Privacy Policy

Last updated: May 12, 2025

IONIX.IO Ltd and its related companies (”IONIX,” “company,” “we,” “us,” or “our”) respect the privacy of our users (“User(s),” “you,” “data subject(s),” or “Visitor(s)”) and our customers (“Customer(s)”). We are committed to safeguarding your personal data, which you share with us through our website located at https://www.ionix.io/  (the “Site” or “Website”) and our web application, IONIX platform (the “Software” or “App”). Together, the Site, Software, and any related services we offer are referred to as the “Services.”

Our Privacy Policy (the “Policy” or “Privacy Policy”) outlines the data collection and processing practices used in connection with our Services. This Policy aims to provide transparency regarding the types of personal information we collect and how we use it. By accessing our Site, using our Software, or utilizing our Services, you acknowledge and agree to the data practices described in this Policy.

IONIX specializes in cybersecurity, offering a comprehensive Threat Exposure Management platform designed to identify, prioritize, and remediate risks across an organization’s attack surface, including cloud environments, infrastructure dependencies, and digital supply chains.  While the company primarily generates simulations to model potential vulnerabilities and generally does not directly process Personally Identifiable Information (PII), this analysis highlights potential risks to PII. These risks include exposure through asset discovery processes,  third-party integrations, misconfigurations in digital supply chains, PII processing via IONIX  digital assets, and other scenarios. This gap analysis evaluates IONIX’s adherence to global privacy and data protection regulations, particularly the  EU General Data Protection Regulation (GDPR) and key U.S. state privacy laws. It emphasizes the need to address situations where indirect interactions with PII could pose compliance challenges or security risks.

Please note that if you access a third-party website through a link provided in our Services, we encourage you to review their privacy policies before submitting any personal information. By visiting our Site or registering for our Services, you consent to our collection and use of your information in accordance with this Privacy Policy.

Preliminary Notes

Please read this policy and make sure you fully understand our practices in relation to your personal information before you access or use the Site or our Services. If you have read this Privacy Policy and remain opposed to our practices, you must immediately leave this Site and discontinue all use of the Services.

Binding Agreement – This Privacy Policy constitutes an integral part of our Terms and Conditions (“Terms”)

Content – Our Site and Services do not contain inappropriate content. Nevertheless, we use appropriate technical and organizational measures to ensure the protection and retention of data subjects.

IONIX provides this Privacy Policy, which will be updated from time to time to inform you of our policies and procedures regarding the collection, use, and disclosure of personal information we receive when you use the Site and our Services.

Changes and updates to this Privacy Policy – We reserve the right to modify or update this Privacy Policy, to reflect changes in our Services or data processing practices or to conform to a regulatory requirement. Such changes will be effective immediately upon the display of the revised Privacy Policy. The last revision date will be reflected in the “Last Updated” heading. If we make material changes to this Privacy Policy, we will do our best to notify you by email or through a notice on our Site.

About This Privacy Policy

We created this Privacy Policy to emphasize our commitment to protecting your privacy. Using our Site and Services may require you to provide certain Personal Data (as defined below), but only if you choose to do so voluntarily. Some features of our Site and Services, such as accessing our Platform, may require registration and submission of Personal Data, as detailed in this Policy. We will retain and handle the Personal Data you provide in accordance with this Privacy Policy.

This Privacy Policy has been developed in accordance with the EU & UK General Data Protection Regulation (GDPR), US state-specific privacy laws, and other applicable privacy regulations. Depending on your country of residence, additional rules may apply to your personal data (referred to below as “Applicable Privacy Laws“).

If you would like to learn more about IONIX’s region-specific processing of personal data, please refer to the relevant notices below for individuals in different regions.

Please read the Privacy Policy carefully to ensure you understand it and agree with its terms before using the Site and the Services. You have no legal requirement to provide us with your Personal Data. We collect, process, and retain your Personal Information only if you choose to access and engage with our Site and/or our Services and in accordance with this privacy policy. You can always avoid providing us with certain Personal Data; however, you acknowledge that it may prevent us from providing you with certain Services or from using our Site. If you do not agree with any of the terms provided in this Privacy Policy, and the choices we provide do not mitigate your concerns, please do not access or use our Services and avoid accessing and using our Site.

Definitions

For the purposes of this Privacy Policy:

Adequate Country“means a country or territory recognized by the European Commission or by the United Kingdom (as applicable) under the Data Protection Laws as providing adequate protection for Personal Data;

“Applicable Privacy Laws” means any applicable privacy or other law relevant to our operations, including the General Data Protection Regulation (EU) 2016/679 (GDPR); European Union Member State laws, Switzerland, the United Kingdom, rules, and guidelines implementing or supplementing the GDPR, as amended from time to time and to the extent applicable to our Company’s operation and our Services; the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), Cal. Civ. Code §§ 1798.100 et seq.; and additional US state-specific privacy laws, including but not limited to the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), the Texas Data Privacy and Security Act (TDPSA), and other similar state laws enacted or amended in the future; the Israeli Privacy Protection Law, 5741-1981, including any amendments and regulations enacted thereunder, such as the Privacy Protection Regulations (Transfer of Data to Databases Abroad), 5761-2001, and the Privacy Protection Regulations (Data Security), 5777-2017, as well as any applicable guidelines, standards, and instructions published by the Israeli Privacy Protection Authority (ILITA), in effect from time to time, relating to data protection and privacy.

