Legal
Privacy Notice
Last updated: July 11, 2026
Overview
This notice explains how ApexMake, Inc. and its affiliates (“ApexMake,” “we,” or “us”) handle personal data. Different parts of it apply to different people. Everyone should read this Overview, “How we protect data,” and “Your rights and choices”; the middle sections apply depending on whether you are a website visitor, a customer or prospective customer, or an expert in our network.
It covers the personal data of everyone we interact with in running our business: people who browse our website, customers and prospective customers and their users, experts and candidate experts, event attendees, and business contacts. It also describes the rights you may have under data protection law and how to exercise them. Note that we do not always collect data directly from you; in some circumstances it reaches us through publicly available sources, third-party providers, business partners, employers, or customers.
When we deliver services to a customer, the customer agreement, data processing agreement, or similar contract may also govern how personal data is handled, and if that contract conflicts with this notice for those services, the contractual documentation prevails to the extent of the conflict.
Questions about this notice or our data practices can go to privacy@apexmake.com at any time.
Our role under data protection law
ApexMake, Inc., a U.S.-headquartered company, provides an AI-native expert network and market intelligence services. For most of the processing this notice describes (website visitors, customers and their users, experts, event attendees, and business contacts), ApexMake acts as the controller. Depending on your location, your relationship with us, and the services involved, an ApexMake affiliate may be the controller for particular activities.
In some circumstances, where we process personal data on a customer’s behalf as part of delivering our services, we act instead as a processor (or “service provider”), and that customer remains the controller.
We also process personal data as an independent controller for our own business purposes: running accounts and billing, managing customer and expert relationships, recruiting experts, administering events, marketing, preventing fraud, securing our systems, compliance screening, meeting legal and regulatory obligations, enforcing contracts, corporate governance, and building and improving our services.
If you are in the European Economic Area or the United Kingdom, any representatives we are required to appoint can be reached through privacy@apexmake.com.
Legal bases we rely on
The legal basis for any given processing activity depends on what we are doing, our relationship with you, and where you are. Across activities like providing services, running our website, managing relationships, arranging consultations, marketing, security, fraud prevention, and legal compliance, we rely on one or more of:
- Contract: processing needed to deliver services you asked for, administer accounts, arrange expert engagements, take payment, or otherwise keep our side of a bargain
- Legitimate interests: running and improving our website, services, and expert network; keeping things secure; preventing fraud; business development and marketing; managing relationships; and protecting our legal position, always provided those interests are not overridden by your rights and freedoms
- Legal obligation: tax, accounting, sanctions, anti-corruption, anti-money-laundering, regulatory, litigation, law enforcement, and recordkeeping requirements
- Vital interests: where processing is needed to protect someone’s life, health, or safety
- Consent: where the law requires it, for example for certain marketing, cookies, biometric processing, or recordings
If you visit our website
This section applies to visitors to apexmake.com and its subdomains.
What we collect
Some technical and usage data is collected automatically whenever you visit, through cookies and similar technologies: your IP address and the rough location it implies; browser type, version, and plug-ins; operating system and device identifiers; the pages you view, how long you stay, what you click, and where you came from; and your time zone. You can browse much of the site without telling us who you are, but this automatic collection still happens.
You also give us information yourself: when you request a demo, subscribe to updates, or fill in a contact form, we may ask for your name and contact details (email, phone, postal address), professional details (employer, job title, industry), and marketing preferences. Providing it is up to you, though declining to provide it may limit your access to certain features or services.
How we use it
We use visitor data to run and maintain the website, make it work better, answer inquiries and service requests, send marketing you have opted into, measure and deliver relevant advertising, keep the site secure and fraud-free, and do internal research, testing, and statistics.
Cookies and similar technologies
We use cookies and similar technologies, including pixels, tags, web beacons, and local storage, to operate the website, understand how it is used, remember preferences, and support our marketing activities. They fall into four categories: strictly necessary technologies (required for operation, security, and core functionality); analytics and performance technologies (understanding how visitors use the site and improving it); functional technologies (remembering your settings and choices); and advertising technologies (delivering relevant content and advertising, and measuring campaign effectiveness).
Where the law requires consent before we set non-essential cookies, we obtain it. You can manage or block cookies through your browser settings at any time, and opt out of Google Analytics with Google’s browser add-on.
In certain circumstances, information collected through cookies and similar technologies may be disclosed to analytics, advertising, social media, or other technology partners; depending on applicable law, such disclosures may constitute a “sale,” “sharing,” or use of personal data for targeted or cross-context behavioral advertising. Where applicable law requires it, we recognize and process browser-based privacy preference signals, including Global Privacy Control (GPC), as requests to opt out of that kind of processing.
Links to other sites
Our website may link to third-party sites, applications, and services we do not operate. We are not responsible for their privacy practices, content, or security, and we encourage you to review their privacy notices and terms before providing personal data to them.
If you are a customer or prospective customer
This section applies to customers, users of our platform, and anyone who has inquired about our services.
