This Privacy Policy outlines how IXAIO collects, uses, discloses, and protects your personal data when you use our IoT hardware, sensor devices, and data platform services. We are committed to safeguarding your privacy and ensuring your personal data is handled in compliance with applicable data protection regulations across the EU, North America, Japan, Singapore, Australia, the UK, and Switzerland.

This Privacy Policy applies to all users of IXAIO’s services, regardless of location, and reflects regulatory requirements relevant to each jurisdiction in which we operate. By using our services, you acknowledge that your personal data may be collected, processed, and stored in accordance with this policy and in compliance with applicable regulations, including GDPR, CCPA, and other local data protection laws.

For clarity, this Privacy Policy includes specific definitions to help you understand your rights and our responsibilities regarding your personal data: - **Data Controller**: IXAIO is the entity responsible for determining the purposes and means of processing your personal data. - **Processor**: Any third party engaged by IXAIO to process data on our behalf under strict contractual obligations to maintain privacy and security. - **Personal Data**: Any information relating to an identified or identifiable individual, including but not limited to name, contact information, device data, and usage information, as applicable to our services.

IXAIO is the Data Controller responsible for the collection, processing, and storage of personal data in connection with our IoT hardware, sensor devices, and data platform services. As the Data Controller, IXAIO determines the purposes and means of processing personal data in compliance with relevant data protection regulations.

For any questions or concerns regarding this Privacy Policy or your personal data, please contact us directly at [IXAIO Contact Information](https://ixaio.com/information). Our team is available to assist you with any inquiries related to data privacy and your rights under applicable data protection laws.

In jurisdictions requiring a Data Protection Officer (DPO) or a designated representative, IXAIO has appointed qualified individuals to oversee data privacy practices and ensure compliance. If you are in the EU, UK, or another region requiring a local representative, your inquiry will be directed accordingly. Please reach out through our contact page at [IXAIO Contact Information](https://ixaio.com/information) for DPO-related inquiries.

We may collect personal identifiers necessary for account creation and service usage, such as your name, username, and email address. This data helps us authenticate and personalize your experience on the IXAIO platform.

If you reach out to us for support or further inquiries, we may collect additional contact information such as your mailing address and phone number to respond to your needs and provide appropriate assistance.

In order to provide our IoT hardware and sensor device services, IXAIO collects data directly from the devices you use, including sensor readings, location information, and unique device identifiers. This data is essential for the functionality, monitoring, and troubleshooting of IoT services.

To ensure optimal performance and security of our platform, we collect technical data such as IP addresses, browser types, device types, and platform logs. This data helps us monitor, improve, and secure our services against unauthorized access or disruptions.

We collect information on how you interact with our platform, including page views, navigation paths, time spent on pages, and feature usage. This information helps us understand user preferences, improve user experience, and enhance platform functionality.

IXAIO does not typically collect sensitive personal data (such as health or biometric data) unless it is essential for specific services and with explicit consent where required. If such data is collected, we will ensure compliance with applicable data protection regulations and provide additional safeguards.

IXAIO processes certain types of personal data based on your explicit consent, which is obtained before collecting or using data that requires it. You have the right to withdraw your consent at any time, which will not affect the lawfulness of data processing conducted prior to the withdrawal.

Processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into such a contract. This includes providing our IoT hardware, sensor devices, and data platform services and ensuring the functionality of those services.

In certain cases, IXAIO is legally required to process personal data to comply with legal obligations, regulatory requirements, or lawful government requests. This includes data retention obligations, tax laws, or other legal and regulatory reporting obligations.

IXAIO may process personal data to pursue our legitimate interests, provided that such processing is not overridden by your interests or fundamental rights. Legitimate interests include platform security, service improvement, fraud prevention, and ensuring the reliability of our IoT and sensor devices.

Where applicable, IXAIO complies with jurisdiction-specific requirements, such as those under the GDPR in the EU, CCPA in California, and similar data protection laws in other regions. These laws provide specific rights and obligations that IXAIO honors in its data processing activities.

IXAIO collects and processes personal data to provide and support our IoT hardware, sensor devices, and data platform services. This includes enabling device functionality, processing requests, and maintaining operational stability across our platform.

We use data to analyze and improve our products and services, helping us better understand how our platform and devices are used. This information allows IXAIO to enhance user experience, optimize system performance, and introduce new features based on user needs.

