Frequently Asked Questions

Privacy & Data Protection

What types of personal data does Akeyless collect and process?

Akeyless collects two main types of data: Non-Personal Data (such as device information, browser type, operating system, and usage statistics) and Personal Data (such as online identifiers, contact information, account details, telemetry data, and device data). The specific data collected depends on your interaction with the website and services. For a detailed breakdown, see Section 4 of the Privacy Policy.

How does Akeyless use cookies and tracking technologies?

Akeyless uses cookies and similar tracking technologies to enable website functionality, security, analytics, and targeted advertising. You can manage your cookie preferences or opt out of tracking via the Cookie Declaration page.

What privacy rights do I have as an Akeyless user?

Depending on your jurisdiction, you have rights such as access, correction, deletion, portability, and the ability to opt out of direct marketing, targeted advertising, and profiling. You can exercise these rights by submitting a Data Subject Request (DSR) form available here. For California and other US state residents, additional rights and instructions are detailed in the CCPA Privacy Notice and Section 13 of the Privacy Policy.

How does Akeyless handle data transfers across borders?

Akeyless may transfer personal data internationally to support its global operations. Transfers from the EU and UK are protected by standard contractual clauses and the EU-U.S. Data Privacy Framework Principles. For more details, see Section 10 of the Privacy Policy and the Data Privacy Framework Statement.

How can I contact Akeyless about privacy concerns or exercise my rights?

You can contact Akeyless's Data Protection Officer at [email protected]. EU and UK residents may also contact the Prighter Group via this link to exercise privacy rights. For more information, see Section 2 of the Privacy Policy.

Security & Compliance

What security measures does Akeyless implement to protect personal data?

Akeyless employs physical, technical, and administrative security measures, including encryption protocols, compliance programs, and adherence to industry standards such as PCI DSS. The platform uses patented encryption technologies to secure data in transit and at rest. For more details, see the Information Security Policy and Trust Center.

What compliance certifications does Akeyless hold?

Akeyless is certified for ISO 27001, FIPS 140-2, CSA STAR, PCI DSS, and SOC 2 Type II. These certifications demonstrate Akeyless's commitment to security and regulatory compliance. For more, visit the Trust Center.

How does Akeyless support audit readiness and regulatory compliance?

Akeyless provides audit and reporting tools that track every secret, ensuring organizations are prepared for regulatory audits. The platform's adherence to standards like ISO 27001, SOC 2, PCI DSS, and GDPR supports compliance across regulated industries. Learn more at the Trust Center.

Features & Capabilities

What are the key features of the Akeyless platform?

Akeyless offers Vaultless Architecture, Universal Identity (solving the Secret Zero Problem), Zero Trust Access, Automated Credential Rotation, centralized secrets management, and out-of-the-box integrations with tools like AWS IAM, Azure AD, Jenkins, and Kubernetes. The platform is cloud-native and supports hybrid and multi-cloud environments. For a full overview, visit the Product Tour.

Does Akeyless provide an API for integration?

Yes, Akeyless provides a robust API for its platform, supporting secure interactions for both human and machine identities. API documentation is available at docs.akeyless.io/docs, and API Keys are supported for authentication.

Where can I find technical documentation and resources for Akeyless?

Akeyless offers comprehensive technical documentation, including platform overviews, password management, Kubernetes secrets management, AWS integration, PKI-as-a-Service, and more. Access these resources at docs.akeyless.io and tutorials.akeyless.io/docs.

Support & Implementation

How long does it take to implement Akeyless, and how easy is it to get started?

Akeyless can be deployed in just a few days due to its SaaS-native architecture, requiring no infrastructure management. For specific use cases, such as deploying in OpenShift, setup can be completed in less than 2.5 minutes. Self-guided product tours, platform demos, tutorials, and 24/7 support are available to help users get started quickly. Learn more at the Product Tour and Platform Demo pages.

What customer support and training resources are available?

Akeyless provides 24/7 customer support via ticket submission (submit a ticket), email ([email protected]), and Slack channel (Slack Support). Training resources include self-guided product tours, platform demos, tutorials, and extensive technical documentation. For unresolved issues, an escalation procedure is available via [email protected].

How does Akeyless handle maintenance, upgrades, and troubleshooting?

Akeyless offers proactive assistance for upgrades and maintenance, ensuring the platform remains up-to-date and secure. Customers have access to 24/7 support, technical documentation, and tutorials for troubleshooting. The support team actively helps minimize downtime and operational disruptions. More details are available at the Resources page.

Use Cases & Benefits

Who can benefit from using Akeyless?

Akeyless is designed for IT security professionals, DevOps engineers, compliance officers, and platform engineers across industries such as technology, finance, retail, manufacturing, and cloud infrastructure. Notable customers include Wix, Dropbox, Constant Contact, Cimpress, and Progress Chef. For more details, visit the About Us page.

What business impact can customers expect from using Akeyless?

