Last Updated: September 9, 2019
Scope and Application
By enrolling in the Axon AI Data Sharing Program, Customer acknowledges that Customer has read and understand this Policy and Customer agrees to be bound by its terms and conditions. Axon may occasionally update this Policy. When Axon posts changes, Axon will revise the "last updated" date at the top of this page. Customer's continued enrollment in the Axon AI Data Sharing Program will signify Customer’s agreement and acceptance to any such changes.
- “Axon AI Training Center” means the systems, locations, people, and processes that facilitate the transfer, storage, and processing of Customer Data to train AI models.
- “Axon AI Data Sharing Program” means the processes and agreement in which a Customer enrolls to share Customer Data with Axon to train AI models.
- “Axon Training Data” means both Axon Training Data - Derived and Axon Training Data - Generated, as defined below.
- “Axon Training Data - Derived” means data derived from Customer Data. Axon Training Data - Derived is a subset of Customer Data and may contain Personal Data.
- “Axon Training Data - Generated” means data generated during Axon’s AI training processes. Axon Training Data - Generated does not contain Personal Data.
- “Data Development Agreement” means an agreement executed by a Customer with Axon to authorize the transfer, storage, and processing of Customer Data in the Axon AI Training Center.
- “AI Models” means a generated file or collection of files that contain artificial intelligence technologies to provide a statistical or probabilistic estimation of data. AI Models generated in the Axon AI Training Center are deployed into Axon Products. AI Models do not contain Customer Data or Personal Data.
- “Data Controller” means the natural or legal person, public authority, or any other body which alone or jointly with others determines the purposes and means of the processing of Personal Data (as defined below).
- “Data Processor” means a natural or legal person, public authority or any other body which processes Personal Data on behalf of the Data Controller.
- “Data Exporter” means the Data Controller who transfers the Personal Data.
- “Data Importer” means the Data Processor who agrees to receive from the Data Exporter Personal Data intended for processing on Data Exporter's behalf after the transfer in accordance with the Agreement and who is not subject to a third country’s system ensuring adequate protection with in the meaning of the General Data Protection Regulation (EU) 2016/679 of the European Parliament (“GDPR”)
- “Joint Controller” means a natural or legal person, public authority or any other body which determines the purpose and means of processing Personal Data with a Data Controller or another Joint Controller.
- “Personal Data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “Processing”means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- “Sub-processor” means any processor engaged by the Data Importer or by any other sub-processor of the Data Importer who agrees to receive from the Data Importer or from any other sub-processor of the Data Importer Personal Data exclusively intended for processing activities to be carried out on behalf of the Data Exporter after the transfer in accordance with its instructions, the terms of the Clauses and the terms of the written subcontract.
Within the Axon AI Training Center, Axon may also generate, control, and process Axon Training Data - Generated. Axon is a Data Controller for Axon Training Data - Generated. Axon generates, controls, and processes Axon Training Data - Generated data to develop and mature AI models for deployment within Axon Products. Axon Training Data - Generated does not contain Personal Data.
Both Customer Data and Axon Training Data - Derived may include Personal Data collected by Customer in the form of captured video, images, and audio.
Data Collection and Processing Activities
Customer Data will be copied from Axon Cloud Services to the Axon AI Training Center based upon established Customer Data Qualification Criteria. Current qualification criteria is listed on the Data Sharing Agreements - Reference Guide and are subject to change by Axon at anytime within the bounds defined in the Data Development Agreement. Customer is responsible for configuring and operating Axon Cloud Services to manage data that becomes qualified for copying into the Axon AI Training Center. Prior to transfer into the Axon AI Training Center, Customer and user identifying structured metadata is removed from Customer Data. Personal Data that may be contained in Customer Data, including what may be included in video, images and audio, is not removed from Customer Data and is retained and processed within the Axon AI Training Center.
Axon will not use Customer Data for any purposes other than for those outlined in the Data Development Agreement. Customer Data will only be reviewed by members of the Axon AI Training Center for annotation and members of the Axon Research team for quality assurance.
AXON TRAINING DATA
Axon Training Data includes data derived from Customer Data (Axon Training Data - Derived) or generated (Axon Training Data - Generated) during Axon’s AI training processes within the Axon AI Training Center. Axon Training Data will be used to mature AI models within the Axon AI Training Center.
Server and Data Location
CUSTOMER DATA AND AXON TRAINING DATA
The Axon AI Training Center is located in Arizona, United States. Microsoft Azure data centers supporting the Axon AI Training Center are located in Texas and Virginia. Axon ensures that all Customer Data and Axon Training Data remains within the United States, including, without limitation, all backup data, replication sites, and disaster recovery sites.
AI Models trained within the Axon AI Training Center do not contain Customer Data, Axon Training Data or Personal Data and may be maintained and shared outside of the United States.
Axon will never externally share, publish, or post Customer Data shared within the Axon AI Data Sharing program. Axon is committed to not disclosing Customer Data shared within the Axon AI Data Sharing program.
Axon may transfer data with its Sub-processors. Axon exercises commercially reasonable efforts in connection with contractual obligations to ensure its Sub-processors are compliant with all applicable data protection laws and regulations surrounding the Sub-processors access and scope of work in connection with Customer Data.
