Privacy Policy

Last Updated: January 2021

This Privacy Policy (“Privacy Policy”), is an integral part of our Terms of Service (“Terms”), and governs the processing and transfer of personal data collected or processed by AKEYLESS Security LTD. (“Company“, “Akeyless”, “we”, “us” or “our”) in connection with Akeyless website, available at: https://www.akeyless.io/ (“Website“), the services available through the Website or otherwise provided by Akeyless (“Services“).

Any capitalized terms not defined herein shall have the meaning ascribed to them in the Terms.

This Privacy Policy explains what data we may collect from you, how such data may be used or shared with others, how we safeguard it and how you may exercise your rights related to your Personal Data (as defined below), among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

In the event you are a California resident and the CCPA applies to you – please also review our CCPA Privacy Notice.

If you do not agree to this Privacy Policy and to the data collection practices, we describe here, we may not be able to properly provide you with the Services. If you have any question to us regarding this Privacy Policy or our data practices, you are welcome to contact us at: [email protected]

APPLICABILITY

This Privacy Policy explains Akeyless’ data collection practices that are applicable toward: (i) any visitor of our website (“Visitor”); and (ii) our registered customers that using out Services and their users (i.e., their employees, their clients and etc.) (“Customer“). Customers and Visitors will be jointly referred to as “user” “you” or “your“.

THE HIGHLIGHTS:

  • You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary.
  • You may not share Personal Data about other people with us which you are not authorized to share or use.
  • You may be entitled under applicable law to request to review, amend, erase or restrict the processing of your Personal Data.
  • If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Privacy Policy, please send us an email to:  [email protected].
  1. INFORMATION PROCESSED BY AKEYLESS

We may collect two types of data and information from you, depending on your interaction with us. The first type of information is non-identifiable and anonymous information (“Non-Personal Data”). We are not aware of the identity of the individual from which we have collected the Non-Personal Data. Non-Personal Data which is being gathered consists of technical information, and may contain, among other things, the type of operating system and type of browser, type of device, your action in the website or Services (such as session duration and page impressions), or approximate geo-location.

The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data”).

For avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.

We are considered as the “Data Controller” of the Personal Data we collect from our Visitors and Customers. With respect to Personal Data we collect regarding our Customers’ end-users we act as a “Data Processor”.

We do not knowingly collect or process any Special Categories of Personal Data, such as constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data” or “Sensitive Data”). Moreover, in connection with Customers’ use of the Services, we do not monitor the data upload to our Services, therefore it is the Customer’s responsibility to ensure that Sensitive Data is not transmitted or uploaded to the Services. In the event you become aware that such data has been uploaded to the Services or collected by us unintentionally through a Survey, please inform us immediately.

Personal Data we collect from Visitors to our Website:

