Axure's Commitment to GDPR Compliance

Axure is committed to compliance with the European Union’s General Data Protection Regulation (GDPR), effective May 25, 2018. Although the law governs our relationship with only our European clients, our response to it includes changes to our policies effective for all users of our services and visitors to our site. Axure has made the GDPR a priority, and we are and have always been fully aligned with the regulation’s intended result: the protection of your privacy and personal data.

What Axure is doing to ensure compliance

Axure has dedicated significant internal and consulting resources to reviewing our existing processes, agreements with third-party vendors, and IT security policies for the GDPR. Below are examples of company-wide initiatives Axure has undertaken in order to abide by the new regulation:

  • When processing personal data, we will follow the security and privacy measures required under GDPR.
  • In the event of a personal data breach, we will promptly notify regulators as well as our customers and end users
  • Axure staff who access and process personal data have been trained in handling data and maintaining the confidentiality and security of that data.
  • Only essential staff, all located in the US and UK, access and process customer data, and only when necessary to provide services.
  • We will hold our vendors who handle personal data to the same data management, security, and privacy practices to which we hold ourselves.
  • We will periodically review and update our processes and security policies as required by the GDPR.

GDPR Q&A

Does Axure process customer personal data?

Yes. Axure processes customer personal data only as needed to provide products, services, and customer support as identified in our Privacy Policy.

Axure does not collect personally identifiable information for marketing purposes without customers’ consent, and customers may revoke consent at any time. (Axure’s marketing includes a drip email campaign and an email newsletter.) Furthermore, Axure has never sold PII to third parties and is committed to continuing this as a core business practice.

What data does Axure process?

Axure uses data that is found in a typical email signature: name, email address, mailing address, and phone number. Axure also stores avatars for customers who choose to include them in their accounts for the Axure forums, customer portal, and/or Axure Share. IP addresses may also be gathered in server logs but are not matched to other PII.

Where does Axure process and store data?

Axure stores customer data on Amazon Web Services (AWS) servers located exclusively in the US. Our third-party data center meets security regulations and standards with industry-leading physical and environmental controls. Our applications benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations.

All of Axure’s employees are located in the US and the UK and only access the customer data necessary to provide product and customer support.


Third-Party Subprocessors

Third Party Service / Vendor
Purpose
Processing Locations
Website
Amazon Web Services
Data Hosting
Virginia and Oregon (USA)
https://aws.amazon.com
Google Mail and Analytics
Email service provider and web analytics
Google Datacenters (worldwide)
https://www.google.com/about/datacenters/inside/locations/index.html
HubSpot
Email marketing and analytics
AWS US East Region and GCP Frankfurt, Germany Region
https://hubspot.com/
Mailchimp
Email marketing
USA
https://mailchimp.com/
Paypal / Braintree
Payment processing
San Jose, CA and Scottsdale, AZ (USA)
https://www.paypal.com/us/home
WuFoo
Form builder
USA
https://www.wufoo.com/
Vimeo (IAC)
Video hosting
Amazon Web Services
https://vimeo.com/
YouTube
Video hosting
Google Datacenters
https://www.youtube.com
Amplifier
Merchandise Fullfillment
Amazon Web Services US and Austin, TX
https://www.amplifier.com
Microsoft Teams
Customer-initiated project notifications
USA, UK, Ireland, Netherlands, Hong Kong, and Singapore
https://products.office.com/en-us/microsoft-teams/
Slack (Salesforce)
Team collaboration / communication and customer-initiated project notifications
Amazon Web Services US
https://slack.com
FrontApp
Shared Inbox / Helpdesk Software
AWS US West Region 1 (N. California) and US West Region 2 (Oregon)
https://frontapp.com/
Delighted
NPS, customer satisfaction survey, and feedback tool
Amazon Web Services
https://delighted.com/
PostHog
Product analytics tool
AWS US East Region 1 (N. Virginia)
https://posthog.com/

You can sign-up to receive communication if Axure adds or removes Subprocessors. To opt-in to receive such notifications, click here.

More Resources