Customers can expect enhanced security, operational efficiency, cost savings (up to 70% reduction in maintenance and provisioning time), scalability for multi-cloud environments, and improved employee productivity. These benefits are supported by customer success stories from companies like Progress, Constant Contact, Cimpress, and Wix. See case studies here.

What pain points does Akeyless address for its customers?

Akeyless addresses challenges such as the Secret Zero Problem, legacy secrets management inefficiencies, secrets sprawl, excessive standing privileges, high operational costs, and integration complexity. The platform's features—like Universal Identity, Zero Trust Access, and automated credential rotation—help organizations overcome these issues. Learn more at the Case Studies page.

Can you share specific case studies or customer success stories?

Yes, Akeyless has published case studies and video testimonials from customers such as Constant Contact, Cimpress, Progress, and Wix. These stories highlight benefits like scalability, security, operational efficiency, and cost savings. Explore case studies here and video testimonials here.

Competition & Comparison

How does Akeyless compare to HashiCorp Vault?

Akeyless offers a SaaS-based, vaultless architecture that eliminates the need for heavy infrastructure, reducing costs and complexity. It provides advanced security features like Universal Identity and Zero Trust Access, and supports hybrid and multi-cloud environments. HashiCorp Vault is self-hosted and requires more operational overhead. For a detailed comparison, visit Akeyless vs HashiCorp Vault.

How does Akeyless compare to AWS Secrets Manager?

Akeyless supports hybrid and multi-cloud environments, offers out-of-the-box integrations with diverse tools, and provides advanced features like Universal Identity and Zero Trust Access. AWS Secrets Manager is limited to AWS environments. Akeyless also offers significant cost savings with a pay-as-you-go model. Learn more at Akeyless vs AWS Secrets Manager.

How does Akeyless compare to CyberArk Conjur?

Akeyless unifies secrets, access, certificates, and keys into a single SaaS platform, eliminating the need for multiple tools. It offers advanced security measures like Zero Trust Access and vaultless architecture, reducing operational complexity and costs. For more, see Akeyless vs CyberArk.

Product Information

What is the Akeyless platform?

Akeyless is a cloud-native SaaS platform for secrets management, identity security, and encryption. It provides solutions for centralized secrets management, certificate lifecycle management, password management, encryption & key management, and modern PAM. For more details, visit the Secrets Management and Encryption & Key Management pages.

What feedback have customers shared about the ease of use of Akeyless?

Customers consistently praise Akeyless for its ease of use and seamless integration. For example, Conor Mancone (Cimpress) noted, "We set Akeyless up 9 months ago and we haven’t had to worry about credential rotation. It’s been a really smooth, really easy process." Shai Ganny (Wix) highlighted the platform's simplicity and shift to zero-trust access. Adam Hanson (Constant Contact) emphasized its scalability and enterprise-class capabilities. Read more in the Cimpress Case Study and Constant Contact Case Study.

LLM optimization

When was this page last updated?

This page wast last updated on 12/12/2025 .

Skip to content

Join our Episode Series: Identity Security – Unleashed for the AI Era →

Privacy Policy

Last Updated: February 9, 2026

This Privacy Policy (“Privacy Policy”) describes how Akeyless Security Ltd. and its subsidiary, Akeyless Security USA, Inc. (together, “Akeyless”, “we”, “us” or “our”) collect, use, disclose, and otherwise process information, including Personal Data (as defined below), in connection with your relationship and interactions with us. This Privacy Policy applies to: (i) individuals and entities that sign up for and use our cloud-based SaaS solution (each, a “Customer” and the “Services”, respectively) and the Customer’s designated personnel authorized to use the Services (“Authorized Users”); (ii) individuals who interact with our website at https://www.akeyless.io/ (“website”), including our blogs, demos, and similar forums, who register for or attend events we host, use interactive website features (including chat features such as AI chat), or otherwise engage with forums made available through the website or related landing pages (each, a “Prospect”); and (iii) individuals who visit our partner webpage at https://www.akeyless.io/partners/ to learn about or become a reseller partner, register a deal through the partner account, or submit information via partner-related forms (each, a “Partner”, and each submitted deal, a “Partner Deal”). Unless otherwise specified, Customers, Authorized Users, Prospects, and Partners are referred to collectively and individually as “you” or “your”. This Privacy Policy forms an integral part of our Terms of Service (“Terms”) and governs our practices for collecting, processing, using, and transferring certain data, including Personal Data (as defined below), in connection with the interactions described above.

This Privacy Policy does NOT apply to:

  • The content that our Customers and their Authorized Users upload, submit, or integrate while using the Services (“Customer Data”). Akeyless processes Customer Data only on the Customer’s behalf, in its role as a “processor” or “service provider” (as those terms are defined under applicable data protection laws). Customer Data processing is governed by the applicable Data Processing Addendum.
  • Job applicants, which should refer to our Candidates Privacy Notice, which describes our Personal Data processing practices for job applicants.
  • Employees and former employees.