Minor refers to a data subject underage (under 16 years or less depending on the legal jurisdiction applicable), whose processing of his/her personal data is only lawful if parental or guardian consent has been obtained. 

Data Controller refers to any natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of Personal Data and establishes the necessary controls for such processing.

Data Processor refers to any natural or legal person, public authority, agency, or other body (excluding employees of the Data Controller) that processes Personal Data on behalf of the Data Controller.

Data Subject refers to an identified or identifiable individual to whom the Personal Data relates.

Data Subject Consent refers to the Data Subject’s approval or agreement for an activity to take place, having considered the benefits and risks of the activity. For consent to be valid, the Data Subject needs to be informed, have the capacity and knowledge to decide, and to have given their consent voluntarily. 

Personal Data (or Personal Information) refers to information about a living individual, which means that they can be identified (a) from that data, or (b) from that data and any other information capable of being associated with, or reasonably linked to, a particular person, now or in the future, as provided in this Privacy Policy.

“Non-personal data” means information that does not personally identify you and does not reveal your specific identity as an individual, such as anonymized information.

Processing refers to any operation that is performed upon or applied to personal data, whether undertaken manually or by automated means, including its acquisition, organization, storage, retrieval, consultation, amendment, availability, disclosure, erasure, or destruction.

Subprocessor shall mean any entity appointed by us or by one of our sub-processors, to Process Personal Data on our behalf or on behalf of that sub-processor, excluding any employee of our sub-processor or of any such appointed person but including any contractor or affiliate of the foregoing.

The terms “Controller“, “Processor“, “Sub-Processor”, “Data Subject“, “Personal Data“, “Processing” (and/or “Process“), “Personal Data Breach“, “Union“, “Member State” and “Special Categories of Personal Data” shall have the meanings given in the GDPR and related EU data protection laws.

The terms “Business“, “Business Purpose“, “Consumer“, “Service Provider“, “Third Party” and “Contractor” shall have the same meanings as defined in the (CCPA), as amended.

To the extent that CCPA applies, the term “Controller” shall also mean “Business“, and “Processor” shall also mean “Service Provider“, “Contractor” or “Third Party“, as the context requires.

This Policy was originally written in English. If you are reading a translation and it conflicts with the English version, please note that the English language version prevails.

Roles and Responsibilities

Data Processor: Concerning IONIX core operations, IONIX acts as the Data Processor when delivering services through its Software. In this capacity, IONIX processes Personal Data on behalf of its Customers, following their instructions and as governed by applicable data processing agreements.

Data Controller: In accordance with the Applicable Privacy Laws, IONIX serves as the Data Controller for the processing of Personal Data collected through the Site, as well as through other B2C interactions, including but not limited to account registration, Customer inquiries, subscription services and more.

Our main registered office is:

Derech Menahem Begin 156, Tel-Aviv, Israel 6492108.

To Whom Does This Privacy Policy Apply?

This Privacy Policy applies to Personal Data we collect online and offline and applies in the following situations:

  • Users and Visitors of the Site: We collect Personal Data through your use of IONIX Site, including platforms and websites that post or link to this Privacy Policy. This includes information you provide when contacting us, requesting a demo, applying for open roles, or engaging with us for other purposes. We may also collect data through cookies and similar technologies for personalization, analytics, and service improvements. For more details, refer to our Cookie Policy.
  • Customers and Their Employees: We may collect Personal Data from employees of our Customers (e.g., names, roles, contact details) to enable effective communication, deliver our services, and maintain operational collaboration. Data provided as part of our software and services is processed securely and in compliance with relevant regulations. Customers remain the Data Controllers of the raw data they provide, and IONIX operates as a Data Processor as defined under Applicable Privacy Laws.
  • Suppliers and Vendors: We collect and process information from suppliers, vendors, and service providers, including contact details of their representatives, for procurement, coordination, and supply chain management purposes. Where relevant, the processing of such data may also be governed by specific contractual arrangements.
  • Software and Services: Through interactions with IONIX Software and Services, we may collect and process Personal Data required for account setup, support requests, and service functionality.

When Does This Privacy Policy Apply?

This Privacy Policy applies to Personal Data about you that we collect, use, or otherwise process regarding your relationship with us as a Visitor of our Site or a User of our Services.

Data You Share with Us Directly

Submitting information to us is optional in certain cases and required in others, depending on the Service you choose to use or access. This category includes one or more of the following data categories:

