Are you optimizing development efficiency within your organization? Read our whitepaper on developer velocity to learn more!

Cloud Privacy Policy – Architect.io Inc.

Last updated: February 28, 2023

Architect.io, Inc. (“Architect.io”, “we”, “us” or “our”) respects the privacy of our users (“data subject”, “user”, “you”, or “your”). This Policy applies to information we collect when you use our website https://www.architect.io (“Site”) including any other media form, media channel, mobile website, or mobile application related or connected thereto provided or officially sponsored by Architect.io, or any other Architect.io websites that link to this Policy (collectively, the “Websites”).

Our belief is that any personal information provided to us by you is just that: personal and private. This Privacy Policy (“Privacy Policy”, “Policy”), hereby deemed our data protection declaration in accordance with the General Data Protection Regulation (“GDPR”) explains how we collect, use, disclose, and safeguard your information when you visit our Websites.

By means of this Privacy Policy, we would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, you are informed, by means of this data protection declaration, of the rights to which you are entitled. Please read this Privacy Policy carefully. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS THE WEBSITES.

Definitions

Our Privacy Policy is primarily based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). We believe that our policies should be legible and easy to understand for the general public, as well as our customers and business partners. Please review the definitions of the following terms as they are used in this Privacy Policy.

Personal Data

Any information relating to an identified or identifiable natural person (“data subject” or “user” or “you”), is considered personal data. An identifiable natural person is anyone who can be directly or indirectly identified, in particular by reference to an identifier such as a name, an identification number, location data, online identifiers, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Sensitive Personal Data

This refers to the various categories of personal data identified by European and other data privacy laws as requiring special treatment, including (in some circumstances) the need to obtain explicit consent. These categories comprise personal identity numbers, personal data about your personality and private life, racial or ethnic origin, nationality, political opinions, membership of political parties or movements, religious, philosophical or other similar beliefs, membership of a trade union or profession or trade association, physical or mental health, genetic code, addictions, sexual life, property matters or criminal records (including information about suspected criminal activities).

Data Subject

When you share personal data with us for processing, you become the data subject according to the General Data Protection Regulation, making us the controller responsible for processing.

Controller, Controller Responsible for Processing

The legal person, public authority, agency or other body which determines the purposes and means of processing personal data, whether alone or jointly with others. Where the purposes or means of processing are determined by Union or Member State law or other applicable law, rules or regulations, the controller (or the specific criteria for nominating the controller) may be provided for by the governing authority.

Note: For the purposes of this Privacy Policy, the General Data Protection Regulation (GDPR), and other applicable data protection laws, rules, regulations and provisions, Architect.io, Inc. is deemed the controller. Please see below for contact information regarding the controller.

Processing

We consider any operation or set of operations performed on any personal data to be processing, whether through automated means or otherwise. Such operations include collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, alignment or combination, restriction, erasure or destruction, and disseminating or otherwise making personal data available.

Restriction of Processing

To limit the processing of personal data in the future, such data may be marked to indicate this restriction of processing.

Profiling

Any form of automated processing of personal data to evaluate certain personal aspects relating to a natural person is considered profiling. In particular, such processing may be used to analyze or predict aspects concerning that natural person’s performance at work, health and economic situation, personal preferences, interests, reliability, behavior, location or movements.

Pseudonymization

Processing personal data in a way that prevents that data from being attributed to a specific user without additional information is considered pseudonymization. This process ensures that information required to identify a natural person using pseudonymized data is kept separately, and is subject to both administrative and technical measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Processor

As defined by the General Data Protection Regulation, the processor is a natural or legal person, public authority, agency or other body that processes data on behalf of the controller.

Recipient

The recipient is any natural or legal person, public authority, agency or other body to which personal data is disclosed, whether a third party or otherwise. Public authorities, however, which may receive personal data in the framework of a particular inquiry (in accordance with Union or Member State law, and other applicable laws, rules, and regulations), are not considered recipients. Processing of personal data by those public authorities must be in compliance with the applicable data protection rules according to the purposes of such processing.

Third Party

Third parties consist of any natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

We consider consent of a user to be any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them, either by a statement or by a clear affirmative action.

What tracking technologies do we use?

