n0limit, Inc. ("n0limit," "we," "us") operates the n0limit platform — a machine-speed security operations product that investigates alerts, produces verdicts, and surfaces containment recommendations for security teams. This policy explains what information we collect, why we collect it, and how we handle it.
We process only what is necessary to deliver the product. We do not sell data. We do not use customer security telemetry for product development, model training, or any purpose other than delivering the contracted service.
| Category | Examples | Purpose |
|---|---|---|
| Account data | Name, work email, job title, company name | Account creation, authentication, billing, support |
| Usage and telemetry | Feature interactions, API call volumes, error rates | Platform reliability, capacity planning, product improvement |
| Security telemetry (customer data) | Alerts, logs, SIEM events, EDR signals ingested from your environment | Investigation and verdict generation — your data, processed on your behalf |
| Communication data | Emails, support tickets, chat logs | Customer support, responding to inquiries |
| Technical data | IP address, browser type, session identifiers, log timestamps | Security, fraud prevention, debugging |
Where the GDPR applies, we process personal data on the following legal bases:
We do not sell personal data. We share information only in the following circumstances:
Customer security telemetry is never shared with any third party except as strictly necessary to operate the infrastructure that processes it on your behalf.
We retain account and usage data for the duration of your subscription and for up to 90 days after termination, unless a longer period is required by law or unless you request earlier deletion.
Security telemetry (logs and events ingested from your environment) is retained for the period specified in your subscription agreement — typically 90 days for active investigations — and deleted upon contract termination unless you elect extended retention.
n0limit is headquartered in the United States. If you are located in the European Economic Area, United Kingdom, or Switzerland, your personal data may be transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission where required. A Data Processing Agreement (DPA) is available for enterprise customers — request one at legal@n0limit.com.
Depending on your location, you may have the right to:
To exercise any of these rights, email privacy@n0limit.com. We respond within 30 days. We may need to verify your identity before acting on a request.
We apply technical and organizational safeguards appropriate to the sensitivity of the data we process — including encryption in transit and at rest, access controls, audit logging on all data access, and independent security assessments. For more detail on our security posture, see our security page.
The n0limit marketing site uses a minimal set of cookies:
The n0limit platform application does not use advertising or behavioral tracking cookies.
The n0limit platform is intended solely for enterprise security professionals. We do not knowingly collect personal data from individuals under 18. If you believe we have inadvertently collected such data, contact us at privacy@n0limit.com and we will delete it promptly.
We may update this policy periodically. When we make material changes, we will notify account holders by email and update the effective date at the top of this page. Continued use of the platform after the effective date constitutes acceptance of the updated policy.
Questions about this policy or your data:
EU/UK residents may also lodge a complaint with your local supervisory authority.