   

6. Additional information as required from us to comply with legal obligations.

   
   

7. Any data obtained by any of the above means may be associated with other data you have previously provided to us.

   
   

8. Third-party advertising companies are sometimes used to help us collect this Personal Information.
   
   
   

Cookies

At Axion, we use cookies and other tracking technologies to enhance user experience and improve our Services through the Site or Software. Cookies are small data files that are transferred to your device via your web browser, allowing our systems to recognize your browser and capture certain information.

Cookies may be collected by us or by third-party vendors, to collect cookies to analyze how you interact with and use our Site, and Software. The information collected by these cookies includes your IP address, time of visit, whether you are a return visitor, any referring Site or Software, URL, referrer, device and browser characteristics, and timestamp.

The data collected by these cookies is transmitted to and stored by the third-party vendors and is subject to their respective privacy policies.

We also utilize other tracking technologies, such as flash cookies, embedded scripts, eTags, and web beacons, to collect and store information about your visit. This includes details such as your browser type, operating system, mobile device information, and clickstream data. Cookies are used to facilitate your site usage without requiring you to re-enter your login information, customize and enhance your website experience, monitor website usage, manage the Site, and improve our products and services. These cookies may be session cookies, which expire once you close your browser, or persistent cookies, which remain on your device until deleted. The information collected by these cookies may be used to analyze trends, gather insights into visitor movements, diagnose potential server problems, investigate actual or potential security incidents, and ensure the Site’s proper functionality. Additionally, we may utilize third-party analytics tools to assist us in measuring traffic and usage trends for the service and gaining a better understanding of our users' demographics.

Managing Your Cookie Preferences

Axion’s Cookie Collection

We provide several options for you to manage your cookie preferences effectively:

• Cookie Preferences Center: You can easily accept or reject cookies through our cookie preference feature, accessible via the banner on our Site.

• Browser Controls: Most web browsers allow you to delete existing cookies and block new ones from being placed. If you choose to disable cookies through your browser, some preferences may need to be adjusted manually each time you visit our Site, and certain features or functionalities may not work optimally.

• Clear Cookies: You can delete all cookies already stored on your device at any time. However, doing so may limit the functionality of certain services that enhance your Site experience.

  
  

Third-Party Cookie Collection

We work with third-party providers that may place cookies on your device to collect data. Below is how these cookies are used and how you can manage them:

• Google Analytics: Used on our marketing site to track traffic and user interactions, helping us improve content and usability. If you wish to opt out of Google Analytics tracking, you can install the Google Analytics Opt-out Browser Add-on.

• PostHog: Used within our App for user analytics to track interactions, improve user experience, and resolve issues. PostHog respects the browser’s "Do Not Track" setting, which you can enable in your browser settings. Alternatively, you can block cookies directly through your browser’s cookie management settings.

• UserGuiding: Utilized within our App to provide in-app tutorials, guides, and onboarding assistance. You can manage UserGuiding-related cookies through your browser settings. For analytics-related cookies (such as those used by UserGuiding), refer to their respective opt-out tools.

• Browser Settings: Disabling or deleting cookies through your browser settings is another option. However, doing so may impact the performance of certain features on our website that rely on third-party cookies.

  
  

Do Not Track (DNT) Signals

Some browsers or devices provide a "Do Not Track" option to indicate your privacy preferences. While our Site does not currently respond to DNT signals, you can manage tracking through the tools mentioned above, including our cookie preferences center and browser settings.

How We Use Personal Data (Purposes of Processing)?

Personal Data is used to provide and operate the Site, Services, and Software; monitor, analyze, and improve their usage and functionalities; personalize and enhance our offerings, including surfacing features and promotions from partners; provide customer assistance and technical support; send service announcements, notices, and promotional messages in compliance with Applicable Privacy Laws; enforce our Terms of Service, policies, and contractual arrangements; prevent misuse of the Site, Services, or Software; comply with legal requirements, court orders, or warrants; address legal disputes; understand user needs on an aggregated or individualized basis to develop and improve offerings; communicate with you, including obtaining feedback; and disclose data to third-party vendors, service providers, or contractors performing functions on our behalf, as authorized by you.

