Privacy Policy

Athos Commerce provides online application services for use by online retailers, including site search and product recommendation features that can be implemented on any site to improve merchandising and analyze online interactions with site visitors. Athos Commerce, a brand name of B7 Interactive, LLC, operates globally through the following legal entities:

• North America: B7 Interactive, LLC, d/b/a Athos Commerce.
• APAC: Intelligent Reach Pty Ltd (ABN 85 162 612 928), t/a Athos Commerce. 
• EMEA & UK: Intelligent Reach Limited (Co. No. 08986335), t/a Athos Commerce. 

This Privacy Policy describes our policies for the personal data that we collect and use from visitors to our site or direct users of our services. It does not cover the personal data that our customers collect by using our services. Our customers control such data and we only use it on their behalf pursuant to their written instructions. If you have any questions or concerns about data collected by our customers or through on of their sites, please review the privacy policy they provide or contact them directly.

How to Contact Us

If you have any questions or comments about this Privacy Policy, please contact us by email at privacy@athoscommerce.com. Or you can mail us at Athos Commerce, 122 East Houston St #105, San Antonio, TX, 78205, United States, Attn: DPO.

1. Personal data we collect

This section explains the types of data we collect through your various interactions with us. 

Data provided by you or your organization to establish and maintain an Athos Commerce account. Our customers are required to provide a user contact for billing, administrative, technical, and other aspects of managing their Athos Commerce account. We collect the name and business contact information of these account representatives and require them to establish unique account credentials (username and password) for authentication and authorization purposes. If you use a personal payment card or other financial account to make payment arrangements, then we may collect information relevant to the processing of the payment transaction.

Data provided by you as part of your communications with us. We collect personal data that you submit to us as part of a communication with us as a visitor or account user, such as via chat on our site, email, submission of a web form, telephone, or in person (such as at a meeting, trade show ,or other event). For example, you may communicate with us as a visitor to obtain more information about our services, or as an account user to request technical support. The communication may include information that can be used to identify you such as your name, job title, job function, the organization you represent, email address, phone number as well as information about your interest in our company or our services. We do not solicit information from you as part of these communications other than information that is useful to us in light of the purposes described above, but if you choose to volunteer more personal information than we ask for we will collect that as part of the communication.

Event Attendance. The information you provide to an event organizer (like Eventbrite) to register for a webinar, trade show, or other event we participate in may be provided to us by the event organizer. Your registration information is also made available to us if you allow us to scan your event badge at the event.

Automated data collection on our website and management console. When you visit our site or use our management console, our servers capture data that may be used to identify you or your device, such as your IP address, device identifier, and information about your device such as the operating system, time zone setting, language setting, browser settings, and browser plug-ins. Depending on your device and browser settings, we may also capture location information, any referring web site website, the time and duration of your visit, and your navigation path from page to page (i.e., what you click on). We use third-party service providers such as Intercom, 6sense, LuckyOrange, and Hotjar to capture other information about your visit to our site or management console which can include recordings of your scrolling activity on each page of our site or management console. We and our third-party analytics providers may place a cookie on your browser so that we may identify you as a return visitor to our site or management console and store certain browsing or application preferences that you may have set. Please see “How to Opt Out of Online Data Collection” below for information on how to block cookies.

Data provided by advertisers. If you arrive at our site by clicking on a link that is part of an advertisement on another site (including an advertisement on a social media platform), the advertising service will identify the link, enabling us to associate you with the advertising parameters we provided to the advertising service. For example, we may ask an advertising service to target our ad to individuals that the ad service has identified as having an interest in retail merchandising. If you arrive at our site by means of the link in that ad, we will be able to identify you as an individual who has expressed an interest in retail merchandising. Advertising services are responsible for the collection, use, and disclosure of the data they provide to us in accordance with their published privacy policies. See the section below captioned “Our advertising ecosystem” and “How to Opt Out of Online Data Collection.”

Data on marketing lists that we purchase. We may purchase information from third-party services such as Zoominfo, StoreLeads, Seamless.ai, Uplead, and eTailInsights for outbound marketing purposes.

Marketing Partners and Resellers. We have relationships with other companies that help us market, sell and deliver our services. They may collect personal data of the type described above using the methods described above and provide that data to us. We will treat personal information we receive from our marketing partners and resellers the same as the personal information we collect directly.

