Athenian: Privacy Policy

Effective Date: April 1, 2020

We take our obligation to protect the privacy of your personal information seriously.

Your personal information will be treated in a secure and confidential manner in compliance with all applicable laws and regulations.

When you use Athenian Websites and Services (as defined below), we receive information that may directly or indirectly identify you (“personal information” or “personal data”).

This privacy policy (this “Privacy Policy”) governs and describes how Athenian SAS. and its subsidiaries (“Athenian”, “we,” “us” or “our”) may collect, use, and disclose personal information that we obtain through or from:

https://www.athenian.co/ and all websites within that domain (such as https://app.athenian.co/ and https://knowledge.athenian.co/ (our “Websites”),
individuals that register to attend our marketing or corporate events or receive our marketing materials (“Marketing Activities”),
third-party sources such as data brokers, publicly available sources, and our partners,
our subscribers’ personnel who register to use our Services (including through our Services user interface dashboard registration forms on our Websites), and
subscriber data submitted to our Athenian product or related services (the “Services”) by our subscribers or their internet clients or end users, or that we collect through our Services on behalf of our subscribers. Section 9 of this Privacy Policy separately covers and describes how Athenian collects, uses and discloses the personal information submitted to our Services by our subscribers (or their internet clients or end users) or that we collect through our Services (on behalf of our subscribers), which use by our subscribers is governed by our subscription agreements with our subscribers.

In this Policy we will explain:

What types of personal information Athenian collects and how it is used.
How Athenian collects your personal information, including whether personal information is collected automatically.
How long Athenian retains your personal information.
How and when Athenian shares your personal information with others.
How Athenian protects your personal information.
What choices and rights are available to you regarding the use of your personal information, including how to access and update personal information.
How personal information submitted to our Services or collected through our Services on behalf of or at the direction of our subscribers is treated.
How to update your communication preferences.
Whether children under the age of 13 are permitted to use our Services.

Contact Information

Depending on the context of personal information you provide, Athenian may be the data controller (“controller”) or data processor (“processor”) of your personal information under this policy. Athenian is a processor of personal information submitted to the Services or collected through the Services on behalf of or at the direction of subscribers. If you have any questions or concerns regarding this Privacy Policy or our privacy practices, including the processing of your personal information, if you would like to exercise your data rights under applicable laws, or if you believe your privacy rights have been violated, please contact Athenian at privacy@athenian.co, or Athenian SAS, 23 Rue de Roule, 75001, Paris, France.

1. What types of personal information does Athenian collect?

The types of personal information we collect and share depend on which of our Websites or Marketing Activities you use. In general, we may collect information that identifies you, information about how you use our Websites, and the information that you create while you interact with our Websites.

Information that we collect from you may include the following:

Information that can personally identify you, such as name, photograph, postal address, email address, or telephone number.
Information about your Internet connection, the equipment you use to access our Websites, and your use of our Websites.
Information that you provide when you fill in forms on our Websites.
Information that identifies you in planning and hosting corporate events related to our Marketing Activities (e.g., webinars).
Records and copies of your correspondence (including email addresses and Twitter handles), if you contact us.
Your responses to surveys that we might ask you to complete for research purposes.
Details of transactions you carry out through our Websites or related to orders of our Services.

You also may provide information as a contributing user that is published or displayed (hereafter, referred to as "posted") on public areas of our Websites, on the Athenian Blog site, or transmitted to other users of our Websites or third-parties. Your user contributions are posted and transmitted to others at your own risk.

2. How does Athenian use my personal information

Athenian uses personal information that you provide to us to deliver content on our Websites, plan and host Marketing Activities, and to provide our Services.

We may use this information in the following ways:

To present our Websites and their contents to you.
To allow you to participate in interactive features on our Websites.
To enhance the experience of using our Websites, Services, and Marketing Activities.
To manage your access to the Services.
To carry out our obligations and enforce our rights that arise from any contracts entered into between you and us, including for billing and collection.
To provide you with notices about your account and/or subscription, including expiration and renewal notices.
To notify you about changes to our Websites or Services.
To provide you with information or services that you request from us.
To communicate with you about Marketing Activities, which may include promotional information.
To send promotional information and other communications regarding our products or Services.
To create a list of actual and prospective users and subscribers for our products or Services.
To assemble statistics regarding the use of our Websites, product or Services.
To prevent fraud or abuse.
To comply with any legal or regulatory obligations.
For any other purpose we describe at the time we collect information.
For any reason you engage us.
For any other purpose with your consent.