  1. Admin and service login. To access IONIX’s Software and Services, you may need to create an Admin account and service login. During this process, you will be asked to provide certain information, such as your email address and login credentials. This information is essential for creating a secure and unique account that links your usage to your identity and enables safe access to our Software and related features.
    Purpose: We use your account information to create and maintain your user account, authenticate your identity, enhance security, and ensure effective management and interaction with the Software.
    Retention: We retain account information for as long as you actively use the Services and for as long as necessary to provide the Services or comply with applicable legal obligations.
  2. Contact details.  We may process your contact details, including your name, email address, phone number, company name, and any other information you choose to provide. This information is collected when you engage with us—for example, by requesting a demo, applying for support, or seeking information about how our solutions can help you address emerging challenges.
    Purpose: We process this information, based on your consent, for the specific purpose for which it was provided. This includes responding to your inquiry and providing the support or information you have requested.
    Retention: We retain your contact information for as long as necessary to fulfill your request or as required under applicable law.
  3. Providing the services. To deliver IONIX’s Software and Services, we may process certain types of Personal Data, including information provided by authorized Users, such as names and email addresses. This information is required to create and manage user accounts, authenticate access, and enable secure and efficient use of the Software and its features. As part of the Services, the IONIX Platform integrates with the Customer’s systems and infrastructure—often via API or other authorized technical interfaces—to provide visibility into the organization’s threat exposure. The Software also enables Customers to create new users within their environment. In doing so, we may collect additional Personal Data such as the user’s name, email address, phone number, SSO ID, and designated user type to support account provisioning and role-based access controls. Through these integrations and platform features, the IONIX Platform supports functionality such as infrastructure and asset discovery, exposure mapping, management of action items, user access reviews (e.g., identifying active accounts and permissions), and more. Personal Data may also facilitate communication, deliver customer support, and tailor the Services to the Customer’s evolving operational and security needs.
    Purpose: This information is used to ensure secure and personalized access to our digital platform, deliver our cybersecurity and threat exposure management services, adapt platform functionality to the organization’s infrastructure and risk environment, and enable effective communication and support. All Personal Data is handled in accordance with this Privacy Policy and used solely for the purposes described.
    Retention: Personal Data related to authorized Users is retained for as long as the Customer uses the Services or as required by applicable law.
  4. Payment information. When utilizing our Services, we may collect and process certain payment-related information, such as your full name, email address, billing address, bank account details, and other necessary data. This information is used for issuing invoices, processing payments, and providing Service-related confirmations or notifications. Please note that depending on the specific Service or payment method chosen, some payment information may be collected directly by third-party payment processors. IONIX ensures that all payment-related data it processes is handled securely and in accordance with applicable legal and contractual obligations.
    Purposes: Payment information is collected and processed to facilitate the billing and payment of fees for the Services provided, as outlined in your ‘Order Form’ or agreement with IONIX.
    Retention: We retain payment information for as long as necessary to fulfill our billing and payment obligations or as required by applicable law.
  5. Recruitment and job applications.  When applying for a position through our Careers page, we may collect and process your Personal Data to evaluate your application and manage the recruitment process. This may include information such as your name, email address, phone number, resume,  LinkedIn URL, cover letter, and any additional information you provide in the application form. Specific questions, such as your visa sponsorship needs or availability to work in certain locations, may also be collected to assess your suitability for the role. We use a third-party platform to process applications securely and in compliance with data protection laws.
    Purpose: Personal Data is used to evaluate your qualifications, communicate regarding the role, and manage the recruitment process.
    Retention: Recruitment data is retained for the duration of the hiring process and, where applicable, to comply with legal requirements or to consider you for future opportunities. Unless you request its deletion, this data may be retained for up to two years.
  6. Partnership Inquiries. If you express interest in becoming an IONIX partner, such as by submitting a request through the “Become a Partner” form, we may collect Personal Data you voluntarily provide. This may include your name, email address, phone number, company name, job title, and any other details you include in your message or attached materials. This information helps us assess potential business collaborations and communicate with you regarding partnership opportunities.
    Purpose: We process this information to evaluate your request, determine potential fit within our partner program, and engage in relevant follow-up communications. Processing is based on your consent and our legitimate interest in building and managing strategic business relationships.
    Retention: We retain partnership inquiry data for as long as necessary to assess and manage potential partnerships. If a business relationship is not established, we may keep the data for up to two years unless you request its deletion earlier.
  7. Chat communication. When using the chat functionality on IONIX’s website, you may choose to provide certain information during your interactions with our AI-powered chat assistant. This may include Personal Data. Please note that IONIX does not require or prompt you to submit Personal Data through the chat; any such information is provided at your discretion. In addition, technical data such as your IP address, browser type, device information, and session metadata may be automatically collected to support the performance, functionality, and security of the chat service. The chat functionality is powered by a trusted third-party provider, and IONIX ensures that appropriate safeguards are in place to uphold data protection obligations and secure the information shared via the chat.
    Purpose: The information you provide through the chat is used to respond to your inquiries, offer relevant support, and improve your user experience on our website. It may also be used for troubleshooting and aggregated analytics to enhance the functionality and reliability of the chat service.
    Retention: Chat data is retained only for as long as necessary to address your inquiry, improve service quality, or as required by applicable law.
  8. Aggregated data. We may collect and retain metadata and statistical information concerning the use of the Services to operate, maintain, manage, and improve the Services. Some data may be retained on our third-party service providers’ servers in accordance with their retention policies. This retained metadata or statistical information does not identify you personally. When data is aggregated and anonymized using reasonable and practical methods to ensure it cannot identify any individual, it is no longer considered Personal Data and is therefore not subject to applicable data protection laws.

Data We Collect When You Use Our Services 

This category covers the ways we enhance your experience and improve the performance of our Services.

When you access our Site and software or use our Services, we may process information related to your activities, device, and visit. This processing enables us to deliver, maintain, and enhance the Services, analyze usage patterns, develop new features and updates, provide effective support, and ensure the security and integrity of our platforms.