We use cookies and web beacons on our Websites

We may use cookies, web beacons, tracking pixels, and other tracking technologies on our Websites to help customize the Websites and improve your experience. For more information on how we use cookies, please refer to our Cookie Policy posted on the Site, which is incorporated into this Privacy Policy. By using our Websites, you agree to be bound by our Cookie Policy.

We use automated website analytics

We partner with selected third party vendors, such as Google Analytics, Segment, and Netlify which may allow tracking technologies and remarketing services on our Websites through the use of first party cookies and third party cookies, to, among other things, analyze and track users’ use of our Websites, determine the popularity of certain content and better understand online activity.

By accessing the Websites, you consent to the collection and use of your information by these third-party vendors. You are encouraged to review their privacy policies and contact them directly for responses to your questions. We do not transfer personal information to these third-party vendors. However, if you do not want any information to be collected and used by tracking technologies, you can visit the third party vendor or Network Advertising Initiative Opt-Out Tool or Digital Advertising Alliance Opt-Out Tool.

Note: You should be aware that getting a new computer, installing a new Internet browser, upgrading an existing browser, or erasing or otherwise altering your Internet browser’s cookies may also clear certain opt-out cookies, plugins or settings.

We use tracking pixels for email updates and newsletters

Our newsletter and emails sent from or on behalf of Architect.io may contain tracking pixels, or a transparent image embedded in emails to enable log file recording and analysis. We use information collected in this manner to perform statistical analysis of the success or failure of online marketing and customer outreach efforts. Based on the embedded tracking pixel, we may be able to determine if and when an email was opened, and which links in the email were accessed.

Personal data collected using tracking pixels is stored and analyzed by us (and is not shared with third parties) to optimize the delivery of our newsletters and emails, and to improve the relevance of the distributed content. Many email clients and web browsers support functionality to opt out or prevent the use of these tracking mechanisms, however users are entitled to revoke their consent to receiving our newsletter at any time, after which personal data collected in this manner will be deleted by us. We automatically consider a withdrawal or cancellation of subscription to our newsletter as a revocation of your consent.

Here’s our take on Do-Not-Track signals

While many web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected, no uniform technology standard for recognizing and implementing DNT signals has been finalized. Because of this, we don’t respond to DNT browser signals or any other mechanism that automatically communicates your choice to not be tracked online. We care about your privacy and your choices, so if a standard for responding to DNT signals is adopted in the future, we will update this Privacy Policy to reflect such practices.

What data do we collect?

While we try to limit the amount of data about you that we collect, it’s not always avoidable to provide our services to you. To receive services from us, you may be asked to share certain information as a contractual or statutory requirement (e.g., tax regulations). You are not obliged to share any information with us, however refusal to do so may result in any existing or proposed contract to be terminated or otherwise rendered void.

More specifically, information we may collect through the Websites includes:

We may collect personal data

When you access or register with the Websites, or when you choose to participate in other activities related to the Websites like online chat, contact or support, purchases, and subscriptions to services or newsletters, you may be asked to voluntarily share personally identifiable information with us. This information includes details such as your name, shipping address, email address and telephone number, as we as demographic information such as your age, gender, hometown, place of employment and interests. You’re not obligated to provide us with any personal information of any kind, and you are free to change or completely remove any information shared with us at any time, however refusing to do provide requested personal data might prevent you from using certain features of the Websites.

If you choose to register for an account with Architect.io or on our Websites, it may be possible for you to share personal data with us. Personal data that we ask for will be indicated as such with an explanation of why we are requesting it, and what it will be used for. By registering and providing us with personal data in this manner, you are providing explicit consent for your information to be used in accordance with this Policy.

We may require additional verification of your consent through a double opt-in procedure where we send a confirmation email to the email address provided for legal purposes and to prevent abuse of our services. To make sure we’re sending newsletters to only those who are interested in receiving them, we may periodically send additional confirmation emails to verified subscribers of our newsletter. Other than confirmation emails, we will not send unsolicited email newsletters to an email address without first receiving consent.

We generally don’t seek to collect sensitive personal data through our Websites, but if we do, we will ask you to consent to our proposed uses of the data. We may also collect some sensitive personal data incidentally. By providing us with unsolicited sensitive personal data, you consent to our using the data subject to applicable law as described in this Policy.