The Legal Basis for Personal Data Use

Axion processes Personal Data in accordance with applicable legal bases, which depend on the specific context and purpose of the processing.

Use of the Site: Personal Data collected in connection with your use of our Site is processed based on your consent, where such consent is required by law.

Use of the Software: When you use our Software, the processing of your Personal Data is governed by the terms of the contract associated with your use of the Software.

B2B Services: For our B2B services, we process Personal Data as part of our engagements with Customers. This processing may rely on legitimate interests, where such interests are applicable and balanced, or other relevant legal bases.

Data Processor Obligations: When providing our Services to Customers, we process Personal Data in our capacity as a Data Processor. This is carried out in accordance with the Data Processing Agreements (DPA(s)) established with the respective Data Controller, as required by Applicable Privacy Laws.

In all cases, Axion processes your Personal Data only when a valid legal basis exists. The legal basis for processing is determined by the specific purpose for which the data was collected and used.

Sharing Personal Data with Third Parties

We do not sell, rent, or lease your Personal Data. We may share your Personal Data with service providers and other third parties to the extent necessary to fulfill our Services, but not for marketing purposes. Additionally, in order to provide, operate, maintain, and improve our Site and Services, and to offer additional products and features, we utilize third-party services. These services include payment processors, feedback features, support tools, operational tools, analytics, statistical tools, and more. The specific categories of these services are as follows:

1. Hosting services and storage: We use third-party host and storage services (including cloud storage) to host our Site, and respective data and retain your Information. We require each such Processor to maintain strict privacy protection and data security policies and ensure their compliance with Applicable Privacy Law. However, their practices and activities are fully governed by their own privacy policies.

   
   

2. Analytics. If you are a User and visiting our Site, we may use analytics services to help us understand how Users interact with our Site and Services.

   
   

3. Support services. We may use, from time to time, support and help desk services to provide better and faster support, whether online or, when you contact customer support.

   
   

4. Authentication and security. In cases where you open an account with us, we may integrate over time certain authentication services.

   
   

5. Payment processors. When you engage with our Software Services, or when we process payments to you as a vendor, we may collect and use relevant personal or organizational information required to facilitate these transactions.

   
   

6. CRM and mailing lists. If you are a Customer or a User, we may use services to manage and secure your Personal Information, or, manage subscriptions and notifications lists.

   
   

7. Technology partners. Some of our products and Services may include third-party technologies, widgets, or features in order to enhance a product’s functionality and expand it to include more features for you.

   
   

8. Advertising and Retargeting: Some of our third-party services may collect non-identifiable information about your interaction with our Site. Third parties may use such information to serve and display ads when browsing other websites across the web (“Retargeting”). You can opt-out at any time of such type of advertising directly from the Ad when you encounter it.

   
   

9. Legal Proceeding or law requirement. We may share your Personal Information with any third party if we believe that disclosure of such information is helpful or reasonably necessary to: (a) comply with any applicable law, regulation, legal process, or governmental request; (b) enforce our license agreement, terms of service or this privacy policy, including investigations of potential violations thereof; (c) detect, prevent, or otherwise address fraud or security issues; and/or (d) protect against harm to the rights, property or safety of Axion, our related companies, our users, yourself, and/or the public.

   
   

10. Merger, Sale, or Bankruptcy. In the event that we or one of our related companies is acquired by, or merged with, a third party entity or otherwise sells all or part of our/its assets, we may (and hereby reserve the right to) transfer or assign the Personal Information and other information we have collected or received. In such a case, we will require the acquiring entity to post its data practices and provide you with any of your rights as per the jurisdiction of your residency.

    
    

Data Subject Rights

We recognize that the protection of Personal Data is a fundamental right, and we are committed to respecting the privacy rights of all individuals, regardless of their location. Certain privacy rights apply universally and are upheld by Axion as a global standard:

• Right to Transparency: You have the right to clear, accessible, and transparent information about how your Personal Data is collected, used, and shared.

  
  

• Right to Access: You can request details about the Personal Data we hold about you, including the purposes for which it is processed and the parties with whom it is shared.

  
  

• Right to Correction: You may request corrections to any inaccuracies or incomplete information in the Personal Data we hold about you.