  1. Online identifiers. We may process various online identifiers, such as IP addresses assigned to your device by your internet provider, data from cookies and pixel tags collected when you visit our Site, and information from log files. This data may include online usage data, login data (when applicable), timestamps, and device-specific details like your operating system. These identifiers are used to enhance your experience, maintain system functionality, ensure security, and support our Services.
    Purposes: to perform analytics and statistical evaluations to better understand user behavior and improve our Services (legitimate interests); to monitor, detect, and prevent fraud or automated activities and ensure compliance with regional regulations by determining the country from which you access our Services; and to provide proper access and functionality of the Services you have requested (contractual necessity). In certain cases, third-party cookies and tags may also be used for advertising, marketing, and retargeting campaigns, based on your consent or, where applicable, notice where consent is not legally required.
    Retention: We retain online information for as long as necessary to achieve the purpose for which it is processed, to begin with, or, until we make it Non-Personal Data, in which case, we reserve the right to retain the information without any time limitation, based on our discretion and commercial necessities.
  2. Device Information. We may collect certain information about the device from which you access the Services, such as the user-agent (including IP address, operating system type, and version), device type (e.g., mobile, tablet, desktop), and the system language settings configured on your device.
    Purposes: Based on your consent, or in certain cases, we may process device information to ensure the software or service is compatible with your device type and operating system version. This helps optimize the functionality and user experience by tailoring features to your device’s capabilities and ensuring smooth operation.
    Retention: We retain device information for as long as necessary to provide the Service’s functionality, to maintain a record of your license key and usage of the product, to associate license terms and renewals.
  3. Online activity.  We also may collect certain online activity information from Visitors. Under this category, we may also document in log files your clicks on actions and buttons across our Site, Software, or Services, if provided, as described under the category of “Online Identifiers”.
    Purpose: This information is used based on your consent, for advertising, marketing, and retargeting of our Services, where required by law, and to ensure the security and integrity of our Services.
    Retention: We retain online activity information for as long as necessary to fulfill the purposes outlined above. If the information is no longer required, it will be deleted or anonymized unless we are required to retain it for legal, regulatory, or contractual obligations.
  4. Engagement and Marketing Data. We may collect and process information related to your interactions with our communications, Services, and marketing activities. This data may include customer interaction metrics (e.g., email opens, subscription preferences, and responses to campaigns), as well as CRM data, behavioral segmentation, and related analytics. Such data is typically collected directly from your interactions with our Services or, in some cases, through third-party analytics and marketing tools integrated into our platform.
    Purpose: This data is processed based on your consent, where required under Applicable Privacy Laws, or otherwise based on notice, to provide personalized communications, advertising, and marketing, including retargeting campaigns.
    Retention: Engagement and marketing data is retained only for as long as necessary to achieve the purposes described above or until you withdraw your consent, if applicable. If the data is collected via third-party services, retention will comply with the terms of those services and our agreements with them. Data that is no longer required will be deleted or anonymized unless we are required to retain it for legal, regulatory, or contractual purposes.
  5. Device Location and Usage Data. When you use our Software, we may collect and process data related to your device’s location, including historical location information obtained through GPS, Wi-Fi signals, or similar technologies. This data may also include contextual usage patterns and operational activities necessary to support our platform’s functionality and services.
    Purpose: We process location and usage data based on your consent or, in certain cases, our legitimate interest. This data enables us to provide location-based services, optimize and personalize features, improve operational workflows, monitor and enhance system performance, and ensure the security and integrity of our Software and Services.
    Retention: Location and usage data is retained only for as long as necessary to achieve the purposes outlined above or to comply with applicable legal or regulatory requirements. Temporary storage may be utilized for operational purposes, and data will be deleted or anonymized once no longer needed.

Data we collect from third parties 

This category refers to data we may receive from third parties concerning the Services we provide to you.

  1. Data from companies that offer their products or services in relation to our Services or whose products or services may be linked from our Service or whose products or services may be linked to their service.
  2. We may share information about you with our related companies located around the world. This enables IONIX to detect and resolve emerging issues, improve product quality, and provide consistent and efficient solutions across regions.
  3. Information for marketing operations provided by third-party marketing services. We may also share or receive information about you with/from third parties, including advertising and remarketing providers or similar partners. These partnerships allow us to personalize content and ads based on your interests and preferences, as well as to understand how you engage with our advertising campaigns. The purpose of sharing or receiving information with/from third-party advertisers/remarketers is to tailor, target, analyze, report on, and/or manage advertising campaigns or other initiatives. These third parties may use cookies, pixel tags, or other technologies to collect information in furtherance of such purposes.

    Depending on your region, you may have the option to opt in or opt out of data sharing and processing activities with third-party advertisers and remarketers. We respect your preferences and comply with applicable regional laws and regulations. Information shared or received with/from these third-party providers is retained only as long as necessary to provide you with the Services or as required by law. By using our Services, you consent to this processing unless you have opted out where permitted.
  4. Analytical information. We use one or more third-party analytics services, such as Google Analytics, to evaluate your use of the Services by compiling reports on activity (based on their collection of IP addresses, Internet service provider, browser type, operating system, and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Site or Software you visit, number of links clicked, search terms and other similar usage data) and analyzing performance metrics. These third parties use cookies and other technologies to help collect, analyze, and provide us with reports or other data. By accessing and using the Services, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy.
  5. We also may receive information about you from third-party social platforms. When you interact with the Site through a third-party social platform, you allow the platform to collect information about your interaction with the Site and you allow us to access or collect information made available by the platform in accordance with its Privacy Policy.
  6. Additional information as required from us to comply with legal obligations. 
  7. Any data obtained by any of the above means may be associated with other data you have previously provided to us. 
  8. Third-party advertising companies are sometimes used to help us collect this Personal Information. 