You might provide financial data

When you purchase, order, return, exchange or request information about our services from the Websites, you may be asked to share financial data with us related to your payment method. This information may include your valid credit card number, card brand, and expiration date, as well as other details necessary to process your payment information. We store only very limited (if any) financial information that we collect. Otherwise, all financial information is processed and stored by our payment processors, such as Stripe and PayPal. We encourage you to review their privacy policies and contact them directly for responses to your questions.

You might voluntarily share additional data

We automatically collect any information you provide when you voluntarily submit it to us such as your first name, last name, email address, phone number, job title and company name. You may choose to contact us by email or through our Websites for a variety of purposes such as product or company inquiries, customer support inquiries and sales requests. Throughout our Websites, we may also provide the opportunity to register for events or conferences, order or request white papers, or participate in online surveys. When we collect this type of information, we will notify you as to why we are asking for information and how this information will be used. It is completely up to you to choose whether or not you want to provide it.

We also provide the ability to submit job applications to our open job listings. To appropriately respond to your application, we need to collect and process your provided personal data, which may also be carried out electronically. If we begin an employment contract with you, your submitted application data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. With your consent, we may store your application data for up to twelve months for future consideration for employment with us. Otherwise, your application data will automatically be erased six (6) months after notification of the refusal decision, provided that we have no other legitimate interests that require such data such as burden of proof under the Equal Opportunity Act and General Equal Treatment Act.

We do collect some general data

Whenever you (or any other manual or automated system) accesses our Websites, we collect some general data and information about the request and store the relevant details in server or system log files. This data includes details like your IP address, your browser type and version used, your operating system, the time and date you accessed the Websites, and the pages you viewed directly before and after accessing the Websites. Additional detail may be collected or derived from this information for use in the event of an attack on our information technology systems.

We use this information to make sure the content of our Websites is delivered correctly, to optimize our Websites content, marketing and advertisements, to ensure the long-term performance and viability of our information technology systems and Websites, as well as to provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.

To support these efforts, we analyze anonymously collected data and information statistically, with the aim of increasing the data protection and security of our company, and to maintain an optimal level of protection for the personal data we process. This anonymous data stored separately from all personal data provided by users to protect their privacy and ensure that we do not draw any conclusions about any individual users when analyzing this data.

How long do we keep your data?

We only process and keep any personal data that you share with us for as long as needed to achieve the purpose of storage, as long as consent is maintained, or as long as is granted by the European or other legislators in laws or regulations we are subject to. The exact length of time we keep personal data depends on the respective statutory retention period for that type of information. After that period of time passes, or if storage of personal data is not applicable, personal data is routinely blocked, deleted or erased as long as it is no longer necessary for the fulfillment or initiation of a contract with us.

If you would like to withdraw your consent to data processing by us, we have established processes to support your requests. To withdraw consent for any purpose, please contact us at privacy@architect.io and allow a reasonable amount of time to respond to your request. To stop receiving free newsletters or promotional communications from us, you may indicate your preference by following the unsubscribe instructions provided in the newsletter or by contacting us directly at privacy@architect.io. Should you decide to opt-out of receiving future mailings, we may share your email address with third parties to ensure that you do not receive further communications from us. Despite your indicated email preferences, we may send you notices of any updates to our Terms of Service or Privacy Policy.

How do we use your information?

Having accurate information about you helps us provide a smooth, efficient, and customized experience. Generally speaking, we use any information we collect to provide services to you, keep our Websites running smoothly, and protect us legally. More specifically, we may use information collected about you via our Websites to:

In accordance with applicable law, information covered by this Policy may be transferred to, and processed in, the United States or any other country in which Architect.io or its affiliates, subsidiaries or service providers maintain facilities, even if the level of data privacy required in that country is less than that required by the European Union or other jurisdictions. By accessing our Websites or submitting your personal data to us, you consent to such transfers and to the worldwide processing of your personal data.

Architect.io will not use or share your personal information in ways unrelated to those described above without first notifying you and offering you a choice as to whether or not we may use your personal data in a different manner. We do not use automatic decision-making or profiling, and will not sell your personal data for any purpose.

When do we share your information?

We try not to share your personal information that you’ve shared with us, but it may be necessary to disclose it in certain situations. We will not sell individual information and will share it only as outlined in this Policy.

