Last Revised: July 17, 2022
Apiiro Ltd. (“Apiiro”, “our”, “we” or “us”) respects the privacy of its users (“User(s)”, “your” or “you”), and is committed to protecting the information that you share with us in connection with your use of our website, available at: https://apiiro.com (“Website”), our code risk platform solution including all software therein (“Solution”), and through our marketing and advertising activities and any other services we may provide to you from time to time (together with Website and Solution, the “Services“).
IMPORTANT NOTE: where we process Personal Data of or about Customer End-Users, we do so on behalf of and under the instruction of the respective Customer (which Customer may be your employer, or other corporation on behalf of which you perform services, or otherwise are using our Service) Apiiro does so in our capacity as a “data processor” on behalf of such Customer. For more information about our practices as a data processor and the impact on your Personal Data in our possession, please see below.
TO THE EXTENT THAT YOU PROVIDE US WITH ANY PERSONAL DATA RELATED TO ANY THIRD PARTY OR ANY OTHER PERSON OR ENTITY WHICH IS NOT YOU, INCLUDING INFORMATION RELATED TO ANY OF YOUR PERSONNEL, COLLEAGUES OR CUSTOMERS, YOU ARE SOLELY RESPONSIBLE TO RECEIVE AND HEREBY REPRESENT THAT YOU HAVE AND UNDERTAKE THAT YOU SHALL HAVE AT ALL TIMES, MAINTAINED AND RECEIVED, THE CONSENT, AUTHORITY, PERMISSION AND APPROVAL OF SUCH PERSONS OR ENTITY AND PROVIDED THEM WITH SUFFICIENT DISCLOSURES, TO ALLOW APIIRO TO ACCESS, STORE, COLLECT, ANALYZE AND PROCESS SUCH PERSONAL DATA AS DETAILED HEREIN.
In This Policy You Can Read About:
First – What is Personal Data? “Personal Data” is information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. Identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, persistent cookie identifier etc. Personal Data does not include information that has been anonymized or aggregated; provided, that, such information can no longer be used to identify a specific natural person.
In the course of accessing or otherwise using our Services, we receive your Personal Data through the following sources:
Most of the information that we collect when you use or access our Services is not Personal Data, however we collect and process the following types of Personal Data through the following respective methods of collection (as explained above):
Data actively provided by You:
Personal Data we collect automatically when you use our Solution, access our Website and/or receive related services.:
Personal Data collected from social media and other third parties:
We may from time to time ask you for your consent for the collection of other information from you or your device. For instance, we may invite you to allow us to access your contacts to enable us to invite them to use our Services. If we do this or something similar, we will tell you what information we would like to collect, why we need it and what we’ll use it for.
If we combine Personal Data with non-Personal Data, the combined data will be treated as Personal Data. Further Personal Data will only be stored and processed if you voluntarily provide it to us, e.g., through a contact form.
We also analyze and use the Personal Data that we collect on an anonymized or aggregated basis for product development, to analyze the performance of our Services, to troubleshoot and to improve and optimize the Services and to ensure the best User experience for our users as a whole.
We may share your Personal Data with third parties (or otherwise allow them access to it) only in the following manners and instances:
Apiiro welcomes all qualified candidates (“Candidates”) to apply to any of the open positions posted on our Website, Facebook, LinkedIn, by sending us their contact details and CV (“Candidates Information”). We are committed to keep Candidates Information private and use it solely for our internal recruitment purposes (including for identifying Candidates, evaluating their applications, making hiring and employment decisions, and contacting Candidates by phone or in writing).
Please note that Apiiro may retain Candidates Information submitted to it even after the applied position has been filled or closed for a reasonable time period. This is done so we could re-consider Candidates for other positions and opportunities at Apiiro; so, we could use their Candidates Information as reference for future applications submitted by them; and in case the Candidate is hired, for additional employment and business purposes related to their work. If you previously submitted your Candidates Information to Apiiro, and now wish to access it, update it or have it deleted from our systems, please contact us at firstname.lastname@example.org
Information regarding the Users may be maintained, processed, and stored by us and our authorized affiliates and Service Providers in the United States, EU and in Israel. Where Apiiro processes Personal Data on behalf of a Customer (including without limitation, Personal Data of Customer End-Users), such Personal Data will be processed in the locations as permitted and required by the Customer (as further described below).
By providing your Personal Data, you expressly consent to the place of storage and transfer described above, including transfers outside of the jurisdiction in which the information was provided.