Cookies

At IONIX, we use cookies and other tracking technologies to enhance user experience and improve our Services through the Site or Software. Cookies are small data files that are transferred to your device via your web browser, allowing our systems to recognize your browser and capture certain information.

Cookies may be collected by us or by third-party vendors, to collect cookies to analyze how you interact with and use our Site and Software. The information collected by these cookies includes your IP address, time of visit, whether you are a return visitor, any referring Site or Software, URL, referrer, device and browser characteristics, and timestamp.

The data collected by these cookies is transmitted to and stored by the third-party vendors and is subject to their respective privacy policies.

We also utilize other tracking technologies, such as flash cookies, embedded scripts, eTags, and web beacons, to collect and store information about your visit. This includes details such as your browser type, operating system, mobile device information, and clickstream data. Cookies are used to facilitate your site usage without requiring you to re-enter your login information, customize and enhance your website experience, monitor website usage, manage the Site, and improve our products and services. These cookies may be session cookies, which expire once you close your browser, or persistent cookies, which remain on your device until deleted. The information collected by these cookies may be used to analyze trends, gather insights into visitor movements, diagnose potential server problems, investigate actual or potential security incidents, and ensure the Site’s proper functionality. Additionally, we may utilize third-party analytics tools to assist us in measuring traffic and usage trends for the service and gaining a better understanding of our users’ demographics.

Managing Your Cookie Preferences

IONIX’s Cookie Collection

We provide several options for you to manage your cookie preferences effectively:

  • Cookie Preferences Center: You can easily accept or reject cookies through our cookie preference feature, accessible via the banner on our Site.
  • Browser Controls: Most web browsers allow you to delete existing cookies and block new ones from being placed. If you choose to disable cookies through your browser, some preferences may need to be adjusted manually each time you visit our Site, and certain features or functionalities may not work optimally.
  • Clear Cookies: You can delete all cookies already stored on your device at any time. However, doing so may limit the functionality of certain services that enhance your Site experience.

Third-Party Cookie Collection

We work with trusted third-party providers that may place cookies on your device to collect data when you visit our website. These cookies support essential functionality, analytics, and marketing performance.

Below is how some of these third-party tools are used and how you can manage or opt out of them:

  • Google Analytics: Used on our marketing site to track traffic and user interactions, helping us improve content and usability. If you wish to opt out of Google Analytics tracking, you can install the Google Analytics Opt-out Browser Add-on.
  • HubSpot: Used for analytics and marketing automation. HubSpot cookies track user behavior and assist with engagement analysis. To manage your preferences or opt-out, you can use HubSpot’s cookie settings and guidance.
  • LinkedIn & Google Ads: These platforms may set cookies on our site for marketing and remarketing purposes. To opt out of interest-based advertising from these services, you can adjust your ad preferences directly via LinkedIn Ad Settings and Google Ad Settings.
  • ZoomInfo: Used for B2B analytics and identifying company-level website visits. You can manage your data and opt-out preferences via ZoomInfo’s Privacy Center.
  • You may also manage your cookie preferences at any time directly from our website by accessing our Cookie Banner Settings, where you can adjust your consent options for different types of cookies.

If you wish to learn more about how we collect and use cookies, please refer to our Cookie Policy.

How We Use Personal Data (Purposes of Processing)?

Personal Data is used to provide and operate the Site, Services, and Software; monitor, analyze, and improve their usage and functionalities; personalize and enhance our offerings, including surfacing features and promotions from partners; provide customer assistance and technical support; send service announcements, notices, and promotional messages in compliance with Applicable Privacy Laws; enforce our Terms, policies, and contractual arrangements; prevent misuse of the Site, Services, or Software; comply with legal requirements, court orders, or warrants; address legal disputes; understand user needs on an aggregated or individualized basis to develop and improve offerings; communicate with you, including obtaining feedback; and disclose data to third-party vendors, service providers, or contractors performing functions on our behalf, as authorized by you.

The Legal Basis for Personal Data Use

IONIX processes Personal Data in accordance with applicable legal bases, which depend on the specific context and purpose of the processing.

Use of the Site: Personal Data collected in connection with your use of our Site is processed based on your consent, where such consent is required by law.

Use of the Software: When you use our Software, the processing of your Personal Data is governed by the terms of the contract associated with your use of the Software.

B2B Services: For our B2B services, we process Personal Data as part of our engagements with Customers. This processing may rely on legitimate interests, where such interests are applicable and balanced, or other relevant legal bases.

Data Processor Obligations: When providing our Services to Customers, we process Personal Data in our capacity as a Data Processor. This is carried out in accordance with the Data Processing Agreements (DPA(s)) established with the respective Data Controller, as required by Applicable Privacy Laws.

In all cases, IONIX processes your Personal Data only when a valid legal basis exists. The legal basis for processing is determined by the specific purpose for which the data was collected and used.

