Privacy Policy

Last Updated: October 10, 2020

This Privacy Policy describes how we collect and use your personal information in relation to Akeyless websites, applications, products, services, events, and experiences that reference this Privacy Policy (together, “Akeyless Offerings”).

This Privacy Policy does not apply to any products, services, websites, or content that are offered by third parties or have their own privacy policy.

Personal Information We Collect

We collect your personal information in the course of providing Akeyless Offerings to you. 

Here are the types of information we gather:

  • Information You Give Us: We collect any information you provide in relation to Akeyless Offerings.

You provide information to us when you:

  • search for, subscribe to, or purchase Akeyless Offerings;
  • create or administer your Akeyless account (and you might have more than one account if you have used more than one email address when using Akeyless Offerings);
  • configure your settings for, provide data access permissions for, or otherwise interact with Akeyless Offerings; 
  • register for or attend an Akeyless event;
  • communicate with us by phone, email, or otherwise; 
  • complete a questionnaire, a support ticket, or other information request forms; 
  • post on Akeyless websites or participate in community features; and
  • employ notification services.

Depending on your use of Akeyless Offerings, you might supply us with such information as:

  • your name, email address, physical address, phone number, and other similar contact information;
  • payment information, including credit card and bank account information;
  • information about your location;
  • information about your organization and your contacts, such as colleagues or people within your organization;
  • usernames, aliases, roles, and other authentication and security credential information;
  • content of feedback, testimonials, inquiries, support tickets, and any phone conversations, chat sessions and emails with or to us; 
  • information regarding identity, including government-issued identification information; 
  • corporate and financial information; and
  • VAT numbers and other tax identifiers.
  • Automatic Information: We automatically collect certain types of information when you interact with Akeyless Offerings. 

We collect information automatically when you:

  • visit, interact with, or use Akeyless Offerings (including when you use your computer or other device (including API-Gateway) to interact with Akeyless Offerings); 
  • download content from us;
  • open emails or click on links in emails from us; and
  • interact or communicate with us (i.e. when you request customer support).

Examples of the information we automatically collect include:

  • network and connection information, such as the Internet protocol (IP) address used to connect your computer or other device to the Internet and information about your Internet service provider; 
  • computer and device information, such as device, application, or browser type and version, browser plug-in type and version, operating system, or time zone setting; 
  • the location of your device or computer;
  • authentication and security credential information;
  • content interaction information, such as content downloads, streams, and playback details, including duration and number of simultaneous streams and downloads; 
  • Akeyless Offerings metrics, such as offering usage, occurrences of technical errors, diagnostic reports, your settings preferences, backup information, API calls, and other logs; 
  • the full Uniform Resource Locators (URL) clickstream to, through, and from our website (including date and time) and Akeyless Offerings, content you viewed or searched for, page response times, download errors, and page interaction information (such as scrolling, clicks, and mouse-overs);
  • email addresses and phone numbers used to contact us; and
  • identifiers and information contained in cookies.
  • Information from Other Sources: We might collect information about you from other sources, including service providers, partners, and publicly available sources.

Examples of information we receive from other sources include:

  • marketing, sales generation, and recruitment information, including your name, email address, physical address, phone number, and other similar contact information; 
  • subscription, purchase, support, or other information about your interactions with products and services offered by us, our affiliates, or third parties in relation to Akeyless Offerings; 
  • search results and links, including paid listings (such as Sponsored Links); and 
  • credit history information from credit bureaus.

How We Use Personal Information

We use your personal information to operate, provide, and improve Akeyless Offerings. Our purposes for using personal information include:

  • Provide Akeyless Offerings: We use your personal information to provide and deliver Akeyless Offerings and process transactions related to Akeyless Offerings, including registrations, subscriptions, purchases, and payments.
  • Measure, Support, and Improve Akeyless Offerings: We use your personal information to measure use of, analyze performance of, fix errors in, provide support for, improve, and develop Akeyless Offerings.
  • Recommendations and Personalization: We use your personal information to recommend Akeyless Offerings that might be of interest to you, identify your preferences, and personalize your experience with Akeyless Offerings.
  • Comply with Legal Obligations: In certain cases, we have a legal obligation to collect, use, or retain your personal information.
  • Communicate with You: We use your personal information to communicate with you in relation to Akeyless Offerings via different channels (e.g., by phone, email, chat) and to respond to your requests.
  • Marketing: We use your personal information to market and promote Akeyless Offerings. We might display interest-based ads for Akeyless Offerings.
  • Fraud and Abuse Prevention and Credit Risks: We use your personal information to prevent and detect fraud and abuse in order to protect the security of our customers, Akeyless, and others. We may also use scoring methods to assess and manage credit risks.
  • Purposes for Which We Seek Your Consent: We may also ask for your consent to use your personal information for a specific purpose that we communicate to you.

How We Share Personal Information

Information about our customers is an important part of our business and we are not in the business of selling our customers’ personal information to others. We share personal information only as described below and with Akeyless and the subsidiaries that Akeyless  controls that are either subject to this Privacy Policy or follow practices at least as protective as those described in this Privacy Policy.

  • Transactions Involving Third Parties: We make available to you services, software, and content provided by third parties for use on or through Akeyless Offerings. 
  • Third-Party Service Providers: We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), conducting customer relationship management, and providing training. These third party service providers have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process that information in accordance with this Privacy Policy and as permitted by applicable data protection law.
  • Business Transfers: As we continue to develop our business, we might sell or buy businesses or services. In such transactions, personal information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless, of course, the individual consents otherwise). Also, in the event that Akeyless or substantially all of its assets are acquired, your information will of course be one of the transferred assets.
  • Protection of Us and Others: We release account and other personal information when we believe release is appropriate to comply with the law, enforce or apply our terms and other agreements, or protect the rights, property, or security of Akeyless, our customers, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.