3. How does Athenian collect my personal information?

Athenian may directly collect personal information you provide us in the following ways:

When you complete forms on our Websites, such as registering an account, subscribing to a Service, or posting a comment.
When you create an account to use our Services or create a new user for that account.
When you complete transactions through our Websites, such as fulfilling an order for our Services.
When you perform search queries on our Websites.
When you post messages on our Websites, either in public areas or directly to other users or third-parties.
When you use our publicly accessible blogs.
When you contact us outside of our Websites, such via email or Twitter.
When you request assistance from our team.
When you respond to surveys we ask you to complete for research purposes.
When you provide information that will be posted on public areas of our Websites.
When you transmit information to other users of our Websites or third-parties as a user contribution.
When you register for or attend our Marketing Activities.

Third-Parties and Data Supplementation

To the extent allowed by law, Athenian may collect personal information about you from other third-party sources. We may maintain this information or associate it with personal information we already have about you (“data supplementation”). This information helps us to improve our Websites, to deliver better and more personalized Services, to update, expand, and analyze our records, identify new customers, and provide products and services that may be of interest to you. To the extent we combine such third-party sourced information with information we already have about you, we will treat the combined information in accordance with the practices described under this Privacy Policy and any additional restrictions imposed by the source of the data.

Third-party sources we may use vary over time, but have included or may include:

Data brokers from which we purchase demographic data to supplement the information we collect.
Social networks when you reference our Services or grant permission to Athenian to access your data on one or more of these services.
Our partners with whom we may offer co-branded services, sell or distribute our Services, or engage in joint marketing activities.
Publicly-available sources or data in the public domain.

Examples of the types of personal information that may be obtained from public sources or purchased from third-parties and combined with information we already have about you, may include:

contact information about you from third-party sources to verify your address so we can properly prevent fraud or communicate with you, or
data purchased from third-parties, such as social networking sites and conference attendee lists, that is combined with information we already have about you, to create more tailored advertising and products.

We are not responsible for the accuracy of any information provided by third-parties or third-party policies or practices.

Financial Information

We use third-party payment processors to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third-party processors. Our third-party processors currently include Stripe, and Stripe’s privacy policy can be viewed at https://stripe.com/us/privacy.

4. Does Athenian collect personal information automatically?

As is true of most websites, Athenian gathers certain information automatically as you navigate through and interact with our Websites. This information helps us to improve and personalize our Websites, Marketing Activities, and Services, as well as prevent fraud or abuse. This information may be gathered and stored in log files.

Information that we collect from you automatically may include the following:

Internet Protocol (IP) addresses,
Internet Service Provider (ISP),
browser type,
referring/exit pages,
operating system,
date/time stamp, and/or
browsing actions and browsing patterns.

Cookies

Athenian and our partners use cookies or similar technologies to analyze trends, administer our Websites and Services, track users' movements around our Websites and Services, and to gather demographic information about our user base as a whole. A cookie is a small piece of information that is placed on your device when you visit certain websites. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Websites or Services.

For more information on how Athenian uses cookies, refer to https://www.athenian.co/cookies.
‍
For more information on third-party cookies, refer to Section 6 of this Privacy Policy.

5. How long does Athenian keep my personal information?

Athenian may retain your personal information for a period of time consistent with the original purpose of collection. For instance, we may retain your personal information during the time you have an account to use our Websites or Services, or as agreed in our subscription agreements, and for a reasonable period of time thereafter. We also may retain your personal information during the period of time needed for Athenian to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes, and enforce our agreements.

6. When and how does Athenian share my personal information with others?

Athenian may share your personal information with certain third-parties. This sharing is based on our relationship with those third-parties, your consent, or legal or contractual obligations that require us to share such information.

