AXDRAFT is part of the Onit family! Read more about the acquisition in our story.
Learn more

AXDRAFT’s Privacy Policy for Services

At AXDRAFT, we know that your privacy is of the utmost importance to you. Accordingly, we treat your information confidentially and are committed to protecting your privacy and your personally identifiable information (“Personally Identifiable Information”).

AXDRAFT provides software as a service to its customers (“Services”) to help our customer process invoices related to legal spend and manage its legal matters.

For purposes of this Privacy Policy for Services:

  • “Data Controller” means an entity that alone or jointly with others determines the purposes and the means of the processing of Personally Identifiable
  • “Data Processor” means an entity that processes Personally Identifiable Information on behalf of a Data Controller in accordance with the Data Controller’s instructions.

As part of AXDRAFT’s Web-based applications, AXDRAFT’s customers (and their designees, including other service providers to such customers) are permitted to submit electronic data and information, including personal data, to AXDRAFT’s servers. In this context, AXDRAFT acts as a data processor and does not determine how its customers’ data is utilized in AXDRAFT’s servers and its customers are the Data Controllers. AXDRAFT does not choose or determine the types of data that are submitted to AXDRAFT’s servers, and any access to or use of such data by AXDRAFT is in connection with completing the contractual obligations of AXDRAFT, as data processor, to its customers. As part of AXDRAFT’s professional services operations, AXDRAFT processes data and information, including personal data, on behalf of its customers. In this context, AXDRAFT acts as a data processor on behalf of its customers and its customers are the Data Controllers.

Where AXDRAFT acts as a data processor, AXDRAFT does not have a direct relationship with individuals whose Personally Identifiable Information AXDRAFT processes in the US.  In these circumstances, AXDRAFT’s customers are responsible for providing the required notice and choice to individuals.

1.

Personally Identifiable Information Collected by AXDRAFT

Content and information submitted by a user is controlled by AXDRAFT’s customers, as described above.  Here are some examples of content and information collected by AXDRAFT (but please note, these are only examples and there may be others): first and last name, email address, phone number, other contact information, company you work for, business unit you belong to, and other types of information.

AXDRAFT also collects Non-Personally Identifiable Information from users of the services, including without limitation: Internet protocol addresses, profile information, aggregate User-data, demographic information, geographical information, browser types, operating system types, and usage statistics. This Non-Personally Identifiable Information is used to manage the services, track services usage, and improve the services. This Non-Personally Identifiable Information may be shared with third-parties to provide more relevant services and third party content to users. User IP addresses may also be recorded for security and monitoring purposes.

2.

How does AXDRAFT Use your Personally Identifiable Information?

Personally Identifiable Information is used by AXDRAFT for the following purposes:

  • to send you requested information on our products and services;
  • to provide you with information about new features, products and services;
  • to provide support to you in connection with your use of the AXDRAFT family of products, including notices of system downtime;
  • to provide the services, products and support to our customers;
  • to collect feedback on your use of our products and services;
  • to help us improve our products and services or develop new products or services; or
  • to comply with applicable laws or regulations.
3.

Transfer of Personally Identifiable Information to Other Parties

AXDRAFT does not sell any Personally Identifiable Information to third parties.  AXDRAFT does share Personally Identifiable Information in the following circumstances:

Business Partners of our Customers

AXDRAFT discloses Personally Identifiable Information to business partners of our customers as directed by our customers, or where we believe it is necessary to provide a service which a customer has requested, or as otherwise authorized or directed by you. Examples include:

  • integrations to third parties which host systems for AXDRAFT customers, such as DocuSign and Salesforce.
  • if our customer is a legal department, their vendors receive information related to contracts.

Authorized Service Providers

AXDRAFT may disclose your Personally Identifiable Information to its affiliates and service providers it has retained to perform services on its behalf as well as strategic alliance partners we are working with. We require service providers and strategic alliance partners to whom we disclose Personally Identifiable Information to contractually agree to provide at least the same level of protection for Personally Identifiable Information.

Legal Requirements and Business Transfers

AXDRAFT may disclose Personally Identifiable Information (i) if we are required to do so by law or legal process, (ii) in response to law enforcement authority or other government official requests, (iii) in connection with an investigation of suspected or actual illegal activity or (iv) in the event that AXDRAFT is subject to a merger or acquisition to the new owner of the business. Disclosure may also be required for company audits or to investigate a complaint or security threat.

4.

Security

AXDRAFT implements commercially reasonable security measures designed to protect your Personally Identifiable Information.

5.

How to Access your Personally Identifiable Information And Enforcement

AXDRAFT reviews its compliance with this Privacy Policy for Services to verify that the assertions made in it are true and that the practices the Privacy Policy for Services contains are implemented correctly.  AXDRAFT will investigate any breach of this Privacy Policy for Services that has been reported to AXDRAFT.

In circumstances where AXDRAFT acts as a Data Processor, individuals should submit any requests to access their Personally Identifiable Information or complaints concerning the processing of their Personally Identifiable Information to the AXDRAFT customer that originally collected their information in accordance with the customer’s relevant dispute resolution mechanism (if available).  AXDRAFT will participate in the customer’s dispute resolution process at the request of the individual.

If the issue cannot be resolved through the customer’s internal dispute resolution mechanism, the individual may submit the request or complaint to AXDRAFT by emailing us at [email protected].

6.

Permitted and Required Uses and Disclosures That May Be Made Without Your Consent, Authorization, or Opportunity to Object

There are other circumstances in which we may have to use or disclose your protected Personally Identifiable Information, even without your consent or authorization. These situations include:

Disclosure Required By Law: We may use or disclose your Personally Identifiable Information to the extent that the use or disclosure is required by law. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. You will be notified, as required by law, of any such uses or disclosures.

Legal or Administrative Proceedings or Investigations: We may disclose Personally Identifiable Information in the course of any judicial or administrative proceeding or investigation, in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized), in certain conditions in response to a subpoena, discovery request or other lawful process or request.

Law Enforcement: We may disclose Personally Identifiable Information, so long as applicable legal requirements are met, for law enforcement purposes. These law enforcement purposes include requests: (1) pursuant to legal processes or as otherwise required by law; (2) for limited information for identification and location purposes; (3) pertaining to potential victims of a crime; (4) relating to suspicion that a death has occurred as a result of criminal conduct; (5) in the event that a crime occurs at AXDRAFT; or (6) relating to a medical emergency (not at AXDRAFT) and it is necessary to alert law enforcement regarding a potential crime.

Enforcement of Agreement: Consistent with applicable federal and state laws, we may disclose your Personally Identifiable Information to enforce this Agreement and to protect our rights herein.

7.

Correcting/Updating or Removing Information

Users may request to modify or remove most of their Personally Identifiable Information at any time by contacting AXDRAFT at [email protected]. Removed information may persist in backup copies of the Website indefinitely, but such information will continue to be protected under the terms of this Privacy Policy.

8.

Privacy Notice and Policy Subject to Change

From time to time we may make changes to our Privacy Policy, and we reserve the right to change our Privacy Policy at any time. If we make changes, we will post them on the Website. Unless stated otherwise, our current Privacy Policy applies to all Personally Identifiable Information. Your continued access or use of the Services after any such changes constitutes your acceptance of the new Privacy Policy.

9.

Contact Us

Please notify us if you believe your privacy rights have been violated by us. We will not retaliate against you or you for the filing of such a complaint. You may reach our privacy contact at [email protected]. Our privacy contact can provide further information about this Privacy Policy and the policies and procedures set forth herein.