Privacy

A plain-language summary of how CustomerNode handles personal data. For the formal legal documents, use the links below. For a per-tenant data agreement, see the Data Processing Addendum.

What we collect

Two broad categories: (1) account data we collect to operate the service — name, email, organization, authentication metadata; and (2) customer data that tenants and their users upload into the platform to do their work. The Customer (tenant) acts as Controller of customer data; CustomerNode acts as Processor.

International transfers

Production data is currently stored in the United States. Where data originates in the EEA and is transferred outside it, we rely on Standard Contractual Clauses approved by the European Commission, as detailed in Section 11 of the DPA. We do not currently offer contractually committed in-region residency for the EU/EEA.

Retention

Customer data is retained for the duration of the service agreement. On termination or written request, CustomerNode deletes or returns customer data within a commercially reasonable period, except where applicable law requires continued retention. Tenant administrators and individual users can also delete data through the platform at any time.

Cookies

The CustomerNode site uses cookies for session management, theme preference, and basic analytics. Cookie behavior can be managed through your browser. We do not sell personal information to third parties for advertising purposes.

Data subject requests

Individuals may exercise access, rectification, erasure, restriction, portability, and objection rights as provided by applicable law. Requests can be initiated through the data deletion request form or by emailing [email protected]. Where CustomerNode is the Processor, we route the request to the relevant Controller (the tenant) and assist as described in the DPA.