We retain the Personal Data we collect or receive from you as needed in order to provide the Services and as otherwise necessary to comply with applicable laws and regulations. If you withdraw your consent to us processing your Personal Data, including by deleting your account, we will delete your Personal Data from our systems (except to the extent such data in whole or in part is required to comply with any applicable rule or regulation and/or to respond to or defend against legal proceeding bought against us or our affiliates), except where we process your information as a Processor on behalf of our Customer (such as your employer of other entity you are affiliated with in connection with the use of our Services in which case data retention is subject to such Customer’s instructions, as further described in Section 12 below. .
We may use certain monitoring and tracking technologies to understand how you use our Services, including ones offered by third party Service Providers. These technologies are used in order to maintain, provide, and improve our Services on an ongoing basis, and in order to provide a better experience to our Users. For example, these technologies enable us to: (i) keep track of and “remember” our Users’ preferences and authenticated sessions, (ii) secure our Services by detecting abnormal behaviors, (iii) identify technical issues and improve the overall performance of our Services, and (iv) create and monitor analytics.
We take great care in implementing and maintaining the security of the Services and of your Personal Data. We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use or disclosure of your Personal Data. Your Personal Data is stored on secure servers and isn’t publicly available. We limit access of your Personal Data only to those employees, third party Service Providers or other partners on a “need to know” basis, and strictly in order to enable us to perform the agreement between you and us.
Despite these measures, Apiiro cannot provide absolute information security or eliminate all risks associated with Personal Data, and security breaches may happen. If there are any questions about security, please contact us at email@example.com
If applicable to you under your country’s jurisdiction, you may have certain rights in connection with your Personal Data and how we handle it. You can exercise your rights at any time by contacting us via any of the methods set out in Section 13 below, and in the event of Users who are Customer End-Users, subject to and as set out in Section 12. Those rights may include, but are not limited to, the following:
To use our Services, Users must be over the age of eighteen (18). Therefore, we do not knowingly collect Personal Data from individuals under the age of eighteen (18) and we do not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that individuals under the age of eighteen are not using the Services. If you believe that we might have any information from or about an individual under the age of eighteen (18), please contact us at firstname.lastname@example.org. In the event that it comes to our attention that a person under the age of eighteen (18) is using the Services, we may prohibit and block such User from using the Services and will make all efforts to promptly delete any Personal Data with respect to such User.
If you are submitting to the Services any Personal Data pertaining to any minor child, you hereby represent and warrant that you have received all the necessary legal consents or approvals or that you are the parent or legal guardian and have the actual authority and legal right to upload, submit, disclose or otherwise share such Personal Data and/or any other form of sensitive information, on the minor’s behalf.
Under various privacy, data protection or similar laws, regulations, or additional legal frameworks, such as the GDPR or the CCPA, two distinguished main roles for parties processing Personal Data typically apply: the “data controller” (or under the CCPA, “business”), who determines the purposes and means of processing; and the “data processor” (or under the CCPA, “Services provider”), who processes such data on behalf of the data controller (or business). Below we provide additional information into how these roles apply to our Services, where such laws and regulations apply.
Apiiro is the “data processor” of personal data contained in Customer End-Users’ Personal Data, as submitted or otherwise provided to us by our Customers and/or Customer End-Users. We process such data on behalf of our Customer (who, in turn, is the “data controller” of such data) and in accordance with its reasonable instructions, and our commercial agreements with such Customer.
Our Customers are solely responsible for determining whether and how they wish to use our Services, and for ensuring that all individuals using the Services on the Customer’s behalf or at their request, as well as all individuals whose personal data may be included in any Personal data processed through the Services, have been provided with adequate notice and given informed consent to the processing of their personal data, where such consent is necessary or advised, and that all legal requirements applicable to the collection, use or other processing of data through our Services are fully met by the Customer. Our Customers are also responsible for handling data subject rights requests under applicable law, by their Customer End-Users and other individuals whose data they process through the Services (and accordingly, if you are a Customer End-User or other individual whose Personal Data was provided to us in connection with Customer’s use of the Services, Apiiro does not provide to you the rights set forth in Section 10 above).
If you would like to make any requests or queries regarding personal data we process as a data processor on our Customer’s behalf, including accessing, correcting, or deleting your data, please contact the Customer and/or an applicable Customer End-User directly.
If you wish to exercise your rights or receive more information regarding our privacy protection practices, please contact us using the details provided below:
Apiiro Ltd. 114 Yigal Alon St. ToHa Tower – floor 27, Tel Aviv 6744320