What we collect and where it comes from
For prospective customers and business contacts, we may collect: name, business email, phone number, employer, and job title; industry, role, areas of interest, and organization details; correspondence, meeting notes, event participation, and marketing preferences; and records of any demonstrations, evaluations, proof-of-concept engagements, or trials.
For customers and their authorized users, we also collect:
- account credentials and account, administration, and subscription details
- transaction, payment, billing, and contract records
- device, technical, usage, and log data from your use of the services
- audio, video, transcripts, and consultation and collaboration data, where you use those features
- data held in systems, applications, or data sources you connect to the services
- identity-verification data, where applicable
- anything else you choose to give us
This information reaches us directly from you, from your employer, through account registration and your use of the services, through connected systems, from events, demos, and marketing activities, and from public sources, professional networks, and reputable business-information providers. We combine data from these sources for the purposes described in this notice.
How we use it
For prospective customers and contacts: answering inquiries; arranging demos, evaluations, proofs of concept, and trials; communicating about our services; running events and webinars; sending marketing you have opted into; and maintaining the relationship.
For customers and users: creating and managing accounts; providing, supporting, and administering the services; handling support requests; billing and managing the commercial relationship; maintaining, securing, and improving the services; building new features; analytics, testing, troubleshooting, and performance monitoring; running promotions and surveys; and keeping our systems secure, intact, and available.
AI in our services
Our services use automated tools, including artificial intelligence and machine learning, to process personal data such as transcripts, content, and data from connected systems, in order to provide, maintain, and improve the services: better search, generated insights, automated workflows, a smoother experience.
We do not use customer personal data, customer content, or data we process on a customer’s behalf to train generally available generative AI or large language models, unless the customer has expressly agreed.
When AI-driven or agentic features carry out tasks or produce output for you, they do so on your instructions; that is not solely automated decision-making with legal or similarly significant effects as data protection law defines it, and deciding whether and how to use any AI output remains your responsibility. To keep those features working across sessions, we may retain project history, prompts, interactions, and session context.
We do not make solely automated decisions that produce legal or similarly significant effects on individuals except where the law permits it and appropriate safeguards are in place.
Connected third-party tools
The services can integrate with third-party platforms and business tools. Where you connect them, we process the personal data inside those systems as needed to provide, support, secure, and improve the services. As above, we do not use it to train generally available generative AI or machine-learning models. You can manage or remove connected data where the platform allows.
Who we share it with
Personal data may be shared with other ApexMake group companies (for operations, administration, compliance, security, and reporting); with the partners, suppliers, contractors, and service providers who help us deliver our services; and with the analytics, search, cloud, communications, security, identity-verification, payment, and other technology providers that support our operations.
We may also disclose personal data when law, regulation, legal process, or a governmental request requires it; to establish, exercise, or defend legal claims; as part of a merger, acquisition, financing, restructuring, asset sale, or similar transaction; to protect the rights, property, or safety of ApexMake, our customers, users, experts, partners, or others; or when you have consented or asked us to.
Every service provider we use must apply appropriate security measures and handle personal data according to its contract with us and the law. Some process data outside the country where it was collected; those transfers are protected by the safeguards described under “How we protect data” below.
If you are an expert
This section applies to participants in ApexMake’s expert network, including people we have identified as potential experts and those who have taken part in consultations. The network is open only to people aged eighteen (18) or over.
What we collect and where it comes from
About experts we may collect and process: name and contact details; professional and employment history (current and former employers, titles, areas of expertise, biography); account credentials; audio and video recordings of consultations, their transcripts, and related metadata such as duration and participants; identity-verification data; and payment and financial details where applicable.
We collect this information from you directly, when you register or take part in consultations; from publicly available sources such as professional networking platforms, employer websites, conference speaker biographies, regulatory filings, published articles, and professional associations; and from third-party data and compliance-screening providers.
How we use it
We use expert data to find the right expert for each customer engagement and make the match; to arrange and run consultations; to share professional and biographical details with customers around proposed or completed engagements; to record and transcribe consultations where needed to deliver our services (obtaining consent or giving notice first, where the law requires); to make recordings, transcripts, and content derived from them available to licensed customers on our platform; to pay you; to send marketing you have opted into; and to run and improve the network.
Recordings, transcripts, summaries, notes, and related metadata are kept as long as needed to serve customers, keep the platform working, meet legal obligations, resolve disputes, enforce contracts, and support legitimate business operations.
Identity verification and screening
To keep the platform trustworthy, we may verify expert identities through a third-party provider. That can involve government-issued ID documents and biometric data, including facial recognition, used strictly for identity verification and fraud prevention.
Biometric data collected for verification is used only for verification, fraud prevention, security, compliance, and audit. It is never used for marketing, profiling, behavioral analysis, service development, or AI training, and it is kept only as long as the verification and our legal obligations require. Where the law requires consent for biometric processing we will ask for it; otherwise we rely on our legitimate interest in preventing fraud, keeping expert identities accurate, and protecting our customers and services.
We may also run compliance screening when onboarding and maintaining the network, reviewing public sources and third-party data to confirm identities, spot potential conflicts, and stay within the law and our internal policies.