Data is collected to ensure the security and integrity of our platform, protect against fraud, and detect any unauthorized access or activities. IXAIO also processes data to meet regulatory requirements and adhere to industry standards in various jurisdictions.

When users contact IXAIO for assistance, we use their personal data to provide relevant support, respond to inquiries, and resolve issues. Communication regarding account status, updates to our services, or changes in terms may also be sent to users as needed.

Data collected from user interactions and device usage helps IXAIO with research and development, allowing us to innovate and create new solutions that enhance the effectiveness of our IoT and sensor services.

You have the right to request access to the personal data IXAIO holds about you. Upon request, we will provide a copy of your data, including details on how it is used and shared, in accordance with applicable law.

If you believe that any personal data we hold about you is incorrect or incomplete, you have the right to request that we correct or update this information. IXAIO will promptly make the necessary changes to ensure data accuracy.

You may request the deletion of your personal data under certain conditions, such as if the data is no longer needed for the purposes it was collected, or if you withdraw consent. IXAIO will erase your data where legally permissible and in accordance with our data retention policies.

In specific situations, you have the right to restrict the processing of your personal data. This includes cases where you contest the accuracy of the data or object to its processing. IXAIO will limit processing activities accordingly, as required by law.

Where applicable, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. You may also request that we transmit this data to another organization, if technically feasible.

You have the right to object to the processing of your personal data in cases where IXAIO relies on legitimate interests, including for marketing purposes. We will cease processing your data upon request unless we can demonstrate compelling legal grounds.

For California residents, the California Consumer Privacy Act (CCPA) provides specific rights, including the right to know about and delete personal data, the right to opt out of data sales, and the right to non-discrimination in service for exercising these rights.

To exercise any of these rights, please contact IXAIO through our [Contact Information page](https://ixaio.com/information). We may request verification of your identity before processing certain requests. IXAIO is committed to responding to your requests in a timely manner and in compliance with applicable regulations.

IXAIO requires your consent to collect and process certain types of personal data, especially where consent is the legal basis for processing. By using our services, you may be asked to agree to specific data collection practices, such as the use of location data, for us to provide full functionality.

You have the right to withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing conducted prior to your withdrawal. If you decide to withdraw consent, certain features or functionalities of our services that rely on that data may no longer be available.

To withdraw your consent, please contact us through our [Contact Information page](https://ixaio.com/information). Alternatively, you may adjust your preferences in your account settings or follow the instructions provided in any consent-based communications from IXAIO.

If you choose to withdraw your consent, please be aware that it may limit your ability to use certain IXAIO services or features. We will inform you of any potential impact at the time of your request to ensure transparency.

IXAIO may use automated decision-making processes to enhance the functionality of our IoT hardware, sensor devices, and data platform services. This includes automated diagnostics, predictive maintenance, and alerts based on device data to optimize performance and minimize downtime.

Profiling is used to analyze data patterns, such as device usage and system behavior, to provide personalized recommendations and proactive maintenance solutions. These profiling activities help IXAIO ensure efficient service, improve user experience, and maintain device reliability.

Where required by applicable law, you have the right to request human intervention in decisions made solely through automated processing, express your viewpoint, or contest the decision. If you have questions about automated decisions that affect you, please contact us through our [Contact Information page](https://ixaio.com/information).

IXAIO may engage third-party service providers to assist with various operational, analytical, and technical tasks, including data storage, cloud services, analytics, and security measures. These processors are carefully selected to ensure they meet our standards for data privacy and protection.

We share data with third-party processors solely for purposes necessary to deliver, improve, and secure our services. For example, we may share data with cloud providers to store data securely, or analytics providers to help us understand platform usage and improve user experience.

IXAIO ensures that any third-party processor we engage is bound by strict confidentiality agreements and data protection obligations. These agreements limit data access to authorized personnel only and require adherence to industry-standard security practices.

In certain circumstances, IXAIO may be legally obligated to disclose personal data to comply with regulatory requirements, court orders, or legal processes. We will disclose data only to the extent required by law and, where possible, notify affected users in advance.

IXAIO operates across multiple jurisdictions, including the EU, North America, Japan, Singapore, Australia, the UK, and Switzerland. As such, your personal data may be transferred to and processed in these and other countries where we or our service providers operate. We ensure that data transfers are conducted securely and in compliance with relevant data protection laws.

