This Privacy Policy describes how Athena Labs LLC and its affiliates and subsidiaries (collectively, “Athena”, “we”, “us” or “our”) handle personal information that we collect through our online services that link to this Privacy Policy and the services provided by the executive assistants we place with our customers (“EAs”) (collectively, the “Service”), our marketing and social media activities, our communications with you, and the other activities described in this Privacy Policy.
For details regarding data collection through cookies and other technologies, see our Cookie Notice.
Individuals in the European Economic Area/United Kingdom: See our Notice to European Users for information about your personal information and data protection rights.
State Law Privacy Rights: See the State Law Privacy Rights section below for important information about rights you may have under applicable U.S. state privacy laws.
If you have questions or concerns about our use of your personal information, please contact us.
You can click on the links below to jump to specific sections, but we recommend that you read this Privacy Policy in its entirety.
Personal Information We Collect
How We Use Your Personal Information
How We Share Your Personal Information
Changes to This Privacy Policy
Athena trains and supports EAs, including by providing them software tools, and matches them with Customers in order to provide the Service to users. This Privacy Policy does not apply to:
We may provide additional or supplemental privacy notices to individuals at the time we collect their personal information.
The personal information we collect from you, directly or indirectly, will depend on how you interact with us and with our Service. The sources from which we collect personal information include the following:
Information you provide to us. Personal information you may provide to us through the Service or otherwise includes:
Information about others. You should not submit personal information of others to the Service unless they have given you permission to do so or you are otherwise authorized to provide the Service with their information.
Third-party sources. We may combine personal information we receive from you with personal information that we obtain from other sources, such as:
Automatic collection. When you access or interact with the Service, our communications, and other online services, we, our service providers, and our advertising partners automatically log, monitor and record information about you, your computer or mobile device, and your interaction over time with the Service and our communications. This information includes:
Cookies and other technologies. Some of the information we automatically collect is captured using cookies and other technologies described in our Cookie Notice.
We may use your personal information as permitted by applicable law, including for the following purposes or as otherwise described at the time of collection:
Service delivery. We use your personal information to provide the Service, to process your payments, and to communicate with you about our Service (including support and administrative messages).
Business operations. We use your personal information to administer and maintain our Service and our IT systems (including monitoring, troubleshooting, data analysis, testing, system maintenance, repair and support, reporting and hosting of data), to manage the performance of our EAs, and to operate and expand our business activities.
Direct marketing. As permitted by applicable law, we may collect and use your personal information to send you marketing emails we think may interest you or contact you by phone about our products, services or events. You may opt-out of our marketing communications as described in the Opt-out of marketing section below.
Targeted advertising. Our third-party advertising partners may use cookies and other technologies to collect information about your use of the Service (including the device data and usage data described above), our communications, and other online services over time and with different browsers and devices. Our advertising partners use that information to show you ads online that they think will interest you and measure the ads’ performance. We may also share individuals’ contact data with our advertising partners to facilitate interest-based advertising on their platforms (e.g., social media platforms) to those individuals or others with similar traits.
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and our business, to develop new products and services, and to train artificial intelligence and machine learning models, except that we do not allow identifiable personal information to be used to train models controlled by third parties. As part of these activities, we may create aggregated, de-identified and/or anonymized data from personal information we collect. We make personal information into de-identified or anonymized data by removing information that makes the data personally identifiable to you. As required by applicable law, we will maintain and use deidentified information in deidentified form and not attempt to reidentify it, except for purposes of testing to ensure that the information has been adequately deidentified. We may use this aggregated, de-identified or otherwise anonymized data and share it with third parties for lawful business purposes.
EA supervision. To the extent permitted by law, we may use your personal information to supervise and monitor our EAs for training purposes, for the compliance and protection purposes described below, and to enable workflow automations. As part of these activities, we and the third-party service providers we work with monitor and record our EAs’ use of their Athena-furnished computers, applications and systems while providing the Service. Please be aware that communications with your EA, as well as your EA’s interactions with your email, calendar and other tools you give your EA access to, are subject to this monitoring and recording.
Compliance and protection. We and our service providers may use your personal information to:
Except as otherwise specified in this Privacy Policy, we may share the categories of personal information listed above with the following parties and as otherwise permitted by law, described in this Privacy Policy or at the time of collection.