Social Media Features. We may place buttons on our website that allow you to publish information about your site visit to a social media platform. For example, we may have a “like” or “tweet” or similar button that, when clicked on, will generate a social media posting by you on Facebook, LinkedIn, X (formerly Twitter) or other platform that highlights or points back to the content on our site that you liked, shared on X (formerly Twitter), etc. If you use the social media features on our site, we will associate your visitor interactions. You should review the privacy policies of the social media providers as well since your visit to their platform by means of our social media button may allow them to collect information about your activity on our site.

Combinations of data collected using different methods. We use service providers such as Google Analytics, Hubspot, Gong, and Intercom to help us associate the personal data we capture about you as part of visitor interactions with personal data we collect about you as an account user.

2. How we use your data

We will only use your data in a manner that is appropriate considering the basis on which that data was collected, as set out above. 

For users of our services who have an account with us, we use data in the following ways:

• to provide our online services – we use login credentials to authenticate individuals as authorized administrative users of our services; we use IP addresses to provide our services
• we use contact information such as your email or physical address to send invoices and other account communications, authenticate individuals who request information or support on the customer’s behalf, and administer the customer’s account, such as processing billing information to complete customer purchases;
• to help us develop our service offerings – we use the information about account user navigation on our management console to help us understand what part of our management console is of interest to different kinds of account users so that we can modify and improve our content and other marketing materials to be more appealing; we may also use the information about your management console interactions to help us measure interest in our services or various features of our services; we use information about your use of our services to measure interest in various features, to plan enhancements and new features, and to improve user experience;
• to communicate with you as part of our marketing efforts – we use contact information and information about your use of our services to send you communications about our products or services, or related topics that we think you may find of interest; and
• to market our services – if you provide a customer testimonial or other content for marketing purposes we will publish the content with your name or other identifying information that you authorize us to use; if you agree that we may use you as a reference, we may provide your name and contact information to prospective customers for our services so that they may contact you to discuss your experience with our services.

For other visitors (including account users who may be accessing our site anonymously or for purposes other than managing their account), we use the data we collect:

• to operate our website – web servers, by their nature, must capture your IP address and information about your browser and device to display our site to you;
• to develop our website and product offerings – we use the information about visitor navigation on our site to help us understand what part of our website and products offerings is of interest to different kinds of visitors so that we can modify and improve our site content and other marketing materials to be more appealing to prospective customers; we may also use the information about your site visits and other visitor interactions to help us measure interest in our services or various features of our services;
• to show you personalized content when you visit our site – we use information about your prior visit to our site to customize your subsequent visits; for example, we may make more visible to you information or offers about products or services that appear to be of interest to you based on your navigation of our site on a prior visit; if you arrive at our site via an advertisement we may use that fact to make inferences about your interests and target content to you on that basis;
• to measure the success of our advertising efforts – we use visitor information to verify whether the ad services we purchase from third parties are actually resulting in visits to our site or other visitor interactions;
• to register you for webinars, office visits, or other online or off-line events we may host – we may use your name, contact email, contact address, and phone number to register you as an attendee and communicate with you about the event; we might target special content to event registrants when they visit our website based on the type of event
• to communicate with you as part of our marketing efforts – if you provide us with contact information we may use it to send you communications about our company, our products or services, or related topics that we think you may find of interest;

3. When we share your data

We will only share your data with third parties in the following circumstances or for the purposes described herein:

• you have requested or consented to us providing the information to a third party; 
• we are using a third party for the purposes of processing data on our behalf, and we have an appropriate data processing agreement with that third party; or
• we are required by law to share your data. 

International Transfers

When we share your data, we will comply with laws applicable to the transfer of personal data across international borders. We provide appropriate contractual commitments to our customers in the European Union that require protections around transfer of personal data to the United States. By providing your information to us, residents of Australia, Canada, and India consent to the transfer and storage of their data in the United States. 

4. Our advertising ecosystem

We use online advertising services that enable a practice referred to as “online behavioral advertising.” These services aggregate data about an individual’s behavior on many different sites and online services and use that data to sell targeted advertising services. For example, we permit Google’s advertising services to collect data about your behavior on the Athos Commerce Site (as do many other website operators who use Google’s ad services). Google combines the data about an individual that it collects from different sources, and uses this aggregate data to sell advertising services that target the display of ads to web users who meet certain behavioral criteria. Google does not disclose this aggregate data to Athos Commerce, but we are able to infer that users who interact with our ad meet the advertising criteria we provided. Google collects this data using cookies, web server logs (it’s own and its advertising customers), clear gifs, and other online data collection techniques. See Online Data Collection Techniques and How to Opt-Out of Online Data Collection.