  
  

• Right to Deletion: You may request the deletion of your Personal Data where legally permitted, subject to certain exceptions, such as compliance with legal obligations or the establishment of legal claims.

  
  

• Right to Object: You have the right to object to the processing of your Personal Data for certain purposes, including direct marketing or where processing is based on our legitimate interests.

  
  

To exercise any of these rights, please contact us at privacy@axionray.com. We are committed to responding to all valid requests in accordance with Applicable Privacy Laws and our internal policies. Note that the implementation of these rights may vary based on your jurisdiction and the nature of your relationship with us.

If you reside in the EEA or the United States, please refer below to "Region-Specific Processing of Personal Data" for additional rights specific to your location.

Data Security

We take the safeguarding of the Personal Data and non-Personal Data very seriously and use a variety of industry-standard systems, applications, and procedures to protect the Data from loss, theft, damage, or unauthorized use or access. For example, we host data in ISO 27001-certified data centers with SOC 2 compliance and encrypt data at rest using AES-256 and in transit with TLS 256-bit encryption. However, although we make efforts to protect your privacy, we cannot guarantee that the Site or our Software will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.

We also regularly monitor our systems for possible vulnerabilities and attacks and seek new ways to enhance the security of our Site and Services. This includes conducting penetration tests, security audits, and employing access control mechanisms to protect our Visitors’ and Users’ privacy.

In the event of a data breach, Axion will promptly notify affected individuals and relevant regulators as required under applicable laws, providing clear information about the breach, the type of data involved, and recommended steps to protect against potential harm. We are committed to responding transparently and effectively to ensure compliance and mitigate risks.

Data Retention

As detailed above, we retain different types of data for varying periods based on legal, operational, and regulatory requirements. Personal Data is retained only for as long as necessary to fulfill the purposes for which it was collected, including supporting our business operations and services. These purposes may include data storage, documentation, cybersecurity management, legal proceedings, and compliance with tax or other regulatory requirements.

Aggregated or anonymized Non-Personal Data may be stored indefinitely, as it no longer identifies any individual and is used for analytical and operational purposes.

As long as you continue using our services, we will retain your information as described in this Policy unless we specify different retention periods, establish alternative terms in a DPA, or are required by law to delete it. If you exercise your right to request deletion under Applicable Privacy Laws, we will delete your data to the extent required, while retaining only what is necessary to comply with legal obligations.

Axion’s Region-Specific Processing of Personal Data

A Notice for EEA Residents

Depending on your country of residency, and on the type of your use of our Site (Visitor or a User), Software (User) or Services, certain rights concerning your Personal Data may apply to you.

If you are located in the EEA including UK, you have certain rights with respect to your Personal Data, including:

• The right to be informed: You have the right to receive clear and transparent information about how your data is being used.

  
  

• The right of access: You can request a copy of your Personal Data and details on how it is processed.

  
  

• The right to rectification: You are entitled to request corrections to any inaccurate or incomplete data we hold about you.

  
  

• The right to erasure: Commonly known as the "right to be forgotten," you can request that we delete your data, subject to certain conditions.

  
  

• The right to restrict processing: You can ask us to limit how your data is used under specific circumstances, such as while a dispute is being resolved.

  
  

• The right to object to processing: You have the right to object to the processing of your data, particularly for direct marketing purposes.

  
  

• Rights related to automated decision-making and profiling: You can request human intervention in decisions made solely through automated means, including profiling, if these decisions significantly affect you.

  
  

Please contact us at: privacy@axionray.com with your detailed request and sufficient information to allow us to verify you and your request, and we will process your verifiable request within the timeframe indicated in the applicable regulation. Note that when handling these requests, we may require additional information from you to verify your identity.

When you ask us to exercise any of your rights under this Policy and the Applicable Privacy Laws, we may need to ask you to provide us certain credentials to make sure that you are who you claim you are, to avoid phishing and/or disclosure to you of Personal Data related to others.

We may redact from the data which we will make available to you, any Personal Data related to others, if applicable.

Transfer of Data Outside of Your Territory

If you are a resident of the EEA (including UK), it is possible that your data will be transferred outside the EEA, to third parties who can assist us in our Services. We may process your Personal Data in any country in which we do business. If we shall transfer the Personal Data of an EU resident outside of the EU, we shall comply with Applicable Privacy Laws in relation to such transfer and according to our commitment under a DPAs with our Customers.

