ASTRIX PRIVACY POLICY
Last Updated: October 28, 2024
In order to ensure transparency and give you more control over your personal information, this privacy policy (“Privacy Policy”) governs how we, Astrix Security Ltd. and its affiliated entities (“Astrix”, “we”, “our” or “us”) use, collect and store personal information that we collect or receive from or about you (“you”) in connection with https://astrix.security/ (“Website”), the Astrix platform (“Platform”), and the services provided therein (the Website, Platform and provided services, collectively, the “Services”).
Please read this Privacy Policy carefully, so you can fully understand our practices in relation to personal information. Important note: Nothing in this Privacy Policy is intended to limit in any way your statutory rights, including your rights to a remedy or other means of enforcement.
Table of contents:
- What information we collect, why we collect it, and how it is used
- How we protect and retain your personal information
- How we share your personal information
- Your privacy rights
- International transfers of personal information
- Use by children
- Interaction with third-party products
- Analytic tools/ Cookies
- Specific provisions applicable under California privacy law
- Contact us
This Privacy Policy can be updated from time to time and, therefore, we ask you to check back periodically for the latest version of this Privacy Policy. If we implement material changes in the way we use your information, in a manner that is different from that stated at the time of collection, we will notify you by posting a notice on our Website or Platform or by other means and take any additional steps as required by applicable law.
1. WHAT INFORMATION WE COLLECT, WHY WE COLLECT IT, AND HOW IT IS USED
We Process the Following Personal Information:
Information You Provide Directly to Us through the Website. We collect personal information that you voluntarily provide, including full name, email address, phone number, company name and details, messages, comments and any other information that you decide to provide us with. In addition, if you choose to apply for an open role in our company, via the Website or third-party tools (LinkedIn), we will collect relevant personal information such as full name, email address, city, and personal information included in your LinkedIn profile and CV, cover letter, portfolio and any other information that you provide us with.
Information provided through the Platform. When you create an account, and when you login to gain access to the Platform, we collect from your users the first name, surname, email address and username. In addition, we collect the following information when you make use of the Platform information about your use of the Platform, including, without limitation, through the use of cookies, analytics and other tracking technologies.
Information from Other Sources. Astrix also obtains information about you from other sources, including publicly – or commercially- available information, and through third-party data platforms, partners, and service providers.
Automatic Data Collection. We automatically collect certain information through your use of the Astrix Website, such as your Internet protocol (IP) address, cookie identifiers and other device identifiers that are automatically assigned to your device, browser type and language, geo-location information, hardware type, operating system, internet service provider and other information about actions taken using the Astrix Website.
We process information for the following purposes:
To provide you with Astrix Platform. Astrix will use your personal information to provide our Platform. For example when you signup/login to the Platform, we will use your personal information in order to authenticate you and allow you to access the Services. We also use your personal information for internal quality control purposes; to establish a business relationship; to generally administer the Services; and to optimize the results produced by the Platform and to improve our Services.
To provide you with the Astrix Website. Astrix will use your personal information to provide you with the Website, for example when you request to book a demo, we will use your personal information to process and answer your request; to respond to your questions, comments, and other requests for customer support, or information, including information about potential or future services; for internal quality control purposes; to establish a business relationship; and to generally administer the Astrix Services. In addition, if you apply for an open position with Astrix, we use the personal information you provided us to process your job application, assess you as a candidate, and send you candidate-related communications.
To Market Astrix Services. Astrix uses some personal information to market the Astrix Services. Such use includes (i) notifying you about offers and services that may be of interest to you; (ii) tailoring content, advertisements, and offers for you, including, targeting and retargeting practices; (iii) conducting market research (iv) developing and marketing new products and services, and to measure interest in Astrix’s services; (v) other purposes disclosed at the time you provide information; and (vi) as you otherwise consent.