To protect personal data during international transfers, IXAIO implements appropriate safeguards, such as Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or equivalent legal frameworks where required. These safeguards ensure that your data remains protected regardless of where it is processed.

If your personal data is transferred to a country outside your home jurisdiction, IXAIO will take all necessary measures to ensure its protection, in line with applicable laws. You may contact us through our [Contact Information page](https://ixaio.com/information) for further details on the safeguards applied to your data transfers.

IXAIO retains personal data only for as long as is necessary to fulfill the purposes for which it was collected, including meeting legal, accounting, or reporting obligations. The specific retention period depends on the type of data and the reason for its collection, such as maintaining your account or supporting customer service.

Our retention criteria consider factors such as the type of data, its sensitivity, the risk of harm from unauthorized use or disclosure, and applicable legal requirements. For example, account-related data may be retained as long as the account is active, while transactional data may be retained to comply with tax and financial regulations.

Once the data retention period has expired or the data is no longer needed, IXAIO will securely delete or anonymize personal data. We utilize industry-standard data deletion practices to ensure that data is completely and irreversibly removed from our systems, minimizing any risk of unauthorized access.

IXAIO is committed to safeguarding your personal data by implementing a range of technical and organizational security measures. These include encryption, secure data storage, access control, and network monitoring to prevent unauthorized access, loss, or alteration of your information.

To maintain data security and integrity, IXAIO conducts regular security audits and vulnerability assessments. These evaluations help identify potential security risks and ensure that our protective measures remain effective and up to date with industry standards.

In the event of a data breach or security incident, IXAIO has an established response protocol to contain and mitigate the impact. We promptly investigate any incident, assess its scope, and take corrective actions as needed. Users affected by a data breach will be notified in accordance with applicable legal requirements.

IXAIO uses various types of cookies and similar tracking technologies to enhance your experience on our platform. These include essential cookies that enable core functionalities, as well as analytical cookies that help us understand how users interact with our services to improve performance.

Our cookies serve specific purposes: - **Essential Cookies**: Required for basic platform functionality and security, enabling you to navigate and use key features. - **Functional Cookies**: Allow us to remember your preferences and customize your experience on our platform. - **Analytical Cookies**: Provide insights into user interactions, helping us optimize our services and improve user satisfaction. - **Advertising Cookies**: May be used for marketing campaigns to deliver personalized ads, where applicable and with user consent.

In regions where consent is required, IXAIO presents a cookie consent banner that allows you to choose which types of cookies you accept. You may adjust your cookie preferences at any time to manage tracking technologies on our platform.

You can manage or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our services. For more information on managing cookies, you may refer to our [Contact Information page](https://ixaio.com/information) or consult your browser’s help documentation.

IXAIO’s services are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If we discover that personal data of a minor has been collected without appropriate consent, we will take steps to delete this information promptly.

In cases where our services may be used by individuals under 18 with parental supervision, we require verifiable parental consent before collecting or processing any personal data from minors. Parents or guardians may contact us to review, modify, or delete their child’s information.

If personal data of minors is processed in compliance with applicable law, IXAIO applies additional safeguards to ensure the data’s protection, including limiting data access and retention. We prioritize privacy for younger users to maintain a safe digital environment. For inquiries regarding minors’ data, please reach us through our [Contact Information page](https://ixaio.com/information).

IXAIO’s platform may contain links to third-party websites, applications, or services. Please note that IXAIO is not responsible for the privacy practices, data protection policies, or content of any external sites or services. We encourage you to review the privacy policies of third parties before engaging with their services.

When you leave the IXAIO platform by clicking a third-party link, you are subject to the privacy and security policies of the third-party site. These policies may differ from ours, and IXAIO is not liable for the practices or activities of third parties. If you have concerns about external links, please contact us via our [Contact Information page](https://ixaio.com/information).

In the event of a data breach involving your personal data, IXAIO is committed to notifying affected users promptly, as required by applicable law. Our notification will include details of the breach, the types of data affected, and any steps users should take to protect themselves.

IXAIO complies with data breach notification obligations under GDPR, CCPA, and other relevant regulations. We will report data breaches to the appropriate data protection authorities within the required timeframes and ensure that affected users are informed of any risks to their personal data.