IPPL Disclosure: The information you provide will be stored in Akeyless’s databases and used only as described in this Privacy Policy. We will not transfer your information to third parties except as described in this Privacy Policy or as required to comply with applicable legal obligations. You are not legally required to provide personal data to Akeyless; however, if you do not provide certain Personal Data, we may be unable to provide certain services or respond to your inquiries. You have the right to review and request correction of your information in accordance with the Protection of Privacy Law, 5741-1981 (Israel).

CCPA Notice: https://www.akeyless.io/ccpa-privacy-notice/

US State Privacy Specifications: See Section 13.

DPF Statement: https://www.akeyless.io/data-privacy-framework/ Any capitalized terms used but not defined in this Privacy Policy have the meanings given to them in the Terms.

1. POLICY AMENDMENTS 

We reserve the right to amend this Privacy Policy from time to time, at our sole discretion. The most recent version of this Privacy Policy will always be posted on the website and the update date will be reflected in the “Last Updated” heading. We will provide notice to you if these changes are material, and, where required by applicable law, we will obtain your consent. Any amendments to the Privacy Policy will become effective immediately, unless we notify otherwise. We recommend you review this Privacy Policy periodically to ensure that you understand our most updated privacy practices.

2. CONTACT INFORMATION AND DATA CONTROLLER INFORMATION

Akeyless Security Ltd. is incorporated under the laws of the State of Israel and acts as the data controller (as defined in the EU General Data Protection Regulation (“GDPR”) and/or other applicable privacy laws) for the Personal Data we collect from you. This means we determine the purposes and means of processing the Personal Data described in this Privacy Policy.

If you have any questions, requests, or concerns about this Privacy Policy or how we process your Personal Data, please contact us using the details below. 

  • Data Protection Officer Contact Information
    By email:  [email protected] 
    By mail: Ze’ev Jabotinsky St. 7, 33rd Floor, Ramat Gan, Israel 5252007
  • Representative for Data Subjects in the EU and UK Contact Information
    We value your privacy and your rights as a data subject. Accordingly, we have appointed Prighter Group, togetherwith its local partners, as our EU and UK privacy representative and your point of contact. Prighter provides an easy way to exercise your privacy-related rights (for example, requests to access or erase Personal Data). To contact us via our representative or to submit a request, please visit: https://prighter.com/q/19968914192 

3. TYPES OF DATA WE COLLECT

We may collect the following types of information, depending on how you interact with us. 

  • Non-Personal Data. The first type of information is non-identifiable, anonymous, or aggregated information (“Non-Personal Data”), meaning information that does not identify you and that we cannot reasonably use to identify you. Non-Personal Data may include technical and usage information about your device, browser, and activity (for example, device and browser type, operating system, pages viewed, interactions with the website, and the frequency and scope of such interactions), to the extent such information is collected on an aggregated basis or is not otherwise combined with identifiers. We may also process Personal Data so that it becomes Non-Personal Data (for example, by anonymizing or aggregating it). We may use Non-Personal Data for any lawful purpose. Where applicable law refers to “de-identified” data, we will take reasonable measures to ensure such information cannot be associated with an individual, household, or device, and we will not attempt to re-identify it. 
  • Personal Data. The second type of information is individually identifiable information (“Personal Data”), meaning information that identifies you or that may, with reasonable effort, be used to identify you. 

For the avoidance of doubt, any Non-Personal Data connected or linked to Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.

4. PERSONAL DATA SETS WE PROCESS & PURPOSE OF COLLECTION AND USE

The table below details the types of Personal Data we process, the purpose and our processing operations, and the lawful basis for such processing (subject to GDPR, if applicable):

PERSONAL DATA SETPURPOSE AND OPERATIONSLAWFUL BASIS
PROSPECTS
We process your information for marketing and sales purposes, including to identify and engage leads and prospective customers through our digital assets, analyze how our website and other digital properties are used, perform analytics and reporting, collect and evaluate feedback, identify usage trends, measure the effectiveness of our marketing campaigns, and improve our marketing and sales activities. This may include processing the following categories of data:
Analytics, Profiling & Telemetry Data:  
When you interact with our website, landing pages, our blog, and other content published by us, we collect online identifiers, such as IP address, Cookie ID, and unique identifiers (“Online Identifiers”). These Online Identifiers may be used to derive additional details, such as your approximate geographic location (for example, your country or ZIP code). Additional information is automatically collected regarding your browsing data and interests, including the pages you viewed, actions conducted on such webpages and digital assets, clickstream data, access time stamp, referrals, telemetry data, browser type, device type, etc. (collectively “Tracking Data”). Tracking Data is collected automatically by our third-party service providers as detailed below.		We use Online Identifiers and Tracking Data for the following purposes:
1. To operate our website and ensure its proper functionality (for example, to remember your preferences and recognize you when you return to the website);
2. To maintain security and prevent fraud (for example, to help verify that interactions are conducted by a legitimate user); 
3. To debug and resolve technical issues;
4. To understand your preferences and improve, personalize and develop our website, offerings, and marketing communications;
5. To measure and improve the effectiveness of our marketing campaigns, including by  tracking  conversions, building  audiences for advertising, and marketing our Services to individuals who have interacted with the website.  