Who we share it with
Delivering our services means sharing some expert data with customers: professional and biographical information, participation in consultations, and recordings or transcripts (and content derived from them) available on the platform to licensed customers. That sharing happens under our customer contracts and the law, and customers are contractually bound to handle expert data in line with data protection requirements. Customers may keep recordings, transcripts, summaries, notes, and outputs from consultations under their own legal obligations and contractual rights. Expert data may also go to the other recipient categories listed in the customer section above, where relevant.
How we protect data
Retention
We keep personal data no longer than the purposes it was collected for require, which includes meeting legal and regulatory obligations, resolving disputes, and enforcing agreements. Different data lives for different periods; what drives each period is the nature of the data, why we collected it, legal and contractual requirements, dispute resolution needs, and legitimate business needs.
International transfers
Our people, affiliates, and service providers may be located in more than one country, so personal data may be stored or processed somewhere other than where it was collected, possibly in a country with different data protection laws. Where the law requires safeguards for such transfers, we put them in place. Depending on the situation, that can mean an adequacy decision of the European Commission or the UK government; the European Commission’s Standard Contractual Clauses, with the UK International Data Transfer Addendum and Swiss FADP adaptations where needed; another legally recognized transfer mechanism; or a specific derogation the law permits.
Security
We use technical and organizational measures appropriate to the risk: access limited to authorized personnel, current security technologies, secure servers and reputable cloud infrastructure, regular security and privacy training for staff, and contractual requirements that our processors maintain equivalent protections. No method of transmission over the internet is completely secure, however; we cannot guarantee absolute security, and you are responsible for keeping your account credentials confidential.
Your rights and choices
Your rights
Depending on where you live, the law may entitle you to:
- ask whether we process your personal data, and what
- get access to it
- have inaccurate or incomplete data corrected
- have data deleted where we no longer have a lawful basis to keep it
- restrict certain processing
- object to processing based on legitimate interests, or withdraw consent you gave earlier
- receive your data in a structured, commonly used, machine-readable format
- learn the source of data we did not collect from you directly
- be told about automated decision-making, including profiling, and not be subject to decisions made solely by automated processing that carry legal or similarly significant effects, except as the law allows
- complain to a supervisory authority
We respond to all rights requests within the timeframes required under applicable law. To protect your privacy and security, we may take reasonable steps to verify your identity before fulfilling a request. To exercise any of these rights, contact us at privacy@apexmake.com. You will not generally be required to pay a fee to exercise your rights; where permitted by law, we may charge a reasonable administrative fee if a request is manifestly unfounded, excessive, or repetitive, and we will notify you in advance if a fee applies or if we are unable to comply.
Complaints
If you have concerns about how we handle personal data, contact us at privacy@apexmake.com; we acknowledge and respond to complaints within the legally required timeframes. If you are not satisfied with our response, or if we have not responded within a reasonable time, you have the right to escalate your complaint to a supervisory authority: the Information Commissioner’s Office (ico.org.uk) in the UK, your local Data Protection Authority in the EU, or the privacy regulator responsible for your jurisdiction elsewhere.
California residents
This part is for California residents only. “Personal Information” here means what the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the “CCPA”), says it means, minus what the statute exempts.
Under the CCPA you may have the right to: know the categories and specific pieces of Personal Information we hold about you, where it came from, why we collected it, and the categories of third parties we shared it with; have it deleted in certain circumstances; have inaccuracies corrected; opt out of its sale or sharing; and limit the use and disclosure of sensitive Personal Information, where that applies.
We do not sell Personal Information in the conventional sense. However, like many companies, we use advertising and analytics services that may constitute a “sale” or “sharing” under the CCPA’s broad statutory definitions. You can opt out through your browser’s cookie settings or by emailing privacy@apexmake.com. We do not use or disclose sensitive Personal Information for purposes other than those permitted by the CCPA and its implementing regulations.
We will not discriminate against you for exercising any of these rights. We acknowledge requests within ten (10) business days and respond substantively within forty-five (45) calendar days, extendable to ninety (90) days with written notice. Requests must come from you or an agent you have authorized, and we may verify identity before responding.
Children
Our website, services, expert network, and events are intended for business professionals and are not directed to children. We do not knowingly collect personal data from anyone under thirteen (13) in the United States, or under the local age of digital consent elsewhere (typically 13–16 in the EEA and UK), except where the law permits and any required parental or guardian consent is in place. The expert network itself is limited to individuals who are eighteen (18) years of age or older.
In limited cases, someone above the age of digital consent but below the age of majority may browse the website, attend an event, or otherwise engage with us, where the law allows and with parental, guardian, school, or organizational consent where required. If we become aware that we hold personal data collected in a manner inconsistent with this section or with applicable law, we will take reasonable steps to delete it or otherwise address it as the law requires.
Changes to this notice
We update this notice from time to time and change the “Last updated” date at the top when we do. For material changes we will take reasonable steps to let you know, whether through a prominent notice on the website, an in-service notification, or a direct message, as appropriate or required. We encourage you to review this notice periodically.
Contact
ApexMake, Inc. operates this website. For anything relating to this notice, including questions, rights requests, complaints, or more information about how we process personal data, write to privacy@apexmake.com.