This article will help you:
Understand the data privacy and password policies for Atrius
Understand how we protect your information
Request that we update or delete the information we maintain about you
Security policy
Applications access
Atrius supports access controls for buildings and organizations via User Management, and apps and settings via Permission Sets. It is up to Administrator users to determine the desired authorization levels for users of your buildings, apps, and settings.
Administrators must also determine password strength and related policies for access to your applications.
Data systems access
Customer data resides on Atrius systems only after customer authorization. We never disclose, share, or discuss your data outside of Atrius without your authorization. All access to Atrius is over HTTPS, ensuring security and privacy of the data.
Access to Atrius applications that are capable of manipulating data require authentication and authorization. We assume that you will not share login information with others because your login information represents your identity. All user actions that manipulate data are logged in an Audit Trail, and the user associated with those actions is responsible for the result.
Privacy policy
Atrius stores cookies on your computer. These cookies are used to collect information about how you interact with the website and allow us to remember you.
For instance, we may log environmental variables, such as browser type, operating system, web activity (referring or exit webpages), and the Internet Protocol (IP) address of your computer. We do not match this information with any other information held by Atrius, unless we have your authorization. We reserve the right to disable or terminate access to any IP address at any time.
Primarily, we use the information we collect from you to provide, maintain, and improve our existing products and services as well as to develop new ones. Additionally, if we state that we are collecting information for a specific purpose, and you provide us with information, we will use it for that specific purpose.
User analytics
Atrius gives users control over whether and how they are tracked. Administrator users may specify the default organization-wide tracking setting on Organization Settings, while individual users may specify their own tracking setting on their User Profile, which overrides the organization-wide setting. Go to the User analytics field on these pages.
Users may select one of the following options:
Selection | Description |
Enabled & anonymized | My activity may be tracked anonymously via third-party tools for the purpose of making product improvements. |
Enabled | My activity may be tracked via third-party tools for the purpose of making product improvements. |
Disabled | My activity will not be tracked. |
GDPR compliance
Atrius complies with General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) directives as a software vendor operating in the European Union and State of California.
We have a process to make it easy for you to request that we update or delete the information we maintain about you, or that we change how we use the information we have about you. The following requested actions are available on our Exercise My Rights form:
What data do you have about me: Select this if you want to know what personal information we have in our systems.
Update my data: Select this if you want to change the personal information we have in our systems.
Delete my data: Select this if you want to delete the personal information we have in our systems.
Do not share my data: Select this if you do not want Acuity to share your personal information we have in our systems.
📘 Learn more about privacy
We are committed to respecting your online privacy. Please see our Privacy Policy for more information.
Go to Exercise My Rights to submit a request that we update or delete the information we maintain about you.
Password policy
Does Atrius support single sign-on?
Yes. Single Sign-On (SSO) integration requires additional subscription and set-up fees. To learn more, contact Customer Support.
What is your password strength policy?
The rules and considerations related to passwords for application access are the responsibility of the organization entitled to access for the application. Atrius requires the following:
Password must not be the same as the username
Password must include at least 3 of the following: 1 number, 1 special character (!@#$%^&*_+), 1 upper case letter, 1 lower case letter
Password must be at least 8 characters long
Password must be unique for at least the past 13 passwords
Account is locked for 30 minutes after 5 login attempts
What is your password lifecycle policy?
We recommend that you use SSO for sophisticated password expiration options.
Can Atrius be integrated with Active Directory?
Yes. Atrius supports SAML 2-based Okta integration, which can be integrated with Active Directory.
Can Atrius be integrated with custom authentication and authorization systems?
Atrius supports SAML 2-based Okta integrations. Atrius does not support non-Okta SAML directly. If you use LDAP or Active Directory, but don't already use Okta, your IT team would have to enable an Okta integration, become an Okta administrator, and enable the supported Atrius Okta integration for access for specific users. This would enable SSO into Atrius while maintaining control over identity management.