We may share your personal information that we collect or you provide as follows:

To our subsidiaries and affiliates for the purposes outlined in this Privacy Policy.
To contractors, service providers such as Stripe and Intercom, and other third-parties we use to support our business. These entities are bound by contractual obligations to keep personal information confidential and can use it only for the purposes for which we disclose the information to them.
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Athenian’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by Athenian about our Websites users is among the assets transferred. You will be notified via email and/or a prominent notice on our Websites of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
To comply with any court order, law, or legal process (such as a subpoena), to investigate fraud, including responding to any government or regulatory request, lawful requests by public authorities, or to meet national security or law enforcement requirements.
To enforce or apply our Terms of Service and other subscription agreements, including for billing and collection purposes.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Athenian, our subscribers or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
For any other purpose disclosed by us when you provide the information.
With your consent.

Athenian may disclose aggregated statistical data that does not contain Personal Data with third-parties.

Athenian partners with third-parties that serve content or applications. These partners, including (i) third-parties that either display advertising on our Websites or manage our advertising on other sites and (ii) applications providers such as Github, may collect your information as you interact with them through our Websites. Such third-party partners may also use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising, click here (or if located in the European Union click here). Please note you will continue to receive generic ads.

You may login to our Websites using a sign-in service such as your Github profile. These services authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign-in form and collection of your personal information may occur as a result of login to our Websites using these sign-in services.

From time to time, we may include links to other websites whose privacy practices may differ from ours. If you submit personal information to any of those sites, your information will be governed by such third-party’s privacy policies. Please carefully read the privacy policy of any website you visit.

7. How does Athenian keep my information secure?

Athenian will maintain appropriate technical and organizational security measures designed to protect your personal information from accidental loss, unauthorized use, alteration, or disclosure. Although we implement and maintain security measures that are appropriate for our business activities, please be aware that no security measures are perfect or impenetrable and any transmission of personal information is at your own risk.

You must also make sure that your information is safe and secure. We are not responsible if you circumvent any privacy settings or security measures on our Websites. Even if we give you (or you have chosen) a password for access to certain parts of our Websites, you are responsible for keeping this password confidential. Do not share your password with anyone. Please be careful about giving out information in public areas of our Websites, for example, community message boards or forums. The information you share in public areas may be viewed by any user of our Websites. We cannot control the actions of other users of our Websites with whom you choose to share your information; as such we cannot guarantee your contributed information cannot be viewed by unauthorized parties.

8. What choices and rights are available to me regarding the use of my personal information?

Section 9 of this Privacy Policy separately covers and applies to personal information submitted by our subscribers to our Services, or collected through our Services on behalf of or at the direction of our subscribers. In regards to personal information we process on behalf of our subscribers, please contact the applicable subscriber directly as described in Section 9 of this Privacy Policy.

By using our Websites, Services, and Marketing Activities you expressly give your consent for the collection and use of your personal information in compliance with this Privacy Policy. This does not affect lawful processing under applicable laws based on other legal basis such as contractual obligation, compliance with applicable laws, and legitimate purposes.

If you receive a marketing communication or promotion from us, you may opt-out of these communications at any time (i) by following the unsubscribe instructions included in the promotion (if sent by email), (ii) sending us an email at the address noted in the Contact Information section above.

Right to Access or Correct Personal Information

If Athenian processes your personal information on behalf of or at the direction of one of our subscribers, you should first look to that subscriber for assistance regarding the modification or correction of your personal information as described in Section 9 of this Privacy Policy.

You have the right to access and correct your personal information. If you want to review or correct your personal information, you can login to the appropriate Website or Service and visit your account profile page, or you may send us an email at the address noted in the Contact Information section above.

Right to Delete Personal Information (“Right to be Forgotten”)

You have the right to request deletion of personal information we hold about you and we have the obligation to erase your personal information, where:

the personal information is no longer necessary in relation to the purposes for which it was collected or otherwise processed,
you withdraw consent on which the processing is based and where there is no other legal ground for the processing,
you object to the processing and there are no overriding legitimate grounds for the processing,
the personal information has been unlawfully processed, or
the personal information has to be erased for compliance with a legal obligation in the European Union or a Member State law to which Athenian is subject.

If you want to request removal of your personal information from our Websites or Services, you may send us an email at the address noted in the Contact Information section above. You can also request closure of your account. We will respond to your request within 30 days.

In some cases, we may not be able to remove your personal information, in which case we will let you know that we are unable to do so and why.

