Privacy Policy
Last updated: May 15, 2025 · Effective: May 15, 2025
Overview
Axon Networks, Inc. ("Axon," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website (axonnetworks.io) and our infrastructure platform services (collectively, the "Services").
We are the data controller for information collected via our marketing website and account registration. For data processed through the Axon Fabric platform on behalf of our customers, we act as a data processor under our customers' instructions.
Information We Collect
Information you provide directly
- Account information: name, email address, company name, job title, and password when you register for an account.
- Payment information: billing address and payment card details (processed by Stripe — we do not store raw card numbers).
- Communications: messages you send via our contact form, support tickets, or email.
- Usage preferences: notification settings, dashboard configurations, and API access settings.
Information collected automatically
- Log data: IP address, browser type, pages visited, timestamps, referring URLs, and HTTP request metadata.
- Device data: device identifiers, operating system, and browser version.
- Cookie and tracking data: see the Cookies section below.
- Platform telemetry: API request volumes, error rates, latency metrics, and feature usage patterns (aggregated and anonymised where possible).
Information from third parties
We may receive information about you from third-party sources such as identity providers (GitHub, Google OAuth), payment processors (Stripe), and analytics partners, which we combine with data we already hold.
How We Use Your Information
We use the information we collect to:
- Provide, operate, and improve the Axon platform and Services.
- Process transactions and send related billing communications.
- Respond to your inquiries, support requests, and feedback.
- Send service notifications, security alerts, and account-related emails.
- With your consent, send marketing communications about Axon products.
- Detect, investigate, and prevent fraudulent transactions and security incidents.
- Comply with legal obligations, resolve disputes, and enforce our agreements.
- Conduct analytics and research to improve our Services.
Our legal bases for processing under GDPR are: contract performance (account and service delivery), legitimate interests (security, fraud prevention, product improvement), consent (marketing), and legal obligation.
Data Sharing and Disclosure
We do not sell your personal information. We may share data with:
- Service providers: trusted vendors who help us operate (Stripe for payments, AWS for infrastructure, Datadog for internal monitoring). All bound by data processing agreements.
- Legal requirements: when required by applicable law, court order, or government authority, after careful legal review.
- Business transfers: in the event of a merger, acquisition, or sale of assets, with advance notice to affected users.
- With your consent: for any other purpose with your explicit prior consent.
Data Retention
We retain personal data for as long as your account is active or as needed to provide Services. You may request deletion at any time (see Your Rights). After account closure:
- Account data is deleted within 30 days.
- Billing records are retained for 7 years (tax and accounting obligations).
- Security and audit logs are retained for 13 months.
- Platform telemetry (aggregated, non-personal) may be retained indefinitely.
Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: request a copy of the personal data we hold about you.
- Correction: request correction of inaccurate or incomplete data.
- Deletion: request deletion of your personal data ("right to be forgotten").
- Portability: receive your data in a structured, machine-readable format.
- Objection: object to processing based on legitimate interests.
- Restriction: request restriction of processing in certain circumstances.
- Withdraw consent: where processing is based on consent, withdraw it at any time.
To exercise any of these rights, email privacy@axonnetworks.io. We will respond within 30 days.
Cookie Policy
We use cookies and similar tracking technologies on our website. Categories:
- Strictly necessary: authentication session tokens and CSRF protection. Cannot be disabled.
- Functional: your dashboard preferences and UI settings. Enabled by default.
- Analytics: aggregated usage statistics via Plausible Analytics (privacy-preserving, no cross-site tracking). Enabled by default; opt-out available.
- Marketing: conversion tracking. Only activated with explicit consent.
You can manage cookie preferences via our consent banner or by contacting us. For browser-level control, see your browser's privacy settings.
Security
We implement industry-standard technical and organizational measures to protect your personal data, including TLS encryption in transit, AES-256 encryption at rest, role-based access control, and annual penetration testing. Despite these measures, no system is completely secure. In the event of a data breach affecting your rights, we will notify you within 72 hours as required by applicable law.
Data Processing Agreement (GDPR)
For customers subject to GDPR who use Axon as a data processor, a Data Processing Agreement (DPA) is available upon request. The DPA incorporates the EU Standard Contractual Clauses (SCCs) for transfers outside the European Economic Area. To request a DPA, email privacy@axonnetworks.io or contact your account manager.
Axon's EU representative for GDPR purposes: Axon Networks B.V., Herengracht 420, 1017 BZ Amsterdam, Netherlands.
Contact Us
For privacy-related questions, requests, or complaints:
- Email: privacy@axonnetworks.io
- Post: Axon Networks, Inc., Attn: Privacy Team, 1 Market Street Suite 800, San Francisco, CA 94105
If you are in the EU/EEA and are unsatisfied with our response, you have the right to lodge a complaint with your local supervisory authority (e.g., the Dutch Autoriteit Persoonsgegevens).
Related: Terms of Service · Security overview · Contact us