Online Data Collection Techniques

A cookie is a unique alphanumeric identifier that is placed by a web server on the browser used to view the content or use the service at the site. Cookies are used to analyze visitors’ use of the website. For example, a website operator can use the cookie to identify the number of unique visitors to the site, whether or not those visitors are repeat visitors, and information about the visitor’s activity on the site, device and device settings. A tracking pixel, also known as a web bug or web beacon, is a small graphic (usually 1 pixel x 1 pixel) invisible to the eye, that is embedded in web content or email. When content that has an embedded web beacon is viewed, the browser will request content from a web server, which in turn will set a cookie.

How To Opt Out Of Online Data Collection

You can manage browser cookies through your browser settings. The ‘Help’ feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies, and when cookies will expire. If you disable all cookies on your browser, neither we nor third parties will transfer cookies to your browser. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some features and services may not work.

Our servers do not recognize or respond to any “do not track” setting you may have in your browser.

Some of the third parties who we permit to collect data on our site have features that allow you to block their data collection via cookies. See their privacy policies and cookie policies:

• Google Ads: https://policies.google.com/technologies/ads?/hl=en&gl=us&hl=en 
• Facebook: https://www.facebook.com/policy 
• LinkedIn: https://www.linkedin.com/legal/cookie-policy 
• Gong: https://www.gong.io/privacy-policy/
• HubSpot: https://legal.hubspot.com/privacy-policy 

How To Opt Out Of Marketing Emails

If you do not wish to receive our email or other communications, please send your request to info@athoscommerce.com. Please note that it may take up to ten days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request. Please also note that if you ask us to delete your personal data you will stop receiving our communications, but if you subsequently interact with us in one of the ways described above you may begin seeing communications from us again. If you use our unsubscribe process we are able to keep track of the fact that you do not want to receive our communications.

5. Protection and retention of your data

Athos Commerce has implemented technical and organizational measures designed to protect your personal data from unauthorized use, disclosure, corruption and destruction. However, you understand that we cannot guarantee that your information will always be private or secure, and we are not responsible or liable to you for any lack of privacy or security you may experience except to the extent required by law. We will retain your personal data only for as long as reasonably necessary to fulfill the purpose for which it was collected and to comply with our legal obligations, and we will use secure means to destroy the data after such time. We may retain your personal data for a longer period if required to respond to a complaint or if we reasonably believe there is a prospect of litigation. 

6. Rights you have over your data

You have certain rights over your personal data that we store and process. If you would like to know what personal data we have about you or would like us to correct inaccurate data, delete your personal data, or restrict the use of your personal data, please contact us using the information at the top of this page. We commit to responding to your request promptly and honoring your reasonable and lawful requests. We will comply with all applicable legal requirements related to your requests, but please note that we are not able nor required to delete or restrict the use of your data in a way that prevents us from complying with our legal obligations to any customer or that interferes with our reasonable record keeping as necessary to demonstrate compliance with our contracts and applicable law.

Additional rights and information for residents of Australia

Pursuant to Australia’s Privacy Act 1988, you have the option, where lawful and practicable, of interacting with us anonymously or via pseudonym (for example, when browsing our public-facing blog or general site content). If you choose not to provide requested information, you may not be able to access all of the Website’s contents and services. You also have a right to request access to and correction of personal information held by us.

Inquiries or complaints regarding the Australian Privacy Principles may be directed to the email address provided at the top of this page. If Athos Commerce is unable to resolve your issue, you may contact the OAIC through their web site located at: http://www.oaic.gov.au/.

Additional rights and information for residents of California

In addition to our general commitments above, if our collection of personal information is governed by the California Consumer Privacy Act, you have the right to request disclosure of:

• The categories of personal information and specific pieces of personal information we have collected about you over the prior 12 months;
• The categories of sources from which we collected that information and our purpose(s) for collecting it;
• The categories of third parties with whom we have shared the information, and whether we have sold or disclosed that information for a business purpose. 