Right to Data Portability

You have the right to receive or transfer a copy of your personal information, where:

we are relying upon your consent or the fact that the processing is necessary for the performance of a contract to which you are party as the legal basis for the processing, and
personal information is processed by automatic means.

This copy will be provided to you in a common machine-readable format. You may also require us to transmit it to another party where this is technically feasible.

If you want to request a copy of your personal information, you may send us an email at the address noted in the Contact Information section above.

Right to Restrict Personal Information Processing

You have the right to request the restriction of processing of your personal information, where:

you contest the accuracy of the personal information until we take sufficient steps to correct or verify its accuracy,
where the processing is unlawful but you do not want us to erase the personal information,
where we no longer need the personal information for the purposes of the processing, but you require the information for the establishment, exercise or defense of legal claims, or
where you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether Athenian has compelling legitimate grounds to continue processing.
Where personal information is subjected to restriction in this way we will only process it with your consent or for the establishment, exercise, or defense of legal claims. This right includes restricting the processing of your personal information to only include storage of your personal information (e.g. during the time when Athenian assesses whether you are entitled to have personal information erased).

If you want to request restriction of processing of your personal information, you may send us an email at the address noted in the Contact Information section above.

Right to object to processing justified on legitimate interest grounds

Where we are relying upon legitimate interest to process personal information, you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the personal information for the establishment, exercise, or defense of legal claims. Where we rely upon legitimate interest as a basis for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.

If you want to object to the processing of your personal information, you may send us an email at the address noted in the Contact Information section above.

Right to be informed of the appropriate safeguards where personal information are transferred to a third country or to an international organization

Refer to the Terms of Service for information on the safeguards that have been put in place to protect your personal information for transfer outside of the European Economic Area. For transfers to countries without an adequacy decision by the European Commission, Athenian puts appropriate safeguards through contractual obligations.

Right to Withdraw Consent

Where you have provided us with your consent to process personal information, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

You can do this by:

using certain web browser and opt-out options discussed in this Privacy Policy to limit the personal information you provide to us or our third-party partners (please see Section 4 “Does Athenian collect personal information automatically?”, Section 6 “When and how does Athenian share my personal information with others?” and Section 10 "Communication Preferences and Subscriptions”),
following the unsubscribe instructions included in emails,
sending us an email at the address noted in the Contact Information section above.

Right to Submit Complaints or Report Abuse

You also have the right to lodge a complaint with a supervisory authority, in particular in your country of residence, if you consider that the processing of your personal information infringes applicable laws.

If you need to report abuse, please contact us by email at abuse@athenian.co

California Privacy Rights

California Civil Code Section § 1798.83 permits users of our Websites and Services that are California residents to opt-out from the disclosure of your personal information to third-parties for their direct marketing purposes. To make such a request, you may send us an email at the address noted in the Contact Information section above.

Please be advised that where California State residents opt-out from permitting their personal information to be shared, such individuals may still receive selected offers directly from us, in accordance with applicable law.

9. Subscriber Data submitted to our Services or collected through our Services (on behalf of our subscribers)

Athenian subscribers electronically submit (or cause to be submitted) data to the Services for hosting, indexing and related processing. Athenian processes data only as provided in our subscription agreements with our subscribers, such as our Terms of Service available at https://www.athenian.co/terms-of-service.

As subscribers (or in some cases their clients or end users) control the data to be processed, Athenian’s platform, and Services may be used as a conduit for information.

The use of personal information collected through our Services at the direction of our subscribers shall be limited to the purpose of providing the Services for which the subscriber has engaged Athenian.

Although Athenian collects personal information related to subscriber personnel as they make use of our Services, Athenian has no direct relationship with individuals whose personal information is hosted or transmitted through the Services by subscribers or their permitted internet clients or end users. Subscribers are responsible for complying with any regulations or laws that require providing notice, disclosure, and/or obtaining consent prior to transferring the data to Athenian for processing purposes.

Athenian also collects, uses, and discloses personal information of individuals who visit our Websites (“Visitors”) and individual representatives of our subscribers, suppliers, and business partners (“Business Contacts”). This Section 9 does not apply to personal information associated with Visitors and Business Contacts collected, stored, and processed by Athenian which are governed by the other provisions of this Privacy Policy.

