ContactSign in

Data Privacy FAQ – Azion Customers

This FAQ was created to answer the main questions from Azion customers about how we handle personal data in our business relationship and the compliance of our platform with privacy laws such as Brazil’s LGPD, the EU’s GDPR, and California’s CCPA and CPRA.

  1. What personal data does Azion collect from its customers?

    We collect personal data provided directly by customers during account registration or use of the platform, including name, corporate email, job title/role, company, phone number, and login information. These data are used for account management, technical communications, support, and business relationship purposes.

  2. How long does Azion retain this data?

    Data is stored while the contractual relationship exists and is deleted within 30 days after account termination. Some data may be retained for longer periods to meet legal obligations, such as those established by the Brazilian Internet Civil Framework (Marco Civil da Internet).

  3. Does Azion send marketing communications to its customers? Is there an opt-out?

    Yes. We may send technical and commercial communications throughout the customer relationship lifecycle. If you no longer wish to receive promotional communications from Azion, you can unsubscribe directly through the unsubscribe link included in messages or by contacting privacy@azion.com.

  4. Does Azion share personal data with third parties?

    No. We do not sell or share personal data for commercial purposes. Any subprocessors (CRM or support platforms) are contractually bound and audited to ensure compliance with privacy laws.

  5. Does Azion process sensitive personal data from its customers?

    No. We do not process sensitive data such as racial or ethnic origin or political opinions. Our focus is on registration and technical data necessary to provide our services.

  6. How does Azion protect the personal data of its customers?

    We use strong encryption (TLS 1.2 by default), multi-factor authentication (MFA), environment segmentation, event logging, and regular vulnerability assessments. Our environment holds PCI DSS 4.0 and SOC 2 certifications.

  7. What if a customer configures something insecure on the platform (for example, TLS 1.0)?

    Azion provides a secure-by-design infrastructure for all services. However, as defined in our shared responsibility model, any insecure configurations made by customers remain their responsibility. We strongly recommend adopting the security configurations we suggest to ensure proper protection of data and applications.

  8. How does Azion support customers with data subject rights?

    Azion acts as a data processor. We support customers in fulfilling data subject rights by providing logs, records, and functionalities that help ensure compliance.

  9. Where is the personal data processed by Azion located?

    Data may be processed in globally distributed data centers, respecting local laws and international transfer mechanisms such as Standard Contractual Clauses (SCCs).

  10. What is Azion’s stance on privacy regulations (LGPD, GDPR, CCPA, and CPRA)?

    Azion Technologies, Inc adopts practices, policies, and technical controls aligned with key data protection laws like LGPD, GDPR, CCPA, and CPRA, following a structured continuous improvement plan to maintain compliance.

    If you interact with Azion’s services, websites, or portals, Azion Technologies, Inc is the data controller of your personal information. For data processed on behalf of our customers through the Azion Web Platform, we act as a data processor according to customer instructions.

  11. How can I contact Azion’s Data Protection Officer (DPO)?

    For data privacy inquiries, data requests, or legal questions, please contact dpo@azion.com