Type of DataPurposes of ProcessingFor EU persons – Legal Basis under the GDPR
Contact Us information: In the event you contact us for question, support or any other inquiries, either through the online form available on the Website (such as, contact us page or support ticket), by sending us an email or by other means of communications we make available, you will be requested to provide us your name and email, your company and free text. In addition, you can choose to add additional information, such as your phone number, your country and free text.    We will use this information solely for the purpose of responding to your inquiries and provide you with the support or information you have requested.   The correspondence will be stored by us in the event we believe it is required, for example, in the event of any claims or in order to provide you with any further assistance.  Your consent. 
Booking a Demo and Taking a Tour In the event you choose to take a tour you will be requested to provide your email address. In the event you choose to book a free demo you will be requested to create an account and provide us with your name, phone number and company email address.    We will use this information for the purpose of providing you the services you have requested.Perform our contract with you.           
Additional features In the event you choose to complete a questionnaire or a feedback, post on Websites, participate in community features or employ notification service you will be required to provide us with additional information.We will use this information for the purpose of providing you the services you have requested.Your consent.  
Career In the event you apply for a job via our website, we will collect your CVs and additional information such as your contact details (name. email address and phone number).  To process your job application and for recruitment purposes.Your consent.            
Newsletter: If you voluntarily subscribe to our newsletter you will be asked to provide us with your email address. You can unsubscribe at any time using the unsubscribe option within the body of the newsletter or rather or by contacting customer support [email protected]  We will use your email address in order to send you information related to our Services and to keep you up to date regarding new Services.Your consent.  
Online Identifier When you interact with our website and Services, we may collect your online identifiers, such as Internet protocol (IP) address.  Note that, while the Online Identifiers are considered personally identifiable information in many jurisdictions (such as the EEA), there are some jurisdictions in which such data sets are not considered as Personal Data. However, we treat the Online Identifiers as Personal Data, in accordance with applicable lawsWe (directly or by third parties service providers as detailed below) may collect our Visitors’ IP. We use this for our legitimate interests of operating, providing, maintaining, protecting, managing, customizing and improving our Website and Services and the way in which we offer them; (ii) enhancing your experience with the Services; and (iii) our legitimate interests of auditing and tracking usage statistics and traffic flow.  Necessity of processing for the purposes of our legitimate interests, and your consent, where required under applicable law.
Technical data: We also collect certain technical Non-Personal Information   which relates to your use of the Website such as: device information, such as device, application, or browser type and version, browser plug-in type and version, operating system, or time zone setting; Services metrics, such as offering usage, occurrences of technical errors, diagnostic reports, your settings preferences, backup information, API calls, and other logs;  the full Uniform Resource Locators (URL) clickstream to, though, and from our website (including date and time) and Services, content you viewed or searched for, page response times, download errors, and page interaction information (such as scrolling, clicks, and mouse-overs);  We use this data in order to maintain, support, improve, protect and manage our website and Services and for Security Proposes such as preventing and detecting fraud and abuse.      Necessity of processing for the purposes of our legitimate interests, and your consent, where required under applicable law.
Authentication and security credential information  We use your personal information to prevent and detect fraud and abuse in order to protect the security of our customers, Akeyless, and others. We may also use scoring methods to assess and manage credit risks.  Necessity of processing for the purposes of our legitimate interests, and your consent, where required under applicable law.

Information We Collect from Customers

Type of DataPurposes of ProcessingFor EU persons – Legal Basis under the GDPR
In order to use our Services (including the free demo) you will be required to register and open an account. During the registration flow you will be requested to provide us with certain information such as your name, company name, email address, physical address, phone number, and other similar contact information. Further, during the registration process you will be required to provide us with the following information: information about your location; information about your organization and your contacts, such as colleagues or people within your organization; usernames, aliases, roles, and other authentication and security credential information; information regarding identity, including government-issued identification information;  corporate and financial information; and VAT numbers and other tax identifiers. As a Customer we will send you email marketing materials regarding the Services you are currently using or any services we may offer in the future (“Direct Marketing”).    To provide the Services to the Customer. To resolve any disputes, communicate with you regarding customer service and support issues, and to respond to questions or comments and help resolve any problems.Performance of a contract with you or in order to take steps at your request prior to entering into a contract. Direct Marketing is subject to our legitimate interest, you may opt-out at any time from certain correspondence.                     
Payment Details: As part of the Services (following the free Demo) you will need to provide us with your payment details including credit card and bank account information  To provide the Services to the Customer, payment directly or via payment service providersPerformance of a contract with you

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on out legitimate interests.

2. HOW WE COLLECT INFORMATION

Depending on the nature of your interaction with the website and Services, we may collect information as follows:

2.1 Automatically – we may use cookies (as elaborated below) or similar tracking technologies to gather some information automatically when you interact with our website.

2.2 Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as through the Services, contact us communications, etc.

3. SHARING PERSONAL DATA

Information about our customers is an important part of our business and we are not in the business of selling our customers’ personal information to others. We share personal information only as described below and with Akeyless’ subsidiaries that Akeyless controls that are either subject to this Privacy Policy or follow practices at least as protective as those described in this Privacy Policy.

  • Transactions Involving Third Parties: We make available to you services, software, and content provided by third parties for use on or through Akeyless Offerings. 
  • Third-Party Service Providers: We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), conducting customer relationship management, and providing training. These third party service providers have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process that information in accordance with this Privacy Policy and as permitted by applicable data protection law.
  • Business Transfers: As we continue to develop our business, we might sell or buy businesses or services. In such transactions, personal information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless, of course, the individual consents otherwise). Also, in the event that Akeyless or substantially all of its assets are acquired, your information will of course be one of the transferred assets.
  • Protection of Us and Others: We release account and other personal information when we believe release is appropriate to comply with the law, enforce or apply our terms and other agreements, or protect the rights, property, or security of Akeyless, our customers, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.