Choice

Our Services collect personal information for our subscribers. As a data processor of this personal information on our subscriber’s behalf, Athenian has limited ability to access personal information our subscribers submit to our Services. If you are a data subject for whom a subscriber has submitted personal information to the Services and would like your information not to be disclosed to a third-party or to be used for a purpose that is materially different from the purpose(s) for which the personal information was originally collected, then you should contact the subscriber directly. Concerns with personal information hosted or transmitted at the direction of our subscribers may be reported sending us an email at the address noted in the Contact Information section above. We will refer your requests to the appropriate subscriber.

Sub-processor Accountability

Athenian is responsible for the processing of personal information it receives, and subsequently transfers to a third-party acting as an agent on its behalf in accordance with our subscription agreements. Athenian may use from time to time third-party service providers, contractors, and sub-processors to assist in providing the Services on our behalf. Athenian maintains contracts with these third-parties restricting their access, use, and disclosure of personal information.

Security Measures

Athenian maintains administrative, physical, and technical safeguards to protect data submitted to the Services, including personal information.

Subscriber Data Integrity and Purpose Limitation

As a data processor, Athenian hosts, transmits, discloses, and processes data, which may include personal information about EU personnel of our subscribers administering, using or supporting the Services. Athenian may process data to provide the Services, to prevent or address technical or service problems, to follow the instructions of our subscribers and their personnel who submitted the personal information, or in response to contractual or legal requirements. Athenian does not control or own the data submitted by its subscribers, or their internet clients or end users, to the Services. Athenian may share personal information with its subsidiaries, contractors, or third-parties if Athenian undergoes a business transaction, such as a merger, acquisition by another company or sale of all or substantially all of its assets.

Data Subject Rights to Subscriber Data

Athenian acknowledges that you have the right to access your personal information. Athenian has no direct relationship with the individuals whose personal information our Services process on behalf of our subscribers. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate personal information should direct his or her query to the appropriate subscriber (i.e., the data controller). Subscribers have the ability to fulfill these requests, and Athenian will provide assistance for requests that subscribers are not able to complete. If the subscriber requests that Athenian remove the personal information, we will refer your request to the applicable subscriber and we will respond to the request within 30 days.

Subscriber Data Retention

Athenian retains the personal information we process on behalf of our subscribers for as long as needed to provide the Services to our subscribers and in accordance with our subscription agreements. To the extent not deleted by our subscribers, Athenian may also retain and use certain personal information for a reasonable period of time thereafter as necessary to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes, and enforce our agreements.

10. Communication Preferences and Subscriptions

Athenian offers visitors of its Websites and Services, personnel of our subscribers whose personal information is collected through our Websites or Services, and attendees or recipients of Marketing Activities a means to choose how we use the information provided. You may choose to stop receiving or participating in Marketing Activities, including newsletters, by following the unsubscribe instructions included in emails, or sending us an email at the address noted in the Contact Information section above.

11. Children under the age of 13

Our Websites and Services are not intended for children under 13 years old. No one under age 13 years old may provide any personal information to or on the Websites and Services.

We do not knowingly collect personal information from children under 13 years old. If you are under 13 years old, do not use or provide any information on our Websites or Services including on or through any of their features, register on the Websites or Services, make any purchases through the Websites or Services, use any of the interactive or public comment features of our Websites or Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 years old, we will delete that information without undue delay.

If you believe we might have any information from or about a child under 13 years old, please contact us using the information in the “Contact Information” section above.

12. Modifications

Athenian reserves the right to modify this Privacy Policy at any time. It is our policy to post any changes we make to this Privacy Policy on this page and the changes will be effective upon Athenian’s publication of the updated Privacy Policy except as described below. If Athenian makes material changes to how we treat your personal information, we will notify you by email (sent to the email address specified in your account) or by means of a notice on this page thirty (30) days prior to the change becoming effective. However, changes made to comply with applicable laws will be effective immediately. You are responsible for ensuring we have an up-to-date email address for you and periodically visiting this page to check for any changes to our Privacy Policy. Your continued use of the Websites and the Services expressly indicates your acceptance of Athenian’s then-current Privacy Policy and your consent to Athenian’s collection of personal information in accordance with the then-current Privacy Policy.

If you have questions or concerns about this Privacy Policy, please contact Athenian using the information in the “Contact Information” section above. The date this Privacy Policy was last revised is identified at the top of the page.

‍