Upon discovering a data breach, IXAIO will work to assess the scope and impact of the incident. Users will be notified as soon as possible, and no later than 72 hours after becoming aware of a breach that poses a risk to user data, in line with GDPR requirements and other applicable laws.

IXAIO may update this Privacy Policy periodically to reflect changes in our services, legal requirements, or data processing practices. We encourage users to review this Privacy Policy regularly to stay informed about how we protect personal data.

When significant changes are made to this Privacy Policy, IXAIO will notify users through our platform, by email, or by other appropriate means. This ensures that users are aware of any adjustments to how their personal data is managed and protected.

The 'Last Revised' date at the top of this Privacy Policy indicates when it was last updated. By continuing to use IXAIO’s services after changes are made, you acknowledge and agree to the updated terms.

For users in the European Union, IXAIO processes personal data in accordance with the General Data Protection Regulation (GDPR). You have rights under GDPR, including access, rectification, erasure, restriction of processing, data portability, and the right to object. IXAIO has appointed a representative in the EU as required by Article 27, and we ensure data transfers outside the EU are safeguarded with Standard Contractual Clauses or other legally approved mechanisms.

For users in the United Kingdom, IXAIO complies with the UK GDPR, which mirrors the EU GDPR in terms of data rights and obligations. A designated UK representative oversees our compliance with the UK’s data protection regulations, and data transfers from the UK are handled with appropriate safeguards.

For California residents, IXAIO follows the California Consumer Privacy Act (CCPA). Under CCPA, you have the right to know what personal data we collect, request deletion of your data, and opt out of any 'sale' of your personal data. IXAIO does not discriminate against users who exercise their rights under CCPA. To exercise your CCPA rights, contact us via our [Contact Information page](https://ixaio.com/information).

For users in Japan, IXAIO adheres to the Act on the Protection of Personal Information (APPI). We ensure that personal data of Japanese users is processed securely, and you have the right to request access, correction, and deletion of your personal data. Cross-border data transfers involving personal data are handled in compliance with APPI requirements.

IXAIO complies with Australia’s Privacy Act and the Australian Privacy Principles (APPs). For Australian users, we provide access to personal data upon request, and you have the right to request corrections. Cross-border transfers of data are carried out in line with Australia’s legal standards for data protection.

For users in Switzerland, IXAIO complies with the Swiss Federal Act on Data Protection (FADP). Data transfers to countries outside Switzerland are conducted with adequate safeguards to ensure data protection in line with Swiss regulations. Swiss users have rights similar to those provided under GDPR, including access, correction, and deletion of their personal data.

For users in Singapore, IXAIO follows the Personal Data Protection Act (PDPA) to ensure data privacy and security. You have the right to request access to and correction of your personal data. Data transfers outside Singapore are protected under legally recognized mechanisms to safeguard your information.

This Privacy Policy, and any issues arising from it, are governed by the laws of the jurisdiction where IXAIO is headquartered, except where otherwise required by local data protection regulations. This ensures consistency and fairness in the interpretation and enforcement of our Privacy Policy.

In the event of a dispute regarding our privacy practices, we encourage you to contact us first through our [Contact Information page](https://ixaio.com/information) so we can work together to resolve any concerns. If we are unable to resolve your concerns, disputes may be submitted to mediation or arbitration in accordance with the laws of the governing jurisdiction.

Depending on your place of residence or use of our services, you may have additional rights or obligations under local laws. This Privacy Policy does not limit your rights under these laws. In cases of unresolved disputes, any legal actions must be brought in the appropriate courts of the governing jurisdiction, except as otherwise required by applicable local regulations.

This Privacy Policy, and any issues arising from it, are governed by the laws of the jurisdiction where IXAIO is headquartered, except where otherwise required by local data protection regulations. This ensures consistency and fairness in the interpretation and enforcement of our Privacy Policy.

In the event of a dispute regarding our privacy practices, we encourage you to contact us first through our [Contact Information page](https://ixaio.com/information) so we can work together to resolve any concerns. If we are unable to resolve your concerns, disputes may be submitted to mediation or arbitration in accordance with the laws of the governing jurisdiction.

Depending on your place of residence or use of our services, you may have additional rights or obligations under local laws. This Privacy Policy does not limit your rights under these laws. In cases of unresolved disputes, any legal actions must be brought in the appropriate courts of the governing jurisdiction, except as otherwise required by applicable local regulations.