We may use third-party service providers to display advertisements for our Services on other websites to prospective customers who have shown interest in our Services (for example, by visiting our website). Information collected for these purposes may also be combined with other information we hold and shared with AI-enabled sales and marketing tools to analyze interest and engagement and to optimize our marketing and sales activities.		Online Identifiers collected through strictly necessary cookies that are required for the basic operation of the website are processed based on our legitimate interest.   

Tracking Data is processed subject to your explicit consent provided through the cookie banner placed on the website.  

You can withdraw consent at any time by using the cookie preference settings available at: https://www.akeyless.io/cookie-declaration/ 
Website Engagement Data & Sales Activity Data:

We use tools on our website which provide us with information and insights regarding your website interactions, such as business intelligence tools that may identify your business organization’s IP, referring URL (i.e., the webpage or advertising campaign that directed you to our website), and other similar business websites you visited during your session (“Website Engagement Data”). If Website Engagement Data is associated with an Online Identifier, we process it as Personal Data in accordance with our privacy practices.

We use marketing tools that may combine the Website Engagement Data with additional activities, such as emails sent and received, calls conducted and recorded, call transcripts and insights on such calls and meetings, marketing campaigns, notes, pipeline status, lead sources, and onboarding progress (“Sales Activity Data”).		We use Website Engagement Data & Sales Activity Data for the following purposes:

1. To support and enhance our go-to-market services;
2. To maintain and improve relationships with Prospects by tracking interactions and engagement;
3. To analyze and optimize sales and marketing strategies, campaigns, and performance;
4. To generate reports and insights that inform business decisions and strategy;
5. To facilitate and manage communications and meetings with Prospects;
6. To measure the effectiveness of marketing campaigns we run in order to track conversions, build targeted audiences, and market our Services to people who have taken some action on our website.		Website Engagement Data  collected through third-party tracking technologies will be processed based on your consent, which we will obtain through our cookie notice and consent management.

You may withdraw consent at any time by using the cookie preference settings: https://www.akeyless.io/cookie-declaration/, or by managing opt-out through your browser or device. Processing your Sales Activity Data for marketing purposes is subject to our legitimate interest.  
Contact Information:

If you voluntarily contact us, we may collect certain information from you. This includes when you submit an inquiry, request support, register for our newsletter, webinar, demo, or other event, register a Partner Deal, provide feedback, respond to a survey, or otherwise communicate with us.  

You may contact us through our online form available on the website, the Partner’s Deal registration form, by email or through any  other communication methods we make available.  

Depending on your interaction with us, the information we collect may include your name, job title, company name, email address, and phone number, as applicable (“Contact Information”).		We use Contact Information for the following purposes:
1. To provide the support you requested or to respond to your inquiries. Our correspondence with you, and its contents, may be processed and stored to improve our customer service and, where we believe continued retention is necessary, for example, in connection with potential claims or to provide further assistance (as applicable);
2. If you registered to receive our newsletter or to attend a webinar, we will use your Contact Information to provide you with the requested communications;
3. We may use your email address to send you service-related communications and marketing promotions, such as information about new features, additional offerings, special opportunities or other information we think you will find valuable (“Direct Marketing”);
4. We will further use your email address, if applicable, under our suppression list, when you request to opt-out to ensure we comply with such preference and choice.		We process Contact Information based on our legitimate interest when you register for events, webinars, etc., in order to provide a seamless webinar experience, including by sending confirmations and reminders.   

If you register to receive our newsletter, provide feedback or respond to a survey, we process your Contact Information based on your consent. You may withdraw your consent at any time using the “unsubscribe” option within the body of the message.  

If you are contacting us on behalf of another person, we value your assistance and care for others, please note that it is your responsibility to make sure that any person whose Personal Data you provide is aware of the principles described in this Privacy Policy and agrees that you may provide their Personal Data to us on this basis.  
Communications Data:

Any communication between us – whether by email, phone, Zoom, Chat AI, Slack, or other channels – may be processed, recorded and stored, summarized and transmitted.  		We use Communication Data for the following purposes:
1. To develop, maintain, and improve the quality and effectiveness of our sales activities;
2. To train our personnel and our AI-enabled agents and tools (for example, in connection with recorded or monitored phone calls or Zoom calls);
3. To train and improve our marketing teams and activities;
4. To review and analyze communications with you for quality assurance, training, and compliance purposes, including to maintain appropriate records in the event of a claim or to provide further assistance (as applicable).		We process Communication Data based on our legitimate interest in improving our customer service and training our staff.  

Where required by applicable law, we will record calls only after providing notice and/or obtaining your consent. If call recording is based on your consent, you may withdraw that consent at any time during or after the call.
AI Tools – Chatbot:
We use AI powered chat placed on the website (“Chat AI”) which generates automated responses to Prospects’ inquiries.

Akeyless is not responsible for any content uploaded to the Chat AI (“Prompts”).