Customer consents to the transfer of Customer Data to Axon's Sub-processors for the purpose of storing Customer Data. Such Sub-processors responsible for storing Customer Data are contracted by Axon for data storage services.
Axon will only permit any Sub-processors to process Customer Data from Axon Cloud Services to deliver services to Axon and will be prohibited from using Customer Data for any other purpose. Axon may engage new Sub-processors. Axon will give Customer notice (by updating the website) of any new Sub-processor.
Prior to onboarding Sub-processors, Axon conducts an audit of the security and privacy practices of Sub-processors to ensure Sub-processors provide a level of security and privacy appropriate to its access to data and scope of services.
|Sub-processor||Data Processed||Location||Function(s) Performed|
Customer Data and Personal Data
Texas and Virginia, United States
Infrastructure and Platform Services
Due to the process in which Customer Data is transferred into the AI Training Center, as detailed in Data Collection and Processing Activities and Data Sharing Agreements - Reference Guide, Axon is unable to retrieve any specific Customer Data from The AI Training Center. In the event of a Customer’s loss or corruption of Customer Data on systems outside of the AI Training Center, Axon will not be able to retrieve specific data from the AI Training Center. Additionally, Axon will not disclose Customer Data except as compelled by a court or administrative body or required by any law or regulation. Axon will give notice if any disclosure request is received for Customer Data so the Customer may file an objection with the court or administrative body.
Customer's Access and Choice
Customer must opt-in to the Axon AI Data Sharing Program. Once enrolled, Customer must manage their Axon Cloud Services (Axon Evidence) to appropriately disqualify data from being copied into the Axon AI Training Center. Customer must understand and execute their responsibilities as outlined in the Axon Data Sharing Agreements - Reference Guide. Axon does not, under any circumstance, want to obtain data that the Customer believes should not be provided to Axon under such agreement.
Once Customer Data is transferred to the Axon AI Training Center the retention policy from the original source data is not applied to the copy in the Axon AI Training Center and the copy may be retained indefinitely by Axon. Additionally, any applicable audit trail on the original data in Axon Cloud Services will not include activities and processing performed against the copy in the Axon AI Training Center.
Data Security Measures
Axon is committed to help protect the security of Customer Data and Axon Training Data. Axon has established and implemented policies, programs, and procedures that are commercially reasonable and in compliance with applicable industry practices, including administrative, technical and physical safeguards to protect the confidentiality, integrity and security of Customer Data and Axon Training Data from unauthorized access, use, modification, disclosure or other misuse.
Axon will take appropriate steps to ensure compliance with the data security measures by its employees, contractors and Sub-processors, to the extent applicable to the respective scope of performance.
Customer Data is encrypted in transit over public networks. Customer Data is encrypted at rest.
Axon protects all Customer Data and Axon Training Data with strong logical access control mechanisms to ensure only users with appropriate business needs have access to data. Third-party specialized security firms periodically validate access control mechanisms. Access control lists are reviewed periodically by Axon.
Axon personnel are required to conduct themselves in a manner consistent with applicable law, the company’s guidelines regarding confidentiality, business ethics, acceptable usage, and professional standards. Axon personnel must complete security training upon hire in addition to annual and role-specific security training.
Axon personnel undergo an extensive background check process to the extent legally permissible and in accordance with applicable local labor laws and statutory regulations. Axon personnel supporting the Axon AI Training Center are subject to additional role-specific security clearances or adjudication processes, including Criminal Justice Information Services background screening and national security clearances and vetting. Read more about Axon's commitment to compliance with the CJIS Security Policy
If Axon becomes aware that Customer Data has been accessed, disclosed, altered, or destroyed by an unlawful or unauthorized party, Axon will notify relevant authorities and affected customers.
Within 48 hours of an incident confirmation, Axon will notify Customers enrolled in the Axon AI Data Sharing Program. Authorities will be notified through Axon's established channels and timelines. The notification will reasonably explain known facts, actions that have been taken, and make commitments regarding subsequent updates. Additional details are available here.
Data Portability, Migration, and Transfer Back Assistance
In the event a Customer terminates their Data Development Agreement, no data portability, migration or transfer back capabilities exist. Customer Data residing in the Axon AI Training Center is not retrievable or available to Customers and may be stored and processed indefinitely by Axon. Axon will cease any future or planned copying of Customer Data residing in Axon Cloud Services to the Axon AI Training Center.
Data Retention, Restitution, and Deletion
Once Customer Data is transferred to the Axon AI Training Center the retention policy from the original source data is not applied to the copy in the Axon AI Training Center, the copy may be retained indefinitely by Axon.
As outlined herein, Axon is committed to maintaining compliance with relevant security and privacy standards to ensure the continued security, availability, integrity, confidentiality, and privacy of the Axon AI Training Center and Customer Data stored within.
Axon will maintain, during the term of the Agreement, a cyber-insurance policy and will furnish certificates of insurance following Customer's written request.
How to Contact Us
Axon commits to resolve complaints about Customer privacy and use of Axon Products. Complaints surrounding this Policy can be directed to Customer's local Axon representative or firstname.lastname@example.org. If Customer has any questions or concerns regarding privacy and security of Customer Data or Axon's handling of Customer's Personal Data, please contact email@example.com.