Security purposes. Some of the above-mentioned information will be used for detecting, taking steps to prevent and prosecuting fraud or other illegal activity; to identify and repair errors; to conduct audits; and for security purposes. personal information may also be used to comply with applicable laws, with investigations performed by the relevant authorities, law enforcement purposes, and/or to exercise or defend legal claims.
De-identified and Aggregated Information Use. In certain cases, we may or will anonymize or de-identify your Information and further use it for internal and external purposes, including, without limitation, to analyze and improve Astrix Services and for research purposes. We may use this anonymous or de-identified information and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them and/or to develop new product features and improve existing offerings).
Cookies and Similar Technologies. We, as well as third parties that provide content, advertising, or other functionality on Astrix Services, may use cookies, pixel tags, local storage, and other technologies to automatically collect information. Such cookies and other tracking technologies are essentially small data files placed on your device that allow us to record certain pieces of information whenever you visit or interact with the Astrix Services. If you would like to opt out of such collection of data (except for the essential ones for the Services to work), you may do so by blocking, deleting, or disabling them as your browser or device permits – or as otherwise permitted or allowed by the cookie consent mechanism implemented on our website.
The lawful bases we rely on for processing personal information are (if and when applicable):
The data subject has given consent to the processing of his or her personal information;
Processing is necessary for the performance of a contract to which the data subject (or his employee) is party or in order to take steps at the request of the data subject prior to entering into a contract;
Processing is necessary for compliance with a legal obligation to which the controller is subject; and/or
Processing is necessary for the purposes of the legitimate interest.
2. HOW WE PROTECT AND RETAIN YOUR PERSONAL INFORMATION
Security. The security of personal information is important to us. We have implemented and maintain generally accepted industry standards technical, organizational and security measures designed to protect your information. However, please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use reasonable acceptable means to protect your personal information we cannot guarantee that the information will not be compromised as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.
Retention of your information. We will retain your personal information for as long as it is reasonably necessary in order to establish, maintain and expand our relationship and provide you with our Services and offerings, or until you submit a valid deletion request. Please note that in some circumstances we may store your information for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, and/or (iii) if we reasonably believe there is a prospect of litigation relating to your information or dealings.
Please note that except as required by applicable law or our specific agreements with you, we will not be obligated to retain your personal information for any particular period, and we are free to securely delete, anonymize or restrict access to it for any reason and at any time, with or without notice to you. If you have any questions about our data retention policy, please contact us at: [email protected].
3. HOW WE SHARE YOUR PERSONAL INFORMATION
In addition to the recipients described above, we may share your information as follows:
The information Astrix gathers is shared with our partners and other third parties.
We share information with our affiliated companies about you.
We use third party service providers to process your information for the purposes outlined above, including, without limitation:
With cloud service providers for hosting purposes;
With websites and web content creation platforms in order to help us manage our Website;
With email providers, marketing, CRM, other similar tool providers;
With analytic companies, in order to help us understand and analyze information we collect in accordance with this policy.
To the extent necessary, with regulators, courts, banks or competent authorities, to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order, as well as for internal compliance procedures and to protect the safety, security, and integrity of Astrix, our Services, customers, employees, property, and the public.
If, in the future, we sell or transfer, or we consider selling or transferring, some or all of our business, shares or assets to a third party, we will disclose your information to such third party (whether actual or potential) in connection with the foregoing events (including, without limitation, our current or potential investors). In the event that we are acquired by, or merged with, a third party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your information in connection with the foregoing events.
Where you have otherwise provided your consent to us for sharing or transferring your information.If you want to receive the list of the current recipients of your personal information, please make your request by contacting us to [email protected].
4. YOUR PRIVACY RIGHTS
The following rights (which may be subject to certain exemptions or derogations) shall apply to certain individuals (some of which only apply to individuals protected by specific laws):
You have the right to withdraw consent to the processing, where consent is the basis of processing.
You have the right to access the personal information that we hold and request further details about how we process it, under certain conditions.
You have the right to demand rectification of inaccurate personal information about you. We will promptly correct any information found to be incorrect.