You have the right to ask Athos Commerce to delete your personal information, and we will require our service providers to do the same unless we plan to retain it on a legally permitted basis. We may not discriminate against you for exercising these rights by denying services or providing a different quality or price.

We have not sold or leased personal data and will not sell or lease your personal data unless you give us your consent to do so. The California Consumer Privacy Act includes a definition of “sale” that may include permitting third party advertisers to collect data about our Site visitor for use as part of their advertising services generally. During the prior 12 months we have permitted Google Ads, LinkedIn, Meta, and Adroll to collect data on our site by means of advertising cookies. See the section below captioned Advertising Ecosystem for information on how you block these cookies.

We will not disclose your personal data to third parties except as follows:

• For legal reasons: When we believe release is appropriate to comply with the law, to enforce our terms of use and other rights, or to protect the rights and safety of others. This may include exchanging information with government regulatory or law enforcement agencies, or with other companies and organizations for fraud protection and legal compliance.
• To protect our network and information security: As necessary to protect our information and systems from unauthorized actions that compromise their security or availability, such as disclosures as part of industry initiatives to identify and block malicious actors.
• Pursuant to a sale of our business: As part of a sale of business assets where the purchaser needs the personal data to use the assets. We may in the future sell all or part of our assets or be involved in a merger. We may provide the company that is seeking to acquire our business with access to personal data as part of their evaluation of our business but will require them to maintain the personal data in confidence and use it only to evaluate our business. If we complete a transaction, it is customary to transfer personal data that is related to the purchased business assets to the purchaser.

Additional rights and information for residents of the EU

In addition to the rights of access and rectification, residents of the EU have the following rights:

• Right to be forgotten: under certain circumstances, you may request the erasure of personal data relating to you that we hold;
• Data portability: you may request the transfer of your personal data to another party;
• Restriction of processing: you may request that we limit the processing of your personal data; and
• Objection: you may object to our processing of personal data, including for direct marketing or automated profiling.

VeraSafe has been appointed as Athos Commerce’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are located within the European Economic Area, VeraSafe can be contacted only on matters relating to the processing of personal data. To make such an inquiry, please contact VeraSafe using the contact form located at: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031 Alternatively, VeraSafe can be contacted at: VeraSafe Ireland Ltd., Unit 3D North Point House, North Point Business Park, New Mallow Road, Cork, T23AT2P Ireland.

Additional rights and information for residents of India

Pursuant to India’s DPDP Act 2023, residents of India have the right to:

• Correction and erasure: request the correction of inaccurate data or the erasure of personal data that is no longer necessary for the purpose it was collected;
• Grievance redressal: address any grievances regarding the processing of your data to our designated DPO using the email address provided at the top of this page; and
• Nomination: nominate any other individual to exercise your rights in the event of your death or incapacity.

Additional rights and information for residents of the UK

In addition to the rights of access and rectification, residents of the UK have the following rights:

• Right to be forgotten: under certain circumstances, you may request the erasure of personal data relating to you that we hold;
• Data portability: you may request the transfer of your personal data to another party;
• Restriction of processing: you may request that we limit the processing of your personal data; and
• Objection: you may object to our processing of personal data, including for direct marketing or automated profiling.

VeraSafe has been appointed as Athos Commerce’s representative in the United Kingdom for data protection matters, pursuant to Article 27 of the United Kingdom General Data Protection Regulation as amended by Schedules 1 and 2 to the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419). If you are located within the United Kingdom, VeraSafe can be contacted only on matters relating to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +44 20 4532 2003. Alternatively, VeraSafe can be contacted at: VeraSafe United Kingdom Ltd., 37 Albert Embankment, London, SE1 7TL, United Kingdom.

Children’s Privacy Rights

Children are not permitted to use our site or services. We do not knowingly collect personal information from anyone under 16. If you are under 16, do not use or provide any information on our sites unless you have involved your parent or guardian. If we discover that we have information about a child we will delete that information. If you are the parent or guardian of a child and you believe we have personal data about the child without your consent, please contact us at the address appearing at the top of this page and we will delete that information.

7. Changes to Our Privacy Policy

We may modify this Privacy Policy from time to time and will publish the most current version on our website. If a modification meaningfully reduces your rights, we’ll notify those people whose personal data we hold who are affected.

Prior versions of our Privacy Policy may be found here.