AXIS BLUE
CONTROL THE WORK. CONTROL THE RECORD.
Policy

Privacy policy.

This Privacy Policy governs the collection, use, disclosure, storage, and retention of information processed through AXIS BLUE in connection with authorized operational use.

What AXIS Collects

  • Identity and account data submitted by or on behalf of an authorized user, including name, operator identifier, role, organization, and related access attributes.
  • Operational context associated with a visit, route, task, store, program, event, or work session, including dates, timestamps, notes, counts, selections, and workflow inputs.
  • Evidence and supporting materials, including photographs, documents, generated reports, exports, and metadata associated with creation, modification, or submission.
  • Scan and code data, including barcode, UPC, QR, and other machine-readable identifiers, together with associated scan results and derived structured outputs.
  • Location or site-association signals where enabled, including approximate device location or user-confirmed site information used to associate activity with an operational location.
  • Device, network, and diagnostic data reasonably necessary for authentication, security, integrity, availability, debugging, and abuse prevention.

How AXIS Uses Data

  • To authenticate users, administer access, and operate the platform on behalf of the deploying organization.
  • To generate visit records, operational logs, structured outputs, summaries, and client-facing reporting artifacts.
  • To enforce integrity controls, including timing, sequencing, submission rules, and other anti-abuse or anti-tamper measures where configured.
  • To monitor service reliability, investigate incidents, maintain security, and satisfy applicable contractual, legal, audit, or compliance requirements.

Where Data Is Stored

Data may be stored locally on the operator device, within organization-controlled infrastructure, or within authorized service-provider infrastructure, depending on deployment configuration. Local-only behavior may apply in certain environments by default; other environments may store structured records, evidence, exports, and related outputs beyond the local device when configured to do so.

Third-Party Processors

  • AXIS may engage infrastructure and processing vendors to support hosting, storage, document rendering, scanning, authentication, analytics, diagnostics, and related platform functions.
  • Such vendors process information solely as necessary to provide contracted services, subject to technical controls, service configuration, and applicable contractual restrictions.

Third-party services function as subprocessors or infrastructure components. AXIS does not disclose data to such providers for unrelated commercial exploitation of operator-submitted content.

Sharing

Information may be disclosed to the client organization that deploys or controls the relevant AXIS environment, its authorized administrators and users, affiliated service providers, and other recipients where required to provide the service, enforce rights, protect security, or comply with law. AXIS does not sell personal data in the ordinary course of platform operation.

Security

AXIS applies administrative, technical, and organizational safeguards reasonably designed for an operations platform, including access controls, authentication controls, transport protections, logging, and configuration-based separation. No method of transmission, storage, or processing is guaranteed to be secure, and security outcomes depend in part on deployment, credential management, device posture, and organizational administration.

Retention

Retention periods vary by deployment, organization, program, and configuration. Data may be retained, archived, transformed, exported, or deleted in accordance with configured rules, operational needs, contractual obligations, and applicable law. Organizations using AXIS are responsible for determining whether retained records satisfy their internal and external retention requirements.

Your Choices

  • Certain information may be mandatory for workflow completion, account administration, security review, or record generation.
  • Where location, evidence, or scan capture is enabled, a user may be unable to complete a configured workflow without providing the required input or an approved substitute permitted by the deployment.

Contact

For privacy, data, or access-related inquiries concerning AXIS BLUE, contact foundation@axisblue.io.

Last updated: 2026-04-10