We are subject to the provisions of the GDPR that protect your Personal Data. We ensure that appropriate measures are in place to maintain a comparable level of security for your Personal Data. Each data transfer outside the EEA will comply with the SCC, unless the data is shared with a country that has been deemed to have an adequate level of data protection. In the event of data transfer to the US, we verify whether the third party is registered in the DPF program at https://www.dataprivacyframework.gov/

In any case, our transfer, storage, and handling of your Personal Data will continue to be governed by this Privacy Policy and according to our commitment under the DPA with the Data Controller.

Privacy Notice for US Residents

We recognize the importance of your privacy and are committed to complying with Applicable Privacy Laws across the United States. This section informs US residents, including those in California and other states with privacy laws, of their rights regarding the processing of their Personal Information and how to exercise those rights.

We comply with the Children’s Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 without verifiable parental consent.

A Notice for California Residents

We hereby inform Visitors and Users that are California residents, of the following rights (by virtue of the CCPA) with respect to the Processing of your Personal Data:

To learn more about the categories of Personal Data we collect, its sources, purposes, and the service providers we share it with, refer to the relevant sections above.

We do not sell Personal Data for business or commercial purposes, but we may share Personal Information or aggregated information with a third party for a business purpose. When we do so, we enter a contract that describes the purpose and requires the recipient to keep that personal information confidential and not use it for any purpose other than what is described in the agreement.

If you wish to exercise your rights concerning our third party's disclosure aspects, please refer below to the "Exercising Your Rights" section below.

Consumer Rights

The CCPA grants California consumers specific rights in connection with the Personal Data collected by businesses, as described below:

• Right to Know: You have the right to know the categories and specific pieces of Personal Data we have collected about you in the previous 12 months.

  
  

• Right to Deletion: You have the right to request that we delete any Personal Data we have collected about you.

  
  

• Right to Request Information: You have the right to request information about our collection, sale, and disclosure of your Personal Data from the previous 12 months.

  
  

• “Shine the Light” Law: Under California’s “Shine the Light” law (Cal. Civ. Code §1798.83), you have the right to request information regarding whether and how we disclose your Personal Data to third parties for their direct marketing purposes, unless our disclosures under the CCPA fulfill this requirement. This right allows you to request and receive a list of the third parties, if any, that we have shared Personal Data with for such purposes, along with the types of Personal Data disclosed.

  
  

• Right to Opt-Out of the Sale and Sharing of Personal Data: California consumers have the right to opt out of the sale and sharing of their Personal Data, including for purposes such as cross-context behavioral advertising. While Axion does not engage in the sale or sharing of Personal Data, we are committed to honoring your privacy preferences. If you have any concerns or wish to exercise your rights, please contact us using the information provided below. Furthermore, Axion does not sell the Personal Data of Minors, as our services are not intended for individuals under the applicable age threshold.

  
  

• Sensitive Information: Under laws such as CCPA, you have the right to limit the use and disclosure of sensitive personal information for purposes other than those permitted by law (e.g., providing services).

  
  

• Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights. We will not treat you differently for exercising any of the above rights.

  
  

Under the California Online Privacy Protection Act (CalOPPA), our service does not currently respond to Do Not Track (DNT) signals. However, we recognize and honor Global Privacy Control (GPC) signals, allowing you to indicate your preference to opt out of the sale or sharing of Personal Data. Please note that third-party operators integrated with our service may collect information about your browsing activities. To manage your tracking preferences, you can enable a GPC signal or adjust the settings on your web browser or mobile device to notify websites and apps of your preferences. For detailed instructions on configuring these settings, refer to the help documentation provided by your browser or device.

Exercising Your Rights

To exercise any of the CCPA rights above, don't hesitate to contact us by emailing at privacy@axionray.com. We will fulfill your request within 45 days of receiving your request (If we require an extension, we will notify you within the initial 45 days, explaining the reasons and providing an estimated completion date). Some of these rights may be subject to limitations and qualifications, such as where fulfilling the request would conflict with federal, state, or local law, regulatory inquiries, subpoenas, or our ability to defend against legal claims. We will verify your request using your email address and the information associated with your account if you have one.

