Axure is committed to compliance with the European Union’s General Data Protection Regulation (GDPR), effective May 25, 2018. Although the law governs our relationship with only our European clients, our response to it includes changes to our policies effective for all users of our services and visitors to our site. Axure has made the GDPR a priority, and we are and have always been fully aligned with the regulation’s intended result: the protection of your privacy and personal data.
Axure has dedicated significant internal and consulting resources to reviewing our existing processes, agreements with third-party vendors, and IT security policies for the GDPR. Below are examples of company-wide initiatives Axure has undertaken in order to abide by the new regulation:
Does Axure process customer personal data?
Yes. Axure processes customer personal data only as needed to provide products, services, and customer support as identified in our Privacy Policy.
Axure does not collect personally identifiable information for marketing purposes without customers’ consent, and customers may revoke consent at any time. (Axure’s marketing includes a drip email campaign and an email newsletter.) Furthermore, Axure has never sold PII to third parties and is committed to continuing this as a core business practice.
What data does Axure process?
Axure uses data that is found in a typical email signature: name, email address, mailing address, and phone number. Axure also stores avatars for customers who choose to include them in their accounts for the Axure forums, customer portal, and/or Axure Share. IP addresses may also be gathered in server logs but are not matched to other PII.
Where does Axure process and store data?
Axure stores customer data on Amazon Web Services (AWS) servers located exclusively in the US. Our third-party data center meets security regulations and standards with industry-leading physical and environmental controls. Our applications benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations.
All of Axure’s employees are located in the US and the UK and only access the customer data necessary to provide product and customer support.
Third Party Service / Vendor | Purpose | Processing Locations | Website |
---|---|---|---|
Amazon Web Services | Data Hosting | Virginia and Oregon (USA) | https://aws.amazon.com |
Google Mail and Analytics | Email service provider and web analytics | Google Datacenters (worldwide) | https://www.google.com/about/datacenters/inside/locations/index.html |
HubSpot | Email marketing and analytics | AWS US East Region and GCP Frankfurt, Germany Region | https://hubspot.com/ |
Mailchimp | Email marketing | USA | https://mailchimp.com/ |
Paypal / Braintree | Payment processing | San Jose, CA and Scottsdale, AZ (USA) | https://www.paypal.com/us/home |
WuFoo | Form builder | USA | https://www.wufoo.com/ |
Vimeo (IAC) | Video hosting | Amazon Web Services | https://vimeo.com/ |
YouTube | Video hosting | Google Datacenters | https://www.youtube.com |
Amplifier | Merchandise Fullfillment | Amazon Web Services US and Austin, TX | https://www.amplifier.com |
Microsoft Teams | Customer-initiated project notifications | USA, UK, Ireland, Netherlands, Hong Kong, and Singapore | https://products.office.com/en-us/microsoft-teams/ |
Slack (Salesforce) | Team collaboration / communication and customer-initiated project notifications | Amazon Web Services US | https://slack.com |
FrontApp | Shared Inbox / Helpdesk Software | AWS US West Region 1 (N. California) and US West Region 2 (Oregon) | https://frontapp.com/ |
Delighted | NPS, customer satisfaction survey, and feedback tool | Amazon Web Services | https://delighted.com/ |
Posthog | Product analytics tool | AWS US East Region 1 (N. Virginia) | https://www.posthog.com/ |
You can sign-up to receive communication if Axure adds or removes Subprocessors. To opt-in to receive such notifications, click here.