When you ask us to share it

We display personal testimonials of satisfied customers on our Websites in addition to other endorsements. With your consent, we may post your testimonial along with your name on our Websites. If you wish to update or delete your testimonial, please contact us at privacy@architect.io.

To obey the law or protect rights

If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies or fraudulent activities, or when we believe in good faith that disclosure is necessary to protect our rights, property, and safety, we may share your information as permitted or required by any applicable law, rule or regulation, including exchanging information with other entities for fraud protection and credit risk reduction. We will have no duty to notify you of such compliance with local law where applicable.

To support necessary business activities

We may share your information with advertisers and investors for the purpose of conducting general business analysis. Additionally, we may share your personal with third parties necessary to provide you with services you have requested such as our hosting, email service, analytics, customer service, parcel delivery service, event or campaign management providers. These parties are authorized to use your personal data only as necessary to provide these services to us or on our behalf, and it is up to you whether or not you choose to provide it. We may also share your information with such third parties for marketing or remarketing purposes, as permitted by applicable law, rule or regulation. Where possible, we attempt to anonymize or pseudonymize your personal data to limit any potential for direct disclosure.

In the U.S. and other jurisdictions with similar laws, we will only share your personal information if you have not expressed your preference by opting out of having your information shared. In countries that are members of the European Union and all other jurisdictions with similar laws, we will only share your personal information if you have agreed to allow us to share your information with third parties. You have the opportunity to not receive such marketing materials from third parties by updating your subscription preferences.

If you share choose to share it

Our Websites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at privacy@architect.io.

We also provide certain social media features on our Websites, such as the Facebook Like button and widgets, such as the “Share This” button or other interactive mini-programs that run on our Websites. These features may collect your IP address, which page you are visiting on our Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Websites. Your interactions with these features are governed by the privacy policy of the company providing the feature.

Additionally, certain features on our Websites, specifically those for applying to a job opening at Architect.io, you may use sign-in services such as LinkedIn or other OpenID providers. These services will authenticate your identity, provide you with the option to share certain personal information (such as your name and email address) with us, and to pre-populate our application form. Services like LinkedIn often give you the option to post information about your activities on our Websites to your profile page to share with others within your network.

We may also partner with other companies that offer products or services related to ours or that host or sponsor related events. In such instances, we may share your information with these business partners if you express interest in such products, services or events if you provide your personal information to event sponsors at their booths or presentations.

Note: In some cases, we may not be able to guarantee the removal of your personal data, in which case we will let you know if we are unable to do so and why.

If you leave the Websites to a third party

Our Websites may contain links to third party websites and applications of interest, including advertisements and external services, that are not affiliated with us. Additionally, some of our Websites may use framing techniques to serve content to or from our partners while preserving the look and feel of our Websites. Once you have used these links, any information you provide to these third parties is not covered by this Privacy Policy, and we cannot guarantee the safety and privacy of your information.

Before visiting and providing any information to any third party websites, we encourage you to inform yourself of the privacy policies and practices (if any) of the third party responsible for that website. You should take those steps necessary to protect the privacy of your information as you see fit. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Websites.

It’s worth noting that we have no authority to manage or control third party solicitations, and are not responsible for the content or actions of third parties with whom you share personal or sensitive data. If you no longer wish to receive correspondence, emails or other communications from any third parties, you are responsible for contacting such third parties directly.

Note: Architect.io does not endorse or make any representations about third party websites. We encourage you to carefully read the privacy policy of any website you visit.

In the event of a merger or acquisition

If Architect.io is involved in a merger, acquisition, sale of all or a portion of our assets, or bankruptcy, your information would be an asset transferred or acquired by the successor entity or third party. You acknowledge that such transfers may occur and that the transferee may decline to honor commitments we have made in this Privacy Policy. You will be notified by email and/or a prominent notice on our Websites of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.

What are my rights with personal data?

We recognize, under the EU-US and Swiss-US Privacy Shield and the General Data Protection Regulation, that you have certain rights in regards to your personal data. We feel that your privacy and ability to preserve and exercise your rights is very important. You are encouraged to review and understand these rights as they pertain to you and your personal data. These rights include, but are not limited to:

In support of these rights, upon request Architect.io will provide you with information about whether we hold any of your personal data. You may update, correct or delete information about you at any time by contacting us at privacy@architect.io. If you wish to delete or suspend your account, please contact us at privacy@architect.io, but note that we may retain certain information as required by law or for legitimate business purposes. If you have become aware that an account has been created about you without your knowledge or consent, you may contact us at privacy@architect.io to request deletion of that said account.

