At Autenix, we take your privacy seriously. This Privacy Policy describes the information we collect, how we use it, and your rights regarding that information. We are transparent about our practices because trust is fundamental to compliance.

What Data We Collect

We collect the following specific types of data:

Information You Provide to Us

Name, email address, and company name — collected when you fill out our demo request form or contact form
Account information — when you create an account, we collect your name, email, company, and any profile information you provide
Communication data — messages, emails, and other communications you send to us

Infrastructure Metadata

If you connect your cloud infrastructure (AWS, Azure, GCP, Kubernetes) to our platform, we collect:
Configuration metadata (resource types, regions, service names)
Security and compliance control states
Access logs and activity metadata (for compliance monitoring)
We do not collect sensitive data, passwords, or personal information from your infrastructure

Usage Analytics

Basic, non-invasive analytics including page views, feature usage, and general platform interaction patterns
We use this data to improve our service and understand how features are used
We do not track individual user behavior across websites or use invasive tracking technologies

How We Use Your Data

We use your data for the following specific purposes:

Providing compliance assessments — to analyze your infrastructure and generate compliance reports for frameworks like SOC 2, ISO 27001, HIPAA, GDPR, and PCI DSS
Generating reports — to create auditor-ready compliance reports and dashboards
Improving the service — to identify bugs, understand feature usage, and enhance platform performance
Customer support — to respond to your inquiries, provide technical assistance, and resolve issues
Account management — to manage your account, authenticate users, and provide access to platform features
Security and fraud prevention — to detect and prevent unauthorized access, fraud, and security threats

We do not sell your data. We do not share your personal information with third parties for marketing purposes. We do not use your data for advertising.

How We Store & Protect Data

As a compliance platform, data security is fundamental to our business. We implement the following security measures:

Encryption

Encryption at rest — all data stored in our databases is encrypted using industry-standard encryption algorithms
Encryption in transit — all data transmitted between your devices and our servers uses TLS 1.2 or higher

Access Controls

We follow the principle of least privilege — employees only have access to data necessary for their job functions
All access is logged and monitored for security purposes
Multi-factor authentication is required for all employee accounts

Secure Infrastructure

We use secure cloud infrastructure with regular security audits and compliance certifications
Our infrastructure is regularly updated with security patches
We conduct regular security assessments and penetration testing

Data Retention

We retain your data only for as long as necessary to provide our services and comply with legal obligations. When you delete your account, we delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

Third Parties

We work with the following categories of third-party service providers to operate our platform:

Cloud Hosting

We use cloud hosting providers to host our platform and store data. These providers are contractually obligated to protect your data and comply with applicable data protection laws.

Analytics

We may use analytics services to understand how our platform is used. These services collect aggregated, anonymized data and do not identify individual users.

Email Services

We use email service providers to send transactional emails, notifications, and support communications. These providers process email addresses and message content only for the purpose of delivering emails.

Payment Processors

If you purchase a subscription, payment information is processed by third-party payment processors. We do not store your full payment card information.

All third-party service providers are required to maintain appropriate security measures and are prohibited from using your data for any purpose other than providing services to us.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request that we correct any inaccurate or incomplete personal data.

Right to Deletion

You can request that we delete your personal data, subject to certain legal exceptions (such as our obligation to retain data for compliance purposes).

Right to Data Portability

You can request that we provide your data in a structured, commonly used, and machine-readable format.

Right to Object

You can object to certain processing of your personal data, such as processing for direct marketing purposes.

Right to Withdraw Consent

If we process your data based on consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided in the Contact Us section below.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights regarding your personal data, please contact us:

Email

info@autenix.co

For Privacy Concerns

info@autenix.co

Please include "Privacy Request" in the subject line.

Address

RR. Shefqet Shkupi
Prishtina, Kosovo

We will respond to your inquiry within 30 days.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.