Sharing Personal Data with Third Parties:

We do not sell, rent, or lease your Personal Data. We may share your Personal Data with service providers and other third parties to the extent necessary to fulfill our Services, but not for marketing purposes. Additionally, to provide, operate, maintain, and improve our Site and Services, and to offer additional products and features, we utilize third-party services. These services include payment processors, feedback features, support tools, operational tools, analytics, statistical tools, and more. The specific categories of these services are as follows:

  • Hosting and Storage: Our Site and Services are hosted on third-party platforms, including cloud storage providers. We require them to maintain strong data protection standards, though their processing is governed by their own privacy policies.
  • Analytics: We may use analytics tools to understand how Users interact with our Site and Services and improve performance.
  • Support Services: To provide timely assistance, we may use external support and help desk providers for handling inquiries and customer care.
  • Authentication & Security: When you open an account, we may integrate third-party authentication tools to enhance account security.
  • Payment Processing: If you engage with our Services or receive payments from us (e.g., as a vendor), we may work with payment processors to handle transactions securely.
  • CRM & Mailing Lists: We may use services to manage customer relationships, store Personal Information securely, and operate our email notifications or subscription lists.
  • Technology Partners: Some of our features may incorporate third-party technologies or widgets to enhance product functionality.
  • Advertising & Retargeting: Certain third parties may collect non-identifiable data about your browsing activity to serve relevant ads on other sites. You can opt-out directly through those ads.
  • Legal Compliance: We may share Personal Information if required by law, to enforce our terms, prevent fraud, or protect IONIX, its users, or the public.
  • Corporate Transactions: In case of a merger, acquisition, or asset sale, your information may be transferred to the new entity, subject to applicable privacy protections.
  • User-Generated Content & Social Media: If you share personal information in public areas or via Third-Party Social Media Services, that information may be visible to others and publicly accessible.

Data Subject Rights

We recognize that the protection of Personal Data is a fundamental right, and we are committed to respecting the privacy rights of all individuals, regardless of their location. Certain privacy rights apply universally and are upheld by IONIX as a global standard:

  • Right to Transparency: You have the right to clear, accessible, and transparent information about how your Personal Data is collected, used, and shared.
  • Right to Access: You can request details about the Personal Data we hold about you, including the purposes for which it is processed and the parties with whom it is shared.
  • Right to Correction: You may request corrections to any inaccuracies or incomplete information in the Personal Data we hold about you.
  • Right to Deletion: You may request the deletion of your Personal Data where legally permitted, subject to certain exceptions, such as compliance with legal obligations or the establishment of legal claims.
  • Right to Object: You have the right to object to the processing of your Personal Data for certain purposes, including direct marketing or where processing is based on our legitimate interests.

To exercise any of these rights, please contact us at: privacy at ionix.io . We are committed to responding to all valid requests in accordance with Applicable Privacy Laws and our internal policies. Note that the implementation of these rights may vary based on your jurisdiction and the nature of your relationship with us.

If you reside in the EEA or the US, please refer below to “Region-Specific Processing of Personal Data” for additional rights specific to your location

Data Security

We take the protection of both Personal Data and non-personal data seriously and implement a range of industry-standard technologies, processes, and organizational measures to safeguard information against loss, theft, unauthorized access, misuse, or damage. IONIX maintains SOC 2 compliance, reflecting our commitment to best practices in information security management. Data is encrypted in transit and at rest, and access to systems is governed by strict role-based controls. While we take robust measures to secure our Site and Software, no system can be entirely immune from vulnerabilities, unauthorized access, or other forms of misuse. Nevertheless, we continuously monitor our systems, conduct periodic penetration tests and security audits, and implement technical and organizational improvements to enhance our resilience. In the event of a data breach, IONIX will notify affected individuals and relevant supervisory authorities without undue delay, as required under applicable laws. Such notification will include information about the nature of the breach, the categories of data involved, and recommended actions to mitigate potential risks. We are committed to handling such incidents with transparency, urgency, and full regulatory compliance.

Retention Of Your Personal Data

As detailed above, we retain different types of data for varying periods based on legal, operational, and regulatory requirements. Personal Data is retained only for as long as necessary and determined to fulfill the purposes for which it was collected, including supporting our business operations and services. These purposes may include data storage, documentation, cybersecurity management, legal proceedings, and compliance with tax or other regulatory requirements.

Aggregated or anonymized Non-Personal Data may be stored indefinitely, as it no longer identifies any individual and is used for analytical and operational purposes.

As long as you continue using our services, we will retain your information as described in this Policy unless we specify different retention periods, establish alternative terms in a DPA, or are required by law to delete it. If you exercise your right to request deletion under Applicable Privacy Laws, we will delete your data to the extent required, while retaining only what is necessary to comply with legal obligations.

If you exercise your right to request deletion under Applicable Privacy Laws, we will delete your data to the extent required, while retaining only what is necessary to comply with legal obligations.

Transfer Of Your Personal Data

Your information, including Personal Data, may be processed at IONIX’s operating offices and in other locations where the parties involved in the processing are situated. This means your data may be transferred to, and stored on, servers located outside your state, province, country, or other governmental jurisdiction, where data protection laws may differ from those in your jurisdiction.

By consenting to this Privacy Policy and submitting your information, you agree to such data transfers. IONIX takes appropriate steps to ensure that your Personal Data is handled securely and in accordance with this Privacy Policy.

Where required, we rely on safeguards such as the European Commission’s SCCs to lawfully transfer Personal Data across borders and protect it in line with applicable privacy laws.

IONIX’s Region-Specific Processing of Personal Data

A Notice for EEA Residents:

Depending on your country of residency, and on the type of your use of our Site (Visitor or a User), Software (User), or Services, certain rights concerning your Personal Data may apply to you.