The Outputs are provided based on the Prompts and are meant to be used solely for convenience, operations, and informational purposes only and do not constitute advice or recommendations.		We use the information provided through Chat AI for the following purposes:
1. To provide the services, information, and support you request;
2. To communicate with you and to operate, maintain, and improve our website and Services.		We process the information you provide through the Chat AI to respond to your inquiries based on our legitimate interest.
CUSTOMERS, AUTHORIZED USERS, PARTNERS
We process your information for our legitimate business purposes, including to provide and administer the Services, operate and secure the platform, validate and authenticate users, provide customer support, conduct customer surveys, perform data analytics and audits, collect and evaluate feedback, identify usage trends, measure the effectiveness of our marketing campaigns, and evaluate and improve our products, services, marketing, and customer relationships.
Customer and Authorized Users’ Account Details:
In order to use our Services, (including the free trial services) you will be required to register and create an account. During the registration process you will be requested to provide us with your Contact Information (as defined above) and, where applicable,  additional details such as information about the company you represent, billing and payment information, and other account-related details (collectively “Registration Information”).   Customers may also register through your GitHub or Google account, which may share certain information about you. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting it to the Services.		We use the Registration Information  for the following purposes:
1. To create and administer your account;
2. To manage your account, including billing, payments, and invoices;
3. To provide, maintain, and support the Services;
4. To send you Direct Marketing (as defined above), service-related communications, and other operational emails.		We process Registration Information   to fulfill our contractual obligations to you, all as agreed in the terms of use, EULA or other agreement governing your use of the Service. 

Processing of your Registration Information   for Direct Marketing purposes is made subject to our legitimate interest. You can opt-out at any time using the “unsubscribe” option within the email. Please note that if you choose to unsubscribe from our direct marketing, we will still retain your contact details and send you service-related emails, such as invoices.  
Service Usage Data:   When you use our Services or access your account, we automatically generated and collect Online Identifiers, access logs, duration of use, click stream, session recording, Services use, errors or bugs, crash data and analytics, login data, how you interact with the Services and platform (“Service sage Data”).We use Service Usage Data for the following purposes:
1. To understand how you use our Services and to operate, maintain, improve, and develop our Services, including by evaluating our operations and designing new products, features, and technologies;
2. To troubleshoot and resolve technical issues you may encounter;
3. To respond to your requests for assistance and support;
4. To analyze errors and crash reports; and
5. To repair and restore the Services.		We process Service Usage Data subject to our legitimate interest.
Customer Support Communications:  

We collect and retain customer support communications, support tickets, and related correspondence, including Contact Information and records of our interactions with you. These records may include email communications, chat transcripts, call recordings, and communications via Chat AI and our customer support/customer success AI agents. Support may be provided by our personnel and/or through automated tools, including bots and AI-enabled technologies.		We use Customer Support Communications for the following purposes:
1. To provide the customer support you request and to maintain appropriate records of the support provided;
2. To improve the quality of our Services, train our staff (including in connection with recorded or monitored calls), and maintain information security;
3. To review, analyze, and store our correspondence with you, its contents, and any call recordings for quality assurance, training, and compliance purposes, including in connection with potential claims or to provide further assistance (as applicable);
4. To maintain internal records where necessary to evidence the support provided or to address any potential, actual, or threatened claim, dispute, or complaint; and
5. To train, validate, and improve our AI-enabled support tools (including our AI agent and Chat AI), for example by using call recordings, transcripts, and other information provided through these communications to enhance customer support.		Customer support communications are processed as necessary to perform our contract with you.   Processing of information exchanged with our customer support for internal recordkeeping and service improvement is based on our legitimate interest.  

Where required by applicable law, call recordings are processed based on your consent. You have the right to withdraw consent at any time.
Telemetry Data and Device Data:  

When you use the Services or access your account, we automatically collect, generate, and process information about your use of the Services. This may include information about how you interact with the Services (for example, clickstream data within the Services, features used, and session duration), access and activity logs (which may include identifiers such as your email address and username), and technical diagnostics such as crash reports and analytics (collectively, “Telemetry Data”). We also collect information about the computer, mobile device, or other device you use to access the Services, such as device type and settings, operating system, browser type, and network information (collectively, “Device Data”).		We use Telemetry Data and Device Data for the following purposes:
1. To understand how the Services are used and to operate, maintain, enhance, and improve the Services;
2. To troubleshoot and debug, identify usage trends and activity patterns, and identify opportunities for integrations and product improvements;
3. To analyze our operations and support planning, innovation, and the development of new products, features, and technologies;
4. To resolve technical issues you may encounter, respond to support requests, analyze crash and error information, and repair and restore the Services.  		We process Telemetry Data and Device Data subject to our legitimate interest.

Please note that the actual processing operation for each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of Personal Data to third-party countries, as further detailed in Section 10 below “Data Transfer”, is based on the same lawful basis as stipulated in the table above. 

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, EULA or other agreement, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests. 

We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services provided through the website and Services, as detailed above. 

Note however, we will not use your Personal Data for any purpose that is materially different from the purposes for which the information was originally collected as detailed in the table above or subsequently authorized by you or required by applicable law.

