Menu
Book a Call
Sign up for free

The GDPR & Audiense

Privacy & Data Protection Commitments

Buxton Company, LLC and its subsidiaries Elevar, LLC and Audiense, LTD are committed to responsible data practices and maintaining a privacy program designed to support compliance with applicable data protection laws, including:

• EU General Data Protection Regulation (GDPR)
• UK GDPR and Data Protection Act 2018
• California Consumer Privacy Act (CCPA), as amended by CPRA

Our privacy and security practices are designed to align with applicable legal requirements and industry standards.

Privacy by Design

We incorporate data protection principles into our product development and operational processes. This includes consideration of:

• Data minimization
• Purpose limitation
• Role-based access controls
• Configurable retention settings (where applicable)
• Risk-based privacy and security assessments

Privacy considerations are evaluated as part of our product life cycle.

Data Roles

Depending on the services provided and contractual arrangements:

• Audiense may act as a Controller (or “Business” under CCPA/CPRA).
• Audiense may act as a Processor (or “Service Provider” under CCPA/CPRA).

Where required, we enter into appropriate contractual arrangements, including data processing agreements that address applicable statutory requirements.

Individual Rights

Subject to applicable law and depending on an individual’s jurisdiction and our role (e.g., Controller/Business or Processor/Service Provider), individuals may have certain rights with respect to their personal information. These rights may include:

• Right of access to personal information, we process about the individual
• Right to request correction of inaccurate personal information
• Right to request deletion of personal information, subject to applicable exceptions
• Right to data portability, where applicable
• Right to restrict or object to certain processing activities, where applicable
• Right to opt out of the sale or sharing of personal information, as defined under applicable U.S. state privacy laws

Where we act as a Processor or Service Provider on behalf of a customer, we will direct individuals to the relevant Controller or Business and will assist our customers in responding to such requests in accordance with our contractual obligations and applicable law.

We may take reasonable steps to verify the identity of individuals submitting requests and may limit or deny requests as permitted by applicable law. Requests are handled in accordance with applicable legal requirements, including statutory response timeframes and permitted exceptions.

Security Measures

We maintain administrative, technical, and organizational safeguards designed to protect personal information, which may include:

• Encryption in transit
• Access controls and authentication mechanisms
• Monitoring and logging controls
• Secure development practices
• Vendor due diligence procedures

Security measures are reviewed periodically and updated as appropriate based on risk.

International Transfers

Where personal data is transferred internationally, we implement transfer mechanisms recognized under applicable law, which may include:

• Standard Contractual Clauses
• UK International Data Transfer Agreement (IDTA) or UK Addendum
• Transfers to jurisdictions subject to adequacy decisions
• Transfers to importers under Binding Corporate Rules or approved data transfer frameworks

Service Providers & Subprocessors

We may engage third-party service providers to support service delivery. We implement contractual and due diligence measures designed to require appropriate data protection standards.

Incident Response

We maintain an incident response program designed to identify, assess, and address security incidents. Where required by law, we support notification obligations.

Ongoing Program

Our privacy program is periodically reviewed and updated to reflect evolving legal requirements, regulatory guidance, and business operations.

Contact

For privacy-related inquiries:

Email: Buxton_Legal@Audiense.com