Privacy Policy

Last updated: April 18, 2026

SafeNode (“we,” “us,” “our”) operates the SafeNode service and related websites. This policy describes what data we collect and how we use it. We only collect data needed to run the service. We do not sell your data and we do not serve ads.

Data we collect

We collect:

  • Account data: Email, name, and password (hashed) when you register; organization name and slug.
  • Product usage: Agents, API keys (stored as hashed values; the full key is shown only once at creation), policy definitions, evaluation requests and responses (action type, payload, context, decision, scores, trace IDs), overrides, and audit events. This data is used to provide the policy firewall, show the decision feed, and maintain an audit trail.
  • Support: If you submit a support or feature request, we store your email, subject, message, and request type.
  • Billing (if applicable): If you subscribe to a paid plan, we use Stripe for payment. We store Stripe customer and subscription identifiers; we do not store full card numbers. See Stripe’s privacy policy for payment data.
  • Technical: Session cookies for logged-in use; logs (e.g. IP, request path) for security and operations. We do not use cookies for advertising or tracking for sale.

Purpose

We use the data above to operate the service (evaluate actions, enforce policies, show the dashboard), provide support, process payments, and improve security and reliability. We do not use your data for advertising or sell it to third parties.

Cookies

We use only functional cookies (e.g. session cookie for login). We do not use advertising or analytics cookies that track you for sale or ads. By using the site you agree to our use of these functional cookies. See our Terms of Service for more.

Retention

We retain account and product data for as long as your account is active. Evaluation and audit data may be retained for the duration of your subscription and for a reasonable period after for compliance and support. You can request deletion of your account and associated data; we will process such requests in line with applicable law.

Your rights

You may request access to, correction of, or deletion of your personal data. Contact us (see below). If you are in the EEA/UK, you have additional rights under GDPR (access, rectification, erasure, restriction, portability, objection). We do not sell personal information; there is no opt-out for “sale” because we do not sell.

Contact

For privacy questions or requests, contact us via the Support page or at the contact details on our website.