Privacy and Data Protection Policy

xtype.IO Ltd. (“us”, “we" or “our”) operates this website (the “Website”) and the related propriety Enterprise Application Lifecycle Management Services which are provided under separate agreement (the “Subscription Services”, and collectively with the Website, the “Services”).

We value your privacy and have posted this Privacy Policy to inform you of our practices regarding the collection, use and disclosure of personally identifiable information which we collect or are provided with in connection with your use of the Services (hereinafter, “Personal Data”).

By using the Services, you agree to the collection and use of information (including, without limitation, Personal Data) in accordance with this Privacy Policy.

We collect several different types of data for various purposes to provide and improve our Services to you.

Processing of any Personal data collected from our customers in the framework of our Services is subject to terms of the Data Processing Addendum located at https://www.xtype.io/dpa.html (“DPA”).

If you are a resident of California, please see the Supplemental Notice for California Residents below for additional information about our processingpractices.

The Personal Data You Provide

While using our Services, we may ask you to provide us with certain Personal Data, which may include, but is not limited to:

(i) Email address

(ii) First name and last name

(iii) Phone number

(iv) Address, State, Province, ZIP/Postal code, City

(v) Demographic Information

(vi) Information concerning professional background

(vii) Billing Information

When you contact us, or when we contact you, we may receive and process any Personal Data that you provide us.

Though you are not required by law to provide us your Personal Data, failing to provide us with any necessary Personal Data might jeopardize our ability to provide you with essential services. We will not use or disclose your Personal Data for purposes other than those specified in this Privacy Policy.

The Personal Data that we collect

When you access our Services, our servers log certain 'traffic/session' information from your device, such as the country from which you use the Service, the browser type, operating system, geo-location and the Internet Protocol (IP) address. We also collect information about your activity, for example your log-in and log-out time, the duration of sessions, viewed webpages or specific content on webpages, etc. ("Usage Data").We do not collect any Personal Data of our customer’s end users, however we may collect Personal Data (such as the log-in details) of our Customers’ personnel in connection with provision of our Services.

Aggregated and Analytical Information

We may use Google Analytics and additional or other analytics tools, from time to time, to learn about how users use the website and Subscription Services, in support of our Service-related activities and operations. The privacy practices of these tools are subject to their own privacy policies and they use their own cookies to provide their service (for further information about cookies, please see the ‘Cookies’ section in this policy).

For further information about the Google Analytics privacy practices, please read their Privacy Policy at: https://policies.google.com/privacy?hl=en

You can also read How Google uses data when you use Google partners’ sites or apps at: https://policies.google.com/technologies/partner-sitesWe reserve the right to use anonymous, statistical or aggregate data for any purpose, including, but not limited to, improving the content of our Website and the functionality of our Service, marketing, and analyzing the use of our Website and our Services. We may also disclose such anonymous aggregate information to our partners or third-party service providers, excluding any Personal Data, except as otherwise provided in this Privacy Policy

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Services and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Services.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.

You can find more information about cookies and other online tracking technologies through the US Federal Trade Commission and the EU Commission websites at: https://www.consumer.ftc.gov/articles/0042-online-tracking or https://wikis.ec.europa.eu/display/WEBGUIDE/04.+Cookies+and+similar+technologies

If you wish to learn more about the types of cookies that we and our service providers use, and the ways these cookies are used, please contact us at: compliance@xtype.io.

What we do with your Personal Data

We use the Personal Data we collect and receive to provide you with Services, to study and analyze the functionality of our Services, to analyze users' activities, and to maintain, develop and improve our Services.

We may use your email address, and other contact information you provide, to contact you when necessary, to send you reminders and to provide you information and notices about our Services and the products and services of our commercial partners.

We obey the law and expect you to do the same. If necessary, we may use your Personal Data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of our Services, and to take any action in any legal dispute and proceeding.

Disclosing Personal Data to Others

We will disclose your Personal Data to service providers and other third parties as necessary to fulfill the purposes for collecting the information and deliver the Services to you. We may also disclose your Personal Data to our affiliates - these include any subsidiaries, sister-companies and parent companies.

Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).Additionally, circumstances may arise where we may be required to transfer your Personal Data to other entities in connection with a merger, acquisition, reorganization or sale of assets or in the event of liquidation or bankruptcy.

Removal of Personal Data from Our System

At any time, you can unsubscribe our mailing lists or newsletters, by sending us an opt-out request to: marketing@xtype.io.

At any time, you can exercise your following opt-out options:(i) Object to the disclosure of your Personal Data to a third party, other than to third parties who act as our agents to perform tasks on our behalf, under our instructions, or third party publishers who received such Personal Data pursuant to the Terms and/or separate agreement with you; and (ii) object to the use of your Personal Data for a purpose that is materially different from the purposes for which we originally collected such Personal Data.