5. HOW WE COLLECT PERSONAL DATA

Depending on the nature of your interaction with the website and Services, we may collect information as follows:

  • Information you provide us directly – for example, when you register and create an account or correspond with us. 
  • Information we receive from third parties – for example, through Partners (as defined above), or data enrichment partners and business intelligence providers,  or if you access the Services through a third-party connection or log-in, such as your GitHub or Google account, such third party may pass certain information about your use of their service to us. 
  • Information we receive automatically – we will collect your Online Identifiers, Service Usage Data and Telemetry Data, including analytics data (or use third-party measurement and marketing tools). For more information on the cookies we use and how to opt out of third-party collection of this information, please see Section 6 below “Cookies & Tracking Technologies”.

6. COOKIES & TRACKING TECHNOLOGIES

We use “cookies” (or similar tracking technologies) when you access or interact with the Services or the website. The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, for statistical purposes, as well as for advertising purposes. You can find more information about our use of cookies, as well as change your settings and preferences, as detailed under cookie declaration

Most browsers will allow you to erase cookies from your device, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser.

7. SHARING PERSONAL DATA 

We share your Personal Data with third parties, including our Partners or service providers that help us provide our Services. You can find in the table below information about the categories of such third-party recipients. 

CATEGORY OF RECIPIENTDATA THAT WILL BE SHAREDPURPOSE OF SHARING
Service providers All types of Personal Data We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes, conducting customer relationship management, and providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services. 
Marketing partnersOnline Identifiers, Service Usage Data, Telemetry Data, Device DataWe engage with marketing partners and share Personal Data to market and promote our Services, including for targeted ads. These may include social media partners or other marketing services operators, including by way of placing their cookies or other tracking technologies on our website. These marketing partners may combine your Personal Data with other data they collect independently from you through other websites you visit online.
Any acquirer of our businessAll types of Personal DataWe may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy. 
Affiliated companyAll types of Personal DataWe may share certain information with our affiliated company, for sales and marketing purposes. 
Law enforcement, governmental agencies or authorized third parties  Subject to law enforcement authority requestFor law enforcement, enforcement of our policies and agreements other customer rights and security detections, etc. We may share certain data when we believe it is appropriate to with, governmental agencies or authorized third parties, or protect the rights, property, or security of Akeyless, our customers, or others.

For more information about the third-party recipients, please see: https://www.akeyless.io/list-of-sub-processors/

When we share information with service providers and partners, we ensure they only have access to information that is strictly necessary for them to provide services to us. These parties are required to secure the data they receive and perform their services while ensuring compliance with all applicable data protection regulations.

Note, that we will not share your Personal Data with additional third parties or for purposes not detailed in the table above or subsequently authorized by you or required by applicable law. You may contact us directly at: [email protected] regarding our use or disclosure of your Personal Data.

8. DATA RETENTION

We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out. 

Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges; or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.

9. SECURITY

At Akeyless, security is our highest priority. We design our systems with your security and privacy in mind. We have implemented physical, technical, and administrative security measures for the Services that comply with applicable laws and industry standards. The methods that we use to protect your Personal Data include: maintaining compliance programs that validate our security controls; protecting the security of your information during transmission to or from our website, applications, products, or Services by using encryption protocols and software; and following the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.

Please review our Information Security Policy to learn more.

Note that we cannot be held responsible for unauthorized or unintended access beyond our control, and we make no warranty, express, implied, or otherwise, that we will always be able to prevent such access.

Please contact us at: [email protected] if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

10. DATA TRANSFER 

Due to our global business operation, your Personal Data may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. However, in all cases, we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer.

Specifically, if and where Personal Data collected within the EEA is transferred outside the EEA to countries or frameworks that have not been granted with an adequacy decision by the European Union, and therefore do not provide an adequate level of protection to your Personal Data when it is transferred to such third country or under such framework, such transfer is subject to, and made pursuant to the standard contractual clauses

Additionally, if and where Personal Data collected within the United Kingdom is transferred outside the United Kingdom to countries or frameworks that have not been granted an adequacy decision by the UK Information Commissioner Office (“ICO”), and therefore do not provide an adequate level of protection to your Personal Data when it is transferred to such third country or under such framework, such transfer is subject to, and made pursuant to, the UK standard contractual clauses.

Personal Data transferred from within the EU and the UK to Akeyless Security USA Inc., are subject to the EU-U.S. Data Privacy Framework Principles with regard to the processing of Personal Data received from the European Union in reliance on the EU-U.S. DPF and the UK Extension to the EU-US DPF, as applicable, as detailed in our Data Privacy Framework Statement available at https://www.akeyless.io/data-privacy-framework-statement/.

11. PRIVACY RIGHTS

We understand that privacy preferences vary among individuals, and we are committed to transparency regarding the Personal Data we collect and how it is used. Depending on your relationship with us, your location, and applicable data protection laws, you may have certain rights and choices with respect to your Personal Data. 