4. COOKIES & TRACKING TECHNOLOGIES

We may use “cookies” (or similar tracking technologies) when you access the Site or interact with the Services we offer. This use is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes. You can find more information about cookies at: https://www.allaboutcookies.org/ and https://cookiepedia.co.uk./.

There are several types of cookies, the three main and common ones are:

  • Essential, Functionality, Operation & Security Cookies – essential for enabling user movement around the Site, for the Site to function properly, and for security purposes. Please note that these cookies either cannot be disabled, or if disabled, certain features of the Services may not work.
  • Analytic, Measurement & Performance Cookies – used to collect information about how users use the Site (clickstream, navigation, time and date of access, etc.) in order to improve our Services and the way we offer them, as well as assessing performance of the content available in the Site.
  • Preference, Targeting & Advertising Cookies – used to advertise across the internet and to display relevant ads tailored to users based on the parts of the Site they have (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage).

The specific cookies (ours and third party’s) we currently use (may differ in each website), purpose of use, their privacy policy and opt-out controls are set forth in the table below:

THIRD PARTY COOKIESPURPOSEPRIVACY POLICY
    Google Analytics    Essential, Functionality, Operation. & Security Cookieswww.google.com/policies/privacy/partners. https://tools.google.com/dlpage/gaoptout/.   For information of our use of Google products, click here.

Cookies Opt-Out

  • Please note that, most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. By following the instructions of your device preferences, and by adjusting the privacy and security settings of your web browser, you may remove cookies, however, if you block or erase cookies some features of the Services may not operate properly and your online experience may be limited.
  • You may also contact us (see our contact details below), and we will make efforts to assist you.

5. USER RIGHTS

We acknowledge that different individuals have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your information. Depending on your relationship with Akeyless (e.g., if you are a Visitor, Customer Participant or even employee), data protection and privacy laws provide you with various rights concerning your Personal Data.

Please review our Privacy Rights Policy regarding your rights under applicable law.

You may exercise any or all of your rights in relation to your Personal Data by filling out the Data Subject Request (“DSR”) form available here, and send it to our DPO at: [email protected]

Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority (in the event you are EEA resident). We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.

6. DATA RETENTION

We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out. We may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.

7. SECURITY

At Akeyless, security is our highest priority. We design our systems with your security and privacy in mind.

  • We maintain compliance programs that validate our security controls. 
  • We protect the security of your information during transmission to or from Akeyless websites, applications, products, or services by using encryption protocols and software.
  • We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.

8. TRANSFER OF DATA

Depending on the scope of your interactions with our Services, your Personal Data may be stored in or accessed from multiple countries, including the United States and the European Union. In the event of data transfer out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data an adequate level of data protection when it is being transferred as required under applicable law.

9. CHILDREN

Our website and Services are intended for the general audience, which is not directed to persons under 16 years old. If a parent or guardian becomes aware that his/her child has provided us with Personal Data without their consent, he/she should contact us immediately.

We do not knowingly collect or solicit Personal Data from people under 16 years old. If we become aware that a person under 16 years old has provided us with Personal Data, we will delete such data from our databases.

If you are a User, please be aware that you may not upload to the Services any data concerning persons under the age of 16, and you may not send emails to Participants who are under 16 years old.  Doing any of the above constitutes an infringement of our Terms and may result in the suspension or Termination of the user’s Account. 

10. CHANGES AND UPDATES

The terms of this Privacy Policy will govern the use of the website, the Services and any information collected therein. Akeyless reserves the right to change this Privacy Policy at any time, so please re-visit this page frequently. In the event of any substantial change of this policy, we will make reasonable efforts to post a clear notice on the w website. Such substantial changes will take effect seven (7) days after such notice was provided on the Akeyless Services or sent by email. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of the Services after the Last Updated date will constitute acceptance of, and agreement to be bound by, those changes.

11. CONTACT US

If you have any questions or concerns regarding privacy issues, or if you wish to be provided with any other information related to our privacy practices, please contact us at:

[email protected]

or at:

Akeyless Security LTD, 94 Igaal Alon st., Alon Tower 2, Tel Aviv, Israel  6789140

Related Resources

Terms of Service

Data Processing Agreement

User Rights Policy

CCPA Privacy Notice