You can exercise your choice by contacting us at: compliance@xtype.io Following the termination or expiration of the Services, we will stop collecting any Personal Data from or about you. However, we will store and continue using or making available your Personal Data according to our data retention section in this Privacy Policy.

Legal Basis for Processing Personal Data Under General Data protection Regulation (GDPR)

If the data protection laws of the European Union apply to you, then the following terms will apply:

Our legal basis for collecting and using the Personal Data described in this Privacy Policy (when we act as data controllers):(i) when you register to the Services we process the contact information that you provide to us, for the purpose of sending you from time to time (by email, SMS text message, telephone, post or other electronical means) information about our Services which may be important or of interest to you;(ii) when processing of your Personal Data is necessary for us to perform our agreement with you;(iii) when the processing of your Personal Data is necessary for us to comply with legal obligations to which we are subject, or to protect your and others’ vital interests;(iv) when processing of your Personal Data is necessary for legitimate interests, such as cyber security and data protection, fraud detection, service maintenance and control, support, back-up, data disaster recovery.

Processing of your Personal Data under these lawful grounds, are not subject to your consent to this Privacy Policy.

In addition to your rights under other sections in this Privacy Policy, you have the following rights:

(i) to access the Personal Data as specified below;

(ii)    to contact us if you want to withdraw your consent to the processing of your Personal Data; exercising this right will not affect the lawfulness of processing based on consent before its withdrawal;

(iii) to request to delete or restrict access to your Personal Data -  we may postpone or deny your request if your Personal Data is in current use for providing the Services (for example you have a pending claim) and/or according to other legitimate purposes such as compliance with regulatory requirements.If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you may request to be informed that third parties that hold your Personal Data, in accordance with the relevant parts of this Privacy Policy, will act accordingly.

(iv) you may ask to transfer your Personal Data in accordance with your right to data portability;

(v) you may object to the processing of your Personal Data for direct marketing purposes;

(vi) you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you and/or similarly significantly affecting you;

(vii) You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).We do periodical assessments of our data processing and privacy practices, to make sure that we comply with this Privacy Policy, to update this Privacy Policy when needed, and to verify that this Privacy Policy is displayed properly and accessible.

A summary and further details about your rights under the European Union data protection laws, is available on the European Commission’s website at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en

Accessing Your Personal Data

At any time, you may contact us at: compliance@xtype.io   and request to access the Personal Data that we keep about you. Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us credentials to make sure that you are who you claim to be and may ask you further questions to understand the nature and scope of your request.

If you find that the Personal Data on your account is not accurate, complete or updated, then please provide us the necessary information to correct it.

If you’d like us to delete Personal Data that you have provided, please contact us at: compliance@xtype.io and we will respond in a reasonable time.  Please be advised that we may retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.  In addition, after we delete your Personal Data, residual copies may take some time before they are deleted from our active servers and may remain in our backup systems.

This deletion will not change or delete Personal Data which may have already been shared with third parties, as permitted in this Privacy Policy or any other agreement between you and us.

If you have any concerns about the way we process your Personal Data, you are welcome to contact our data protection team at: compliance@xtype.io.  We will look into your enquiry and make good-faith efforts to resolve any existing or potential claim you may have. If you remain unsatisfied with our response, you may also refer the matter to the relevant supervisory authority.

Retention of Data

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Services, or when we are legally obligated to retain this data for longer time periods.

Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

We store and process information in Amazon AWS US East and EU regions where our clusters run.

If you are a resident in a jurisdiction where transfer of your Personal Data to another jurisdiction requires your consent, then you provide us your express and unambiguous consent to such transfer. You can contact our data protection team at: compliance@xtype.io for further information about data transfer.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Data Security

We will use our best efforts to protect the confidentiality of your Personal Data. We use reasonable data security measures in line with industry standards. We also adopted strict rules that include technical and physical administrative measures for protecting your Personal Data, including protecting against Personal Data misuse and against unauthorized hacking.

Although we make efforts to protect your privacy, we cannot guarantee that the Service will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse. Should, despite of our security measures, a security breach occur that is likely to result in a risk to the data privacy of a data subject, we will inform the relevant data subjects and other affected parties, as well as relevant authorities when required by applicable data protection and privacy laws, about the security breach as soon as reasonably possible.

Service Providers

We may employ third party companies and individuals to facilitate our Services, to provide the Services on our behalf, to perform Service-related services or to assist us in analyzing how our Services are used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Links to Other Websites

Our Service may contain links to other websites that are not operated by us. If you click on a third- party link, you will be directed to that third party's website. We strongly advise you to review the privacy policy of every website you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party websites or services.