Affiliates. We may share personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
Service Providers. We share personal information with third parties that provide services on our behalf or help us operate the Service or our business, such as mail delivery, hosting, information technology, customer support, email delivery, marketing, artificial intelligence, and website analytics. This also includes providers of Athena-provisioned video conferencing platforms and other business applications that EAs use to provide the Service.
Payment Processors. Third party payment processors that collect your payment card data and other transaction data to process your payments for the Service. For example, we may accept payment card payments through Stripe. You can read Stripe’s privacy policy at https://stripe.com/privacy.
Business and marketing partners. Third parties to whom we provide certain personal information or whose products or services may be of interest to you. We do not share EA workflow data described above with these partners.
Advertising partners. Third-party advertising companies may collect, and we may share with them, personal information for the interest-based advertising purposes described above. Their use of personal information is subject to their own privacy policies.
Professional Advisors. We may share your personal information with professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. We may share your personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the Compliance and protection purposes described above or as otherwise permitted by law.
Business transferees. Parties (and their advisors) to business transactions (or negotiations of or due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, us or our affiliates (including, in connection with a bankruptcy or similar proceedings).
Other parties with your consent or at your direction. We may share your personal information for other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.
Privacy rights. Residents of certain jurisdictions can exercise privacy rights with respect to the personal information we hold, as described in the Notice to European Users and State Law Privacy Rights sections below.
Opt-out of direct marketing. You may request to opt-out of marketing emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us with your request. If you choose to opt-out of marketing emails, you may continue to receive marketing emails until your opt-out is processed. If you receive text messages from us, you may opt-out of receiving further text messages from us by replying STOP or CANCEL to our message.
Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, certain features of the Service may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org. You can learn more about Google Analytics, one of the analytics services we use, and how to opt-out of being tracked by Google Analytics, here: https://tools.google.como/dlpage/gaoptout.
Pixels. Most browsers and devices allow you to configure your device to prevent pixel images from loading. To do this, follow the instructions in your browser or device settings.
Targeted ads. You may be able to limit use of your personal information for targeted advertising through the following settings/options/tools:
You will need to apply these opt-out settings on each device and browser from which you wish to limit the use of your personal information for targeted advertising purposes. We cannot offer any assurances as to whether the companies we work with participate in the opt-out programs described above.
Do not track signals. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” signals. To find out more about “Do Not Track,” please visit All About DNT.
The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and online services you use.
We employ technical and organizational safeguards designed to protect the personal information we collect. For more information on our security measures, see https://www.athena.com/security. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.
We retain personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for the compliance and protection purposes described above. Factors determining the appropriate retention period for personal information include the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we process the personal information, whether we can achieve those purposes through other means, and the applicable legal requirements.
When we no longer require the personal information, we have collected about you, we will either delete or anonymize it (so that it is no longer personally identifiable with you) or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will isolate your personal information from any further processing, employing security safeguards designed to protect it until deletion is possible.
We are headquartered in the United States, and we and our service providers may store personal information in and process it from the United States and other countries. These countries may have data protection laws that are not as protective as those where you live.
Our Service is not intended for anyone under the age of 18. If you are a parent or guardian of a child from whom you believe we have collected personal information in a manner prohibited by law, please contact us. If we learn that we have collected personal information through the Service from a child without the consent of the child's parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service or other appropriate means. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Policy indicates your acknowledgment that the modified Privacy Policy applies to your use of the Service and interaction with our business.
If you have any questions or comments concerning this Privacy Policy, please email us at privacy@athena.com.
The information provided in this notice applies only to individuals in the United Kingdom (“UK”), the European Economic Area (“EEA”) and Switzerland (we collectively refer to these countries as “Europe”).
The personal information that we collect from you is identified and described in greater detail in the section of the Privacy Policy entitled Personal information we collect.
Controller. Athena Labs LLC is the controller of your personal information described in this Privacy Policy. See the contact us section above for contact details.
Legal bases for processing. European data protection law requires that we have a “legal basis” for each purpose for which we process your personal information. Depending on the purpose for collecting your information, we may rely on one of the following legal bases:
The table below identifies the legal bases we rely on in respect of the relevant purposes for which we use your personal information. For more information on these purposes and the categories of personal information involved, see the section in the Privacy Policy entitled How we use your personal information.
Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Sensitive personal information. We do not require collection of sensitive or special categories of personal data as defined under European privacy laws (e.g., information related to racial or ethnic origin, political opinions, religious or philosophical beliefs, health, biometrics or genetic characteristic, criminal background, or trade union membership) to provide the Service. However, users may voluntarily provide such data to us. If you provide us with sensitive personal data, you consent to our processing and use of such data in accordance with this Privacy Policy. If you do not consent to our processing and use of sensitive personal data in accordance with this Privacy Policy, do not submit such data to us.
Your rights. European data protection laws give individuals in Europe the following rights regarding their personal information:
Exercising those rights. Some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the personal information or where certain exemptions apply. If we decline your request, we will tell you why, subject to legal restrictions.
To exercise any of these rights, please contact us. We may request specific information from you to help us confirm your identity and process your request.
Your right to lodge a complaint with your supervisory authority. If you are not satisfied with our response to a request you make, or how we process your personal information, you can make a complaint to the data protection regulator in your habitual place of residence.
For users in the EEA: The contact information for the data protection regulator in your place of residence can be found here: https://edpb.europa.eu/about-edpb/board/members_en
For users in the UK: The contact information for the UK data protection regulator is below:
The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow - Cheshire SK9 5AF
Tel. +44 303 123 1113
Website: https://ico.org.uk/make-a-complaint/
International data transfers. We may transfer your personal information to a country outside of Europe that is not recognized as providing an adequate level of protection for personal information by the relevant government body. In these cases, we take appropriate safeguards to ensure your personal information remains protected in accordance with this Privacy Policy and applicable laws by entering into appropriate data transfer mechanism permitted under Article 46 of the GDPR / UK GDPR (as applicable), such as the European Commission's Standard Contractual Clauses or the UK International Data Transfer Addendum (as applicable). A copy of our data transfer mechanism can be provided on request.
This section applies to residents of certain U.S. states with privacy laws applicable to us that grant their residents the rights described below (such laws, the “State Privacy Laws”). If you are not a resident of a state with a State Privacy Law, you may not be able to exercise these rights.
For purposes of this section, “personal information” has the meaning given to “personal data”, “personal information” or similar terms under the State Privacy Laws, but does not include information exempted from such laws.
Your privacy rights. You may have the rights listed below. The rights described below are not absolute, and, in certain cases, we may decline your request as permitted by law or where the laws in your state do not afford you these rights.
How to exercise your rights.
Sensitive Data. With the exception of your payment details described in this Privacy Policy, we do not require you to provide us with data considered “sensitive” under State Privacy Laws. However, it is possible that users may voluntarily provide sensitive data to us. Do not provide us with this sensitive data if you do not consent to our handling of it as described in this Privacy Policy. By providing this sensitive data you affirmatively confirm that you freely give your informed, unambiguous agreement to our use and disclosure of it for the purposes explained or apparent at the time of collection or otherwise as described in this Privacy Policy. You can contact us to revoke this consent at any time but we will not be able to provide services or grant requests that require it.
Additional information for California residents. While you should read this Privacy Policy in its entirety, the following summarizes our practices currently and during the past 12 months regarding the categories of personal information that we collect and how we use them:
If you are a resident of Canada, you have certain rights regarding your personal information under applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial privacy legislation where applicable. These rights include the following:
Right to Access: You have the right to request access to the personal information we hold about you, including information about how we use and disclose it.
Right to Correction: You have the right to challenge the accuracy and completeness of your personal information and request that we correct any information that is inaccurate, incomplete, or outdated. If we make corrections to your personal information, we will also communicate those amendments to any third parties to whom we have disclosed the incorrect information, where appropriate.
Right to Withdraw Consent: If we have requested your consent for the collection, use, or disclosure of your personal information, you may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. Upon withdrawal of consent, we will cease processing your personal information for those purposes, though we may retain certain information where we have a legal obligation or legitimate business purpose to do so.
Right to Request Deletion: You may request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.
Right to File a Complaint: If you have any concerns about our compliance with applicable Canadian privacy laws, you may make a request as set out below. We will address any complaints as appropriate and in accordance with the law. If you believe we have not complied with applicable Canadian privacy laws, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada or your provincial privacy commissioner where applicable.
How to Exercise Your Rights: You can exercise your privacy rights described above and any others under Canadian and provincial privacy laws, by submitting a request to privacy@athena.com. The rights described above are subject to limits and exemptions and in certain cases we may decline your request as permitted by law. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.