This Privacy Policy describes how NodeNoise ("we," "us," or "our") collects, uses, and handles information in connection with our honeypot deception platform and related services (the "Service"). By using the Service you agree to the practices described here.
1. Information We Collect
Account information. When you register, we collect your email address and any other information you voluntarily provide (such as your name or organisation).
Honeypot telemetry. The Service captures interaction data generated by third parties who contact your deployed honeypot nodes. This data may include source IP addresses, timestamps, HTTP request paths, headers, submitted credentials, and payload content. This data is collected as part of the core deception and alerting functionality.
Usage and log data. We collect standard server logs, feature usage signals, and error reports to operate and improve the Service.
Cookies and local storage. We use minimal session cookies required for authentication. We do not use tracking or advertising cookies.
2. How We Use Information
- To operate, maintain, and provide the features of the Service
- To deliver security alerts and telemetry to your account
- To communicate with you about your account, updates, and support
- To detect abuse and enforce our Terms of Use
- To improve and develop the Service
3. Data Storage and Security
Your data is stored in cloud-managed infrastructure. We apply industry-standard security measures including encryption at rest and in transit, access controls, and regular security reviews. No security measure is perfect; we cannot guarantee absolute security.
4. Data Sharing
We do not sell your personal data. We may share data with:
- Service providers who assist with hosting, infrastructure, and operations, bound by confidentiality obligations
- Legal authorities when required by applicable law or to protect the rights and safety of us or others
5. Telemetry Data and Third Parties
Interaction data captured by your honeypot nodes (source IPs, payloads, etc.) originates from third parties probing your infrastructure. You are responsible for ensuring your deployment and use of the Service complies with applicable laws in your jurisdiction, including any requirements around capturing and retaining network interaction data.
6. Data Retention
We retain your account data for as long as your account is active. Telemetry data is retained for the period necessary to provide the Service. You may request deletion of your account and associated data at any time by contacting us.
7. Your Rights
Depending on your jurisdiction, you may have rights to access, correct, or delete your personal data. To exercise these rights, contact us at the address below. We will respond within a reasonable timeframe.
8. Children
The Service is intended for security professionals and organisations. We do not knowingly collect data from individuals under the age of 18.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the revised policy with an updated date. Continued use of the Service after changes constitutes acceptance of the revised policy.
10. Contact
If you have questions about this Privacy Policy, please contact us at [email protected].