Supplemental Notice for California Residents


This Supplemental Notice for California Residents applies solely to residents of California regarding their "Personal Information" as defined in the California Consumer Privacy Act, as amended ("CCPA"), and supplements in the privacy policy above.
a. How We Collect, Use, Disclose, and Retain Personal Information
We collect Personal Information as described in the sections above titled “The Personal Data You Provide” and “The Personal Data that we collect”, and we use Personal Information for the purposes set forth in the section above titled “What we do with your Personal Data”. We disclose Personal Information as discussed in the section above titled “Disclosing Personal Data to Others”.

In addition, the CCPA requires us to provide the “categories” of Personal Information we collect and the categories of entities to which we disclose such Personal Information. In the 12 months leading up to the effective date of this Privacy Policy, we have collected and disclosed Personal Information as follows:


Category of Personal Information

Categories of entities to which the Personal Information was disclosed

Identifiers, such as first and last name, email address, phone number, and physical address.

Service providers and other third parties, including vendors; third parties for legal compliance purposes.

Financial information, such as billing information.

Service Providers and other third parties, including vendors; third parties for billing purposes

Professional or employment-related information, such information concerning your professional background.

Service Providers and other third parties, including vendors; third parties for marketing purposes

Internet or other electronic network activity information, such as IP address, cookie information, the duration of your session on our Site, and pages you viewed.

Service Providers and other third parties, including vendors; third parties for marketing purposes

Location information, such as general location.

Service Providers and other third parties, including vendors; third parties for marketing purposes. General location data only, no details of geo-location.

Other information that identifies or reasonably could identify you, such as demographic information.

Service Providers and other third parties, including vendors; third parties for marketing purposes. General location data only, no details of geo-location.

 


We retain Personal Information as described in the “Retention of Data” section of the Privacy Policy above.

b. "Sales” and “Sharing”
As part of our uses and disclosures of Personal Information, during the 12 months leading up to the effective date of the Privacy Policy, we may have “sold” and “shared” (as those terms are narrowly defined under the CCPA) California residents’ Identifiers and Internet or other electronic network activity information (each as described above) to advertising, marketing, and analytics services to assist with such activities. We do not “sell” or “share” Personal Information (as those terms are defined under the CCPA) if we have actual knowledge that a consumer is less than 16 years of age.
To exercise your CCPA right opt out of what the CCPA calls “sales” or “sharing” of Personal Information, please follow the instructions on this page.
Your browser may also offer a way to activate the Global Privacy Control signal (“GPC”). Our Services treat qualifying browsers for which the user has activated the GPC signal as having opted out of what CCPA calls a “sale” or "sharing" of any California Personal Information that is collected on the Services from that browser using cookies and similar technology, unless you have separately opted into the use of cookies.

c. California Privacy Rights
If you are a California resident, the CCPA may permit you to request that we:
• Provide you the categories of Personal Information we have collected or disclosed about you in the last 12 months; the categories of sources of such information; the business or commercial purpose for collecting or (if applicable) selling your Personal Information; and the categories of third parties to which we disclosed Personal Information, and more specific information about what categories of Personal Information were “sold,” “shared,” or disclosed to particular categories of third parties (much of this information is already provided above).
• Provide access to and/a copy of certain Personal Information we have about you.
• Delete certain Personal Information we have about you.
• Correct certain Personal Information we have about you.

Certain Personal Information is exempt from such requests under applicable law. You also may have the right to receive information about the financial incentives that we offer to you (if any). You also have certain rights under the CCPA not to be discriminated against (within the meaning of the CCPA) for exercising these CCPA rights.
To request to exercise these CCPA rights, you may email us at compliance@xtype.io. We may take certain steps to verify your identity before processing your request, including, where applicable, by requesting additional information. For security and legal reasons, we may not accept requests that require us to access third-party websites or services.

You may also designate an authorized agent to submit certain requests on your behalf. For an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We have no obligation to honor requests from purported agents if we lack sufficient confidence that this has occurred and that they are authorized to submit the request on your behalf. We may require you to verify your identity directly with us before processing an agent's request.

Although the CCPA also now confers certain rights to limit certain uses of what the CCPA calls “sensitive personal information,” we do not use sensitive personal information in a manner relevant to that opt-out right.

Children's Privacy


We do not knowingly collect Personal Data from anyone under the age of 18. By Agreeing to this Privacy Policy, you indicate that you are over the age of 18 and you consent also to the process the Personal Data of your children or legal dependents under the age of 18 (if applicable) in accordance to this Privacy Policy. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us.

Changes to this Privacy Policy


We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us


If you have any questions about this Privacy Policy, please contact us at compliance@xtype.io.
Data Controller: Xtype.IO Ltd.
Address: Avshalom Haviv 4, 6949503, Tel Aviv, Israel
Phone: +1 920 709 8645
EU representative: compliance@xtype.io
Data Protection Officer: compliance@xtype.io

LAST UPDATED: June 26, 2023

Not enough people in the platform team?

Loved by Platform Architects, Trusted by Platform Owners and the Business