Location of Personal Information

Depending on the scope of your interactions with Akeyless Offerings, your personal information may be stored in or accessed from multiple countries, including the United States and the European Union. Whenever we transfer personal information to other jurisdictions, we will ensure that the information is transferred in accordance with this Privacy Policy and as permitted by applicable data protection laws.

How We Secure Information

At Akeyless, security is our highest priority. We design our systems with your security and privacy in mind.

  • We maintain compliance programs that validate our security controls. 
  • We protect the security of your information during transmission to or from Akeyless websites, applications, products, or services by using encryption protocols and software.
  • We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.

Children’s Personal Information

We don’t provide Akeyless Offerings for purchase by children. If you’re under 18, you may use Akeyless Offerings only with the involvement of a parent or guardian.

Retention of Personal Information

We keep your personal information to enable your continued use of Akeyless Offerings, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Policy, as may be required by law (including for tax and accounting purposes), or as otherwise communicated to you. How long we retain specific personal information varies depending on the purpose for its use, and we will delete your personal information in accordance with applicable law.

Contacts, Notices, and Revisions

If you have any concern about privacy at Akeyless or want to contact us, please contact us with a thorough description, and we will try to resolve it. You may also contact us at the addresses below:

For any prospective or current customers of Akeyless, our mailing address is: Akeyless LTD, Igal Alon 94, Alon Tower 2, Tel Aviv, Israel  6789140

If you interact with Akeyless Offerings on behalf of or through your organization, then your personal information may also be subject to your organization’s privacy practices, and you should direct privacy inquiries to your organization.

Our business changes constantly, and our Privacy Policy may also change. You should check our website frequently to see recent changes. You can see the date on which the latest version of this Privacy Policy was posted. Unless stated otherwise, our current Privacy Policy applies to all personal information we have about you and your account. We stand behind the promises we make, however, and will never materially change our policies and practices to make them less protective of personal information collected in the past without informing affected customers and giving them a choice.

Additional Information for Certain Jurisdictions

We provide additional information about the privacy, collection, and use of personal information of prospective and current customers of Akeyless offerings located in certain jurisdictions.

California

These additional disclosures are required by the California Consumer Privacy Act and are effective as of June 10th, 2020:

Categories of personal information collected. The personal information that we may collect, or may have collected from consumers in the preceding twelve months, fall into the following categories established by the California Consumer Privacy Act, depending on how you engage with the Akeyless offerings:

  • Identifiers, such as your name, address, phone numbers, or IP address;
  • personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as a credit card number;
  • commercial information, such as purchase activity;
  • Internet or other electronic network activity information, including content interaction information, such as content downloads details;
  • geolocation data, such as the location of your device or computer
  • audio, visual, electronic or other similar information, including when you communicate with us by phone or otherwise;
  • professional or employment-related information, for example data you may provide about your business;
  • inference data, such as information about your preferences; and

Categories of personal information disclosed for a business purpose. The personal information that we may have disclosed about consumers for a business purpose in the preceding twelve months fall into the following categories established by the California Consumer Privacy Act, depending on how you engage with the Akeyless offerings:

  • personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as a credit card number, for example if we use a third party payment processor;
  • Internet or other electronic network activity information, such as if we use a third party service provider to help us gather reports for analyzing the health of our devices and services;
  • geolocation data, for example if we enable transportation services from a third party in connection with an Akeyless event;
  • audio, visual, electronic or other similar information, for example if a third party service provider reviews recordings of customer support phone calls for quality assurance purposes;

Your Rights. You may have the right under the California Consumer Privacy Act to request information about the collection of your personal information by us, or access to or deletion of your personal information. If you wish to do any of these things, please contact us at [email protected] io (for Akeyless customers) or contact us at the address under Contacts, Notices, and Revisions above (for Akeyless customers and non-customers). Depending on your data choices, certain services may be limited or unavailable.

No sale of personal information. In the preceding twelve months, we have not sold any personal information of consumers, as those terms are defined under the California Consumer Privacy Act.

No Discrimination. We will not discriminate against any consumer for exercising their rights under the California Consumer Privacy Act.

EU

Controller of Personal Information. Akeyless LTD is the data controller of personal information collected or processed through Akeyless offerings. 

Processing. We process your personal information on one or more of the following legal bases:

  • as necessary to enter into a contract with you or a legal entity you represent, to perform our contractual obligations, to provide Akeyless offerings, to respond to requests from you, or to provide customer support;
  • where we have a legitimate interest, as described in this Privacy Policy (see How We Use Personal Information above);
    as necessary to comply with relevant law and legal obligations, including to
  • respond to lawful requests and orders; or
  • with your consent.

Your Rights. Subject to applicable law, you have the right to:

  • ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
  • request that inaccurate personal information is corrected;
  • request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements;
  • request us to restrict the processing of personal information where the processing is inappropriate;
  • object to the processing of personal data;
  • request portability of personal information that you have provided to us (which does not include information derived from the collected information), where the processing of such personal information is based on consent or a contract with you and is carried out by automated means; and 

You can exercise your rights of access, rectification, erasure, restriction, objection, and data portability by contacting us. If you wish to do any of these things and you are an Akeyless customer, please contact us at [email protected] If you are not an Akeyless customer, please contact us at the address under Contacts, Notices, and Revisions above.

When you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.

Transfers outside of the EU. When we transfer your personal information outside the EU we do so in accordance with the terms of this Privacy Policy and applicable data protection law.