Privacy Policy
Effective date: July 15, 2026
This Privacy Policy explains how Node Technologies, Inc. ("we," "us") collects, uses, and protects information when you use Fragnet (the "Service"). We are the data controller for account information and the data processor for the schedule files you upload.
1. Information we collect
- Account information โ your name, organization name, email address, and hashed password. If you enable two-factor authentication, we store the associated secret and recovery codes.
- Customer Data โ the schedule files you upload and the analyses generated from them. These belong to you; we process them only to provide the Service.
- Technical & usage data โ IP address, browser type, timestamps, and audit-log entries recording key actions (uploads, analyses) for security and integrity.
2. How we use information
- to provide, operate, and secure the Service;
- to authenticate you and protect your account;
- to maintain an audit trail for security, integrity, and support;
- to communicate with you about your account and service-related notices;
- to comply with legal obligations.
We do not sell your personal information or your Customer Data. Schedule analysis is performed on our servers; your schedule files are not transmitted to third-party services. Optional AI-assisted features are off by default and clearly disclosed before any data is sent.
3. Legal bases (EEA/UK users)
Where the GDPR or UK GDPR applies, we process personal data on the bases of: performance of a contract (providing the Service), our legitimate interests (securing and improving the Service), your consent (where requested), and compliance with legal obligations.
4. Sharing & subprocessors
We share information only with service providers who help us operate the Service (such as hosting and infrastructure providers), under contracts requiring them to protect it. We may disclose information if required by law or to protect the rights, safety, and security of our users and the Service. A current list of subprocessors is available on request.
5. International transfers
We are based in the United States, and information may be processed there. Where we transfer personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as Standard Contractual Clauses.
6. Data retention
We retain account information for as long as your account is active. Customer Data is retained until you delete it or close your account, subject to reasonable backup cycles. Audit logs are retained for a limited period for security and compliance. You may request deletion as described below.
7. Security
We use encryption in transit and at rest, access controls, mandatory-available two-factor authentication, and audit logging. No system is perfectly secure, but we work to protect your information using industry-standard practices.
8. Your rights
Depending on where you live, you may have the right to access, correct, delete, or export your personal data, to object to or restrict certain processing, and to withdraw consent. If you are in California, you have rights under the CCPA/CPRA, including the right to know, delete, correct, and not be discriminated against for exercising your rights; we do not sell or share personal information as defined by those laws. To exercise any right, contact us at privacy@fragnet.io. You may also lodge a complaint with your local data-protection authority.
9. Cookies
We use strictly necessary cookies to keep you signed in and to secure the Service (session and CSRF cookies). We do not use advertising cookies.
10. Children
The Service is not directed to individuals under 16, and we do not knowingly collect their personal data.
11. Changes
We may update this Policy from time to time. We will update the effective date above and, where appropriate, provide additional notice.
12. Contact
Questions or requests: privacy@fragnet.io, Node Technologies, Inc.