You have the right to the erasure of past data about you (your “right to be forgotten”) under certain conditions.
You have the right to demand that we restrict the processing of your personal information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, the processing is no longer necessary, or if you believe your personal information is inaccurate.
You can exercise your rights by contacting us at [email protected]. You may use an authorized agent to submit a request on your behalf if you provide the authorized agent with written permission signed by you. To protect your privacy, we may take steps to verify your identity before fulfilling your request. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.Marketing emails – opt-out: You may choose not to receive future promotional, advertising, or other Services-related emails from us by selecting an unsubscribe link at the bottom of each email that we send or by sending a request here. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any “sign-up for a demo” or “contact us” request as well as other administrative emails that are necessary to facilitate your use of the Services.
5. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
We store the personal information with the following storing companies: AWS – North Virginia – US; GCP – South Carolina – US.
In order to run our business and provide our Services to you, we transfer personal information to certain countries around the world, including to our affiliates and service providers, many of whom are located outside of your jurisdiction. Therefore, your personal information may be processed in countries with privacy laws that are different from privacy laws in your country. Whenever we make such transfers, we will use commercially reasonable efforts to implement an appropriate level of protection to your personal information by implementing at least one of the following safeguards:
making sure the destination country has been deemed to provide an adequate level of protection for personal information; and/or by executing implement data onward transfer instruments such as data processing and protection agreements.
6. USE BY CHILDREN.
We do not offer our products or services for use by children and, therefore, we do not knowingly collect information from, and/or about children under the age of 18. If you are under the age of 18, do not provide any information to us without the involvement of a parent or a guardian. If we become aware that you provide information in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us at [email protected].
7. INTERACTION WITH THIRD PARTY PRODUCTS.
We enable you to interact with third party websites, mobile software applications and products or services that are not owned, or controlled, by us (each, a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third-Party Services. Please be aware that Third Party Services can collect information from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third-Party Service.
8. ANALYTIC TOOLS/COOKIES
Google Analytics. The Website uses a tool called “Google Analytics” to collect information about use of the Website. Google Analytics collects information such as how often users visit this Website, what pages they visit when they do so, and what other websites they used prior to coming to this Website. We use the information we get from Google Analytics to maintain and improve the Website and our products. We do not combine the information collected through the use of Google Analytics with information we collect. Google’s ability to use and share information collected by Google Analytics about your visits to this Website is restricted by the Google Analytics Terms of Service, available at https://marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.
Hotjar. We use a tool called “Hotjar”, which is an analysis service provided by Hotjar.com Inc. that we use to evaluate the use of our Platform and analyze user behavior to improve users experience. The tool collects identifiers (Name, email address, cookie IDs.), personal data (Name, address, telephone number), Electronic network activity information (IP address, referring URL and domain, device type, operating system and browser type, window size and content.) and Inferences (Information reflecting a consumer’s preferences and behavior on hotjar.com.) You can find more information in Hotjar’sCompliance, Data Privacy, Legal & Security at https://help.hotjar.com/hc/en-us/categories/360003405813-Compliance-Data-Privacy-Legal-Security.
Pendo. We use a tool called “Pendo”, which is an analysis service provided by Pendo.io Inc. that we use to evaluate the use of our Platform, generate reports on activities, analyze behavioral metrics and improve the experience. The tool collects the username, email address, country, and region that occurs when using our Platform. You can find more information in Pendo’s privacy policy at www.pendo.io/legal/privacy-policy/
We reserve the right to remove or add new analytic tools, cookies, pixels, and other tracking technologies.
9. SPECIFIC PROVISIONS APPLICABLE UNDER CALIFORNIA PRIVACY LAW
Our California Do Not Track Notice: We do not track consumers over time and across third-party websites and therefore do not respond to Do Not Track signals. We do not allow third parties to collect personally identifiable information about an individual consumer’s online activities over time and across different web sites when a consumer uses the Website.
10. CONTACT US.
If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at [email protected].