For more information about rights for EU residents, please see: https://commission.europa.eu/law/law-topic/data-protection/information-individuals_en

For more information about rights for US residents, please see: https://oag.ca.gov/privacy/ccpa, and our CCPA Notice, at: https://www.akeyless.io/ccpa-privacy-notice/ or Section 13 below.

We respect individuals’ rights in any applicable jurisdiction, even if they differ from the rights listed above. Where the IPPL applies, you have the right to opt out of email marketing, request deletion of your personal data maintained in our email marketing database, and request to inspect, correct, or delete certain personal data, in each case as described in, and subject to, the requirements of our Data Subject Request (DSR) process (including the DSR Form) .

At any time, you may lodge a complaint with the applicable regulatory authority or contact our DPO, whose details are provided above. You also have the right to appeal. If we decline to take action on your request, we will inform you without undue delay, as required under applicable law.

For additional information or to exercise your rights, please contact us at [email protected], or submit a request via our DSR Form, or manage your cookie preference via: https://www.akeyless.io/cookie-declaration/.

12. CHILDREN

Our Services are not intended for use by children, and we do not knowingly collect or maintain information about anyone under the age of 16. Please contact us at: [email protected] if you have reason to believe that a child has shared any information with us. 

  1. JURISDICTION-SPECIFIC NOTICES
    Additional notice for United States residents: notice at collection, supplemental U.S. privacy policy, and your privacy rights
    This Section 13 contains additional information for residents in the United States, including a summary of our personal information handling practices and your rights under U.S. state privacy laws. “Personal Information” (also referred to as “Personal Data” in this Privacy Policy) means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with you or your household. We do not offer financial incentives or bona fide loyalty programs in exchange for the collection, use, or disclosure of Personal Information. For more details regarding our personal information handling practices, please review this Privacy Policy.
    1. Categories of Personal Information Collected
      We may collect, and have collected in the prior 12 months, the following categories of personal information:
      • Identifiers and personal information described in the California Customer Records Act (Cal. Civ. Code § 1798.80(e)), such as name, alias, Internet Protocol (IP) address, unique personal identifier, online identifier, and email address.
      • Internet or other electronic network activity information, including (but not limited to) browsing data and information regarding a consumer’s interaction with an internet website, application, or advertisement.
      • Geolocation data, such as IP addresses used to infer your approximate location (e.g., country).
      • Audio, electronic, or similar information, such as call recordings, access logs, etc.
      • Professional or employment-related information, such as business email address, organization name, job title, or position.

        Please note that we do not collect, and have not collected in the prior 12 months, personal information that is considered sensitive personal information or data under data privacy laws in the United States.
    2. Sources of Personal Information
      We collect the categories of personal information described in Section 13.1 of this Privacy Policy from the following sources:
      • Directly from you, for example when you contact us for support or other inquiries.
      • Indirectly from your activity on our website when we use cookies and similar technologies as detailed in Section 6  of the Privacy Policy.
      • From other parties, such as vendors who assist us in performing the Services.
    3. Business or Commercial Purpose for Personal Information Collected
      We collect the categories of personal information described in Section 13.1 of this Privacy Policy for the following business or commercial purposes:
      • To operate, provide, enable, and enhance our Services.
      • To research and develop new features.
      • To secure our Services and website, including to audit and detect spam and fraud, debugging and to resolve technical issues and errors.
      • For internal analytics and statistics used to improve our Services and the way we offer them.
      • For verification and authentication purposes.
      • To create and designate the Customer account and to secure accounts.
      • For account management and administration, including saving your choices and preferences;
      • To market our Services, communicate with Customers, Authorized Users or Prospects and send transactional and operational messages.
      • To infer your general location (e.g., country) based on IP address.
      • To respond to your inquiries or requests, send you the information you have requested to receive, or take actions requested by you.
      • To respond to law enforcement and address legal requirements.
      • To have records of our communications and for customer support efforts.
    4. Retention of Personal Information
      Except as required by applicable law, we are not obligated to retain Personal Information for any particular period, and we may delete it at any time in accordance with our retention practices. For more information, please see Section 8  of this Privacy Policy.
    5. Disclosure of Personal Information
      We disclose, and may have disclosed in the prior 12 months, the categories of personal information described in Section 13.1 of this Privacy Policy in the circumstances described below and for the purposes described in Section 13.3.
      • To our service providers, contractors, and processors who perform functions and services on our behalf, including cloud computing, storage, operations, analytics, account management, management or security tools, communications, fraud prevention, enrichment, development, and identifying and resolving errors and crashes.
      • If we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements. We may also disclose personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of our Platform, the public, or others.
      • To our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
      • In connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
      • Between current and future parents, affiliates and subsidiaries and other companies under common control and ownership.
      • With your consent or at your direction.
    6. “Sale” and “Sharing” of Personal Information
      We do not “sell” information in the conventional sense of the term (i.e., we do not exchange Personal Information directly for money). However, for retargeting and analytics purposes when promoting our Services, we may use third-party providers, tracking tools, advertising networks, and social media platforms. These services may function by placing cookies, pixels, or other tracking technologies on our website and disclosing online identifiers and browsing or engagement information to these vendors.
    7. Opt-Out Preference Signals and Do Not Track
      1. Opt-Out “do not sell or share my personal information”
        You can use the cookie manager available in the footer of the website to opt out of the sale or sharing at any time.
      2. We Honor Opt-Out Preference Signals
        We honor opt-out preference signals. An opt-out preference signal is a signal that is sent by a platform, technology or mechanism on your behalf that communicates your choice to opt-out of the sharing for targeted advertisements or sale of your personal information. You can learn more about implementing opt-out preference signals here or by exploring other developing technologies and services that offer this tool. 