If you are located in the EEA including the UK, you have certain rights with respect to your Personal Data, including:

  • The right to be informed: You have the right to receive clear and transparent information about how your data is being used.
  • The right of access: You can request a copy of your Personal Data and details on how it is processed.
  • The right to rectification: You are entitled to request corrections to any inaccurate or incomplete data we hold about you.
  • The right to erasure: Commonly known as the “right to be forgotten,” you can request that we delete your data, subject to certain conditions.
  • The right to restrict processing: You can ask us to limit how your data is used under specific circumstances, such as while a dispute is being resolved.
  • The right to object to processing: You have the right to object to the processing of your data, particularly for direct marketing purposes.
  • Rights related to automated decision-making and profiling: You can request human intervention in decisions made solely through automated means, including profiling if these decisions significantly affect you.

Please contact us at:privacy at ionix.io with your detailed request and sufficient information to allow us to verify you and your request, and we will process your verifiable request within the timeframe indicated in the applicable regulation. Note that when handling these requests, we may require additional information from you to verify your identity.

When you ask us to exercise any of your rights under this Policy and the Applicable Privacy Laws, we may need to ask you to provide us with certain credentials to make sure that you are who you claim you are, to avoid phishing and/or disclosure to you of Personal Data related to others. We may redact from the data which we will make available to you, any Personal Data related to others, if applicable.

Transfer of Data Outside of Your Territory

If you are a resident of the EEA (including the UK), your data may be transferred outside the EEA, to third parties who can assist us in our Services. We may process your Personal Data in any country in which we do business. If we transfer the Personal Data of an EU resident outside of the EU, we shall comply with Applicable Privacy Laws in relation to such transfer and according to our commitment under DPA with our Customers.

We are subject to the provisions of the GDPR that protect your Personal Data. We ensure that appropriate measures are in place to maintain a comparable level of security for your Personal Data. Each data transfer outside the EEA will comply with the SCC unless the data is shared with a country that has been deemed to have an adequate level of data protection. In the event of data transfer to the US, we verify whether the third party is registered in the DPF program at: https://www.dataprivacyframework.gov/

In any case, our transfer, storage, and handling of your Personal Data will continue to be governed by this Privacy Policy and according to our commitment under the DPA with the Data Controller.

A Notice for US Residents:

We recognize the importance of your privacy and are committed to complying with Applicable Privacy Laws across the United States. This section informs US residents, including those in California and other states with privacy laws, of their rights regarding the processing of their Personal Information and how to exercise those rights.

We comply with the Children’s Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 without verifiable parental consent.

 A Notice for California Residents

We hereby inform Visitors and Users that are California residents, of the following rights (by virtue of the CCPA) with respect to the Processing of your Personal Data:

To learn more about the categories of Personal Data we collect, its sources, purposes, and the service providers we share it with, refer to the relevant sections above.

We do not sell Personal Data for business or commercial purposes, but we may share Personal Information or aggregated information with a third party for a business purpose. When we do so, we enter a contract that describes the purpose and requires the recipient to keep that personal information confidential and not use it for any purpose other than what is described in the agreement.

If you wish to exercise your rights concerning our third party’s disclosure aspects, please refer to the “Exercising Your Rights” section below.

Consumer Rights:

The CCPA grants California consumers specific rights in connection with the Personal Data collected by businesses, as described below:

  • Right to Know: You have the right to know the categories and specific pieces of Personal Data we have collected about you in the previous 12 months.
  • Right to Deletion: You have the right to request that we delete any Personal Data we have collected about you.
  • Right to Request Information: You have the right to request information about our collection, sale, and disclosure of your Personal Data from the previous 12 months.
  • “Shine the Light” Law: Under California’s “Shine the Light” law (Cal. Civ. Code §1798.83), you have the right to request information regarding whether and how we disclose your Personal Data to third parties for their direct marketing purposes, unless our disclosures under the CCPA fulfill this requirement. This right allows you to request and receive a list of the third parties, if any, with whom we have shared Personal Data for such purposes, along with the types of Personal Data disclosed.
  • Right to Opt-Out of the Sale and Sharing of Personal Data: California consumers have the right to opt out of the sale and sharing of their Personal Data, including for purposes such as cross-context behavioral advertising. While IONIX does not engage in the sale or sharing of Personal Data, we are committed to honoring your privacy preferences. If you have any concerns or wish to exercise your rights, please contact us using the information provided below. Furthermore, IONIX does not sell the Personal Data of Minors, as our services are not intended for individuals under the applicable age threshold.
  • Sensitive Information: Under laws such as CCPA, you have the right to limit the use and disclosure of sensitive personal information for purposes other than those permitted by law (e.g., providing services).
  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights. We will not treat you differently for exercising any of the above rights.

Under the California Online Privacy Protection Act (CalOPPA), our service does not currently respond to Do Not Track (DNT) signals. However, we recognize and honor Global Privacy Control (GPC) signals, allowing you to indicate your preference to opt out of the sale or sharing of Personal Data. Please note that third-party operators integrated with our service may collect information about your browsing activities. To manage your tracking preferences, you can enable a GPC signal or adjust the settings on your web browser or mobile device to notify websites and apps of your preferences. For detailed instructions on configuring these settings, refer to the help documentation provided by your browser or device.

Exercising Your Rights:

To exercise any of the CCPA rights above, don’t hesitate to contact us via email at We will fulfill your request within 45 days of receiving your request (If we require an extension, we will notify you within the initial 45 days, explaining the reasons and providing an estimated completion date). Some of these rights may be subject to limitations and qualifications, such as where fulfilling the request would conflict with federal, state, or local law, regulatory inquiries, subpoenas, or our ability to defend against legal claims. We will verify your request using your email address and the information associated with your account if you have one.