Note that we cannot respond to your request if we cannot verify your identity and confirm the Personal Data related to you. Making a verifiable consumer request does not require you to create an account with us. If you wish to use an authorized agent to submit a request to opt-out on your behalf, you must provide the authorized agent with written permission signed by you. We may deny a request from an authorized agent if the agent cannot provide to us your signed authorization demonstrating that they have been authorized to act on your behalf.

If you do not wish for our online third-party partners or us (such as advertising networks) to sell or share your Personal Information with others, please click on the "Do Not Sell or Share My Personal Information" link to contact us with questions or to exercise your right to opt-out.

US State-Specific Residents

If you are a resident of any state with privacy laws, including but not limited to Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Florida, Montana, Iowa, Indiana, Tennessee, or Delaware, you are entitled to specific privacy rights regarding your personal information under your state’s respective data privacy laws. These laws grant you rights to access, correct, delete, and obtain your personal data, subject to certain exceptions. Please review the following information to understand your privacy rights and how to exercise them.

Scope of Applicability

The respective privacy laws apply to natural persons acting in an individual or household context. These laws generally do not extend to individuals acting in a commercial or employment context unless explicitly noted otherwise. If you are a resident of one of these states, you can make requests regarding your Personal Information, and we will honor such requests as required by the law in your state. In cases where we are unable to comply with your request, in whole or in part, we will provide you with an explanation of our reasons.

Consumer Rights Across Applicable States

You may exercise the following rights concerning your Personal Information:

• Right to Access Your Personal Information: You have the right to request access to the Personal Information we have collected about you, including details about the purposes for which it was collected, the types of Personal Information, and the third parties with whom we share it.

  
  

• Right to Correct Your Personal Information: You may request that we correct any inaccuracies in the Personal Information we hold about you.

  
  

• Right to Delete Your Personal Information: You can request the deletion of your Personal Information, subject to certain legal exceptions, such as when retaining the information is necessary for compliance with legal obligations or in connection with ongoing business operations.

  
  

• Right to Obtain a Copy of Your Personal Information (Data Portability): You may request a copy of your Personal Information in a portable and readily usable format, subject to technical feasibility.

  
  

• Right to Opt-Out of Targeted Advertising: You have the right to opt out of the processing of your Personal Information for targeted advertising purposes.

  
  

• Right to Opt-Out of the Sale of Personal Information: You may request that we do not sell your Personal Information to third parties. While Axion does not sell Personal Information for monetary gain, we respect your right to opt out of any activities classified as “sale” under Applicable Privacy Laws.

  
  

• Right to Opt-Out of Profiling: In states like Colorado and Connecticut, you have the right to opt-out of profiling that produces legal or similarly significant effects.

  
  

Additional Notes

• B2B and Employment Contexts: Many of these laws exclude individuals acting in a business or employment capacity (e.g., B2B data) from the definition of “consumers.” Therefore, such data is not covered under the Applicable Privacy Laws in most states, including Virginia, Connecticut, Utah, Oregon, and Texas.

  
  

• Sensitive Personal Information: Some laws (e.g., VCDPA, CPA) grant additional rights concerning the processing of sensitive Personal Information, such as biometric or health data. If applicable, you may limit the processing of such information.

  
  

How to Exercise Your Rights

To exercise any of your privacy rights as a resident of Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Florida, Montana, Iowa, Indiana, Tennessee, or Delaware, please contact us at privacy@axionray.com. We will fulfill your request within the timeline prescribed by the Applicable Privacy Laws. Please note the following:

• Authentication: To ensure the protection of your data, we may require verification of your identity before fulfilling your request. If you submit a request through an authorized agent, we may require proof of authorization, such as a signed written permission or power of attorney.

  
  

• Response Timeline: Most states require responses within 45 days, with a possible extension of another 45 days. However, specific timelines may vary, and we will inform you if additional time is needed.

  
  

Non-Discrimination Policy

We will not discriminate against you for exercising your privacy rights under Applicable Privacy Laws. For example, we will not deny you services, charge you a different price, or provide a different quality of services for exercising your rights.