        We treat opt-out preference signals as valid requests to opt-out of the sale or sharing of your personal information under privacy laws. Ordinarily, an opt-out preference signal is sufficient for us to honor your request, but in some instances, we may request additional information to help facilitate your request for offline sales or sharing.  We will not use, disclose or retain this additional information for any purpose other than to facilitate the request.

        Please note that you may also opt out of the sale or sharing of your personal information through the other methods described in the Instructions on How to Exercise Your Privacy Rights section below.
      3. Do Not Track Requests
        Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the websites you visit indicating that you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the do not track signal, we currently do not respond to the browser do not track signals. However, as noted above, we do honor opt-out preference signals.
    8. Children
      The Website and Services are not intended for or directed at children under the age of 18, and we do not knowingly collect personal information from children under the age of 18. We also do not knowingly sell or share the personal information of children under the age of 18.
    9. Your Privacy Rights
      U.S. state privacy laws may provide consumers certain rights with respect to their personal information, subject to exceptions. Subject to applicable limitations, you may have the following rights:
      • Right to Delete. You have the right to request us to delete the personal information we have collected about you.
      • Right to Correct. You have the right to request us to correct inaccurate personal information we maintain about you.
      • Right to Confirm Processing, Know and Access. You have the right to confirm whether we are processing your personal information and know and access the personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of personal information and service providers, contractors and third parties to whom we disclosed personal information, and the specific pieces of personal information we have collected about you. You have the right to receive this information in a format, to the extent technically feasible, that is portable, usable, and allows you to transmit personal information to a person without impediment or hindrance.
      • List of Specific Third Parties: You have the right, at our option, to receive a list of the specific third parties, other than natural persons, to which we have disclosed either: (i) your personal information or (ii) any personal information.
      • Rights Related to Profiling. You have the right to opt out of the processing of your personal information for profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. However, this right does not apply because we do not engage in profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
      • Rights Related to Sharing for Targeted and Cross-Context Behavioral Advertising or Sale. You have the right to opt out of the sharing of your personal information for targeted or cross-context behavioral advertising or the sale of your personal information as set forth above.
      • Rights Related to Sensitive Personal Information or Data. Data privacy laws may provide additional protection for sensitive personal information or data. However, this right does not apply because we do not process sensitive personal information or data.
      • Right to No Discrimination. You have the right not to be discriminated against for exercising any of your privacy rights. This includes us not: (a) denying you goods or services; (b) charging you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; (c) providing you a different level or quality of goods or services; (d) suggesting to you that you will receive a different price or rate for goods or services or a different level or quality of goods or services; and (e) retaliating against you for exercising your privacy rights.
      • Right to Appeal. If we decline to take action in response to your exercise of a privacy right, we will inform you of the reason for denying your request and provide you with instructions on how to appeal the decision.

        Instructions on How to Exercise Your Rights:
        You may exercise your privacy rights by completing our DSR Form and contacting us at [email protected]. You may also exercise your opt-out right by clicking on the Do Not Sell or Share My Personal Information link. In some instances, we will need to verify your identity before honoring your privacy rights request. We will verify your identity by asking you to provide personal information related to your recent interactions with us. We will honor your privacy rights request within 45 calendar days of receipt, unless we request an extension as permitted by data privacy laws.  However, we will honor your opt-out request within 15 business days.
        Appealing:
        You may appeal a denial of your privacy right requests by contacts us at [email protected]. Within 45 days of receipt of an appeal, we will inform you in writing of any action taken in response to the appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, you may submit a complaint to the Attorney General of your state.
        Authorized Agents:
        If permitted or required by applicable law, you may exercise your privacy rights through an authorized agent (which may include a guardian or conservator). If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. If you are an authorized agent seeking to make a request, please contact us at:[email protected].
        Shine the Light Law Disclosure for California Residents:
        California law permits residents of California to request certain details about how their information is shared with third parties for direct marketing purposes.
    10. Questions
      You may contact us through the means listed in Section 2 of this Privacy Policy.  

Download
Subscribe to Newsletter
  • PrivilegedAccessManagement(PAM)_BestSupport_Enterprise_QualityOfSupport
  • PrivilegedAccessManagement(PAM)_HighPerformer_Enterprise_HighPerformer
  • PrivilegedAccessManagement(PAM)_EasiestToUse_Enterprise_EaseOfUse
  • PrivilegedAccessManagement(PAM)_UsersMostLikelyToRecommend_Nps