Note that we cannot respond to your request if we cannot verify your identity and confirm the Personal Data related to you. Making a verifiable consumer request does not require you to create an account with us. If you wish to use an authorized agent to submit a request to opt-out on your behalf, you must provide the authorized agent with written permission signed by you. We may deny a request from an authorized agent if the agent cannot provide us with your signed authorization demonstrating that they have been authorized to act on your behalf.

If you do not wish for our online third-party partners or us (such as advertising networks) to sell or share your Personal Information with others, please click on the “Do Not Sell or Share My Personal Information” link to contact us with questions or to exercise your right to opt-out.

 US State-Specific Residents

If you are a resident of any state with privacy laws, including but not limited to Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Florida, Montana, Iowa, Indiana, Tennessee, or Delaware, you are entitled to specific privacy rights regarding your personal information under your state’s respective data privacy laws. These laws grant you rights to access, correct, delete, and obtain your personal data, subject to certain exceptions. Please review the following information to understand your privacy rights and how to exercise them.

Scope of Applicability:

The respective privacy laws apply to natural persons acting in an individual or household context. These laws generally do not extend to individuals acting in a commercial or employment context unless explicitly noted otherwise. If you are a resident of one of these states, you can make requests regarding your Personal Information, and we will honor such requests as required by the law in your state. In cases where we are unable to comply with your request, in whole or in part, we will provide you with an explanation of our reasons.

Consumer Rights Across Applicable States

You may exercise the following rights concerning your Personal Information:

  • Right to Access Your Personal Information: You have the right to request access to the Personal Information we have collected about you, including details about the purposes for which it was collected, the types of Personal Information, and the third parties with whom we share it.
  • Right to Correct Your Personal Information: You may request that we correct any inaccuracies in the Personal Information we hold about you.
  • Right to Delete Your Personal Information: You can request the deletion of your Personal Information, subject to certain legal exceptions, such as when retaining the information necessary for compliance with legal obligations or in connection with ongoing business operations.
  • Right to Obtain a Copy of Your Personal Information (Data Portability): You may request a copy of your Personal Information in a portable and readily usable format, subject to technical feasibility.
  • Right to Opt-Out of Targeted Advertising: You have the right to opt out of the processing of your Personal Information for targeted advertising purposes.
  • Right to Opt-Out of the Sale of Personal Information: You may request that we do not sell your Personal Information to third parties. While IONIX does not sell Personal Information for monetary gain, we respect your right to opt out of any activities classified as “sale” under Applicable Privacy Laws.
  • Right to Opt-Out of Profiling: In states like Colorado and Connecticut, you have the right to Opt-Out of profiling that produces legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of your privacy rights as a resident of Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Florida, Montana, Iowa, Indiana, Tennessee, or Delaware, please contact us at. We will fulfill your request within the timeline prescribed by the Applicable Privacy Laws. Please note the following:

  • Authentication: To ensure the protection of your data, we may require verification of your identity before fulfilling your request. If you submit a request through an authorized agent, we may require proof of authorization, such as a signed written permission or power of attorney.
  •  Response Timeline: Most states require responses within 45 days, with a possible extension of another 45 days. However, specific timelines may vary, and we will inform you if additional time is needed.

A Notice for Individuals Residing in Israel:

This privacy notice applies to individuals residing in Israel and outlines how IONIX processes personal data in compliance with the Israeli Privacy Laws (as detailed under Applicable Privacy Laws).

Your Rights Regarding Personal Data

  • Right to Access: You have the right to inquire whether we hold any personal data about you and to review such data, subject to the terms and conditions outlined in Israeli law.
  • Right to Rectification: If you find that any personal data we hold is incorrect, incomplete, or outdated, you have the right to request corrections.

Exercising Your Rights

To exercise these rights, please contact us at privacy at ionix.io. We will respond to your request as required under Israeli law. To ensure security and privacy, we may require verification of your identity.

Data Sharing and Transfers

IONIX may share personal data with trusted third parties to provide services or comply with legal requirements. If personal data is transferred outside Israel, we ensure that adequate safeguards are in place to protect your data, in accordance with applicable laws.

Compliance and Protection

IONIX is committed to processing and protecting personal data responsibly and in accordance with legal obligations. Robust security measures are implemented to safeguard your data against unauthorized access, misuse, or disclosure

Non-Discrimination Policy

We will not discriminate against you for exercising your privacy rights under Applicable Privacy Laws. For example, we will not deny you services, charge you a different price, or provide a different quality of services for exercising your rights.

If you have any concerns relating to this Policy, please contact us and we will make good-faith efforts to address your concerns. We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from us, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, we will provide you with the contact information for that regulator.

Links To Other Websites

Our Service may contain links to other websites that are not operated by Us. If you click on a third-party link, you will be directed to that third-party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Contact Us

For further information about this Policy or if you have any concerns relating to the handling of your personal data, please contact us at:privacy at ionix.io

We commit to making good-faith efforts to address your inquiries. If you are not satisfied with the response you receive, you have the option to escalate your concerns to the applicable privacy regulator in your jurisdiction. Upon request, we will provide you with contact information for that regulator.

©2025 IONIX. All rights reserved.