For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. Please allow us a reasonable amount of time to respond to your request.

Note: We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may also retain cached or archived copies of your information for a certain period of time.

How do you protect my information?

Architect.io takes reasonable administrative, technical and physical security measures to help protect your personal data from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received, taking into account the nature of such data and the risks involved in processing, and comply with applicable laws and regulations.

While we have taken reasonable steps to secure the personal data you provide to us, please be aware that despite our best efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal data via our Websites. To this end, you are free to transfer personal data to us through alternative means as necessary, e.g. by telephone or posted mail.

If you have any questions about security or any reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us at privacy@architect.io.

Where can I get more information?

If you have any questions regarding this Privacy Policy, please contact us as set forth in the “Contact Us” section below. We will investigate your question, respond to your inquiry, and attempt to resolve any concerns regarding your privacy question.

Policy for children

We do not knowingly solicit information from or market to children under the age of thirteen (13). If you are under age 13, please do not give us any personal data. We encourage parents and legal guardians to monitor their children’s Internet usage and to help us enforce our Privacy Policy by instructing them to never share personal data through our Websites without their permission. If you suspect or become aware of any data we have collected from children under age 13, please contact us immediately using the contact information provided below.

Our Websites and products are not intended for, nor designed to attract individuals under the age of eighteen (18). Architect.io does not knowingly collect personally identifiable information from any person under the age of eighteen.

California Privacy Rights

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year.

If you are under 18 years of age, reside in California, and have a registered account with our Websites, you have the right to request removal of unwanted data that you publicly post on our Websites. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on our Websites, but please be aware that the data may not be completely or comprehensively removed from our systems.

Note: Architect.io does not monitor, recognize, or honor any opt-out or Do-Not-Track (“DNT”) mechanisms including general web browser DNT settings and/or signals at this time.

Notice to All Non-US Residents

Our servers are located in the US. If you are located outside of the US, please be aware that any information provided to us, including personal information, will be transferred from your country of origin to the US. Except in the case of data transfers under the EU-US Privacy Shield, the Swiss-US Privacy Shield, and the General Data Protection Regulation (GDPR), your decision to provide such data to us, or allow us to collect such data through our Websites, constitutes your consent to this data transfer.

Notice for Residents of the European and Swiss Economic Areas

Architect.io is committed to subjecting all personal data received from European Union (“EU”) member countries and Switzerland, in reliance on the Privacy Shield Framework (“Privacy Shield”), to the Privacy Shield’s applicable Principles. To learn more about the Privacy Shield Framework, and to view our certification page, please visit: https://www.privacyshield.gov

We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from the EU and Switzerland. We have certified that we adhere to the Privacy Shield Principles. If there is a conflict between this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

Architect.io is responsible for the processing of personal data we receive, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on our behalf. Architect.io complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including, unless we prove that we are not responsible for the event giving rise to the damage, the onward transfer of liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Architect.io is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Architect.io may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

EU or Swiss residents with inquiries or complaints regarding this Privacy Policy should first contact Architect.io at privacy@architect.io. Please allow a reasonable amount of time to respond to your request. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed by Architect.io, please contact our U.S.-based alternative dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

If these processes do not result in a resolution, you may then contact your local data protection authority, the U.S. Department of Commerce, and/or the Federal Trade Commission for assistance. Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted and upon written notice to Architect.io at privacy@architect.io.

Changes to This Policy

If we make material changes, we will notify you by revising the date at the top of the Policy, and in some cases, we may provide you with more prominent notice (such as adding a statement to our homepage or sending you an email notification). Any changes or modifications will be effective immediately upon posted the updated Privacy Policy, and you waive the right to receive specific notice of such changes or modifications.

We encourage you to review the Policy whenever you access the Websites to stay informed about our information practices and the ways you can help protect your privacy. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes to the Privacy Policy by your continued use of the Websites after the date such Policy is posted.

Contact Us

If you have any questions or comments now or during your visit or wish to request a copy of this Privacy Policy, please get in touch with us at privacy@architect.io.

Get started

Ready to try Architect?