Privacy Policy
Last updated: July 2, 2026
This Privacy Policy explains how GridNMS LLC ("GridNMS," "we," "us") collects, uses, and shares information in connection with the GridNMS network observability and log-management platform (the "Service") at https://gridnms.io.
GridNMS is a business-to-business product. Most of the data the Service processes is operational data about your networks and systems, which you control. This policy covers both the information we collect about you as a customer ("Account Data") and how we handle the operational data you send us ("Customer Data").
1. Information we collect
Account Data (we are the controller). Information needed to create and manage your account and bill you:
- Identity and contact details: name, email address, company name.
- Authentication data: password (stored only as a salted hash) and, if you enable it,
passkey/WebAuthn public-key credentials and multi-factor settings.
- Billing details: plan, subscription status, and billing contact. Card payments are
processed by Stripe; we do not store full card numbers.
- Communications: messages you send to support.
Customer Data (we are the processor). Operational data you and your collectors send to the Service, which may include:
- Device and infrastructure inventory (hostnames, IP/MAC addresses, interfaces,
topology, vendor/model).
- Performance metrics and telemetry collected from your devices (SNMP, SSH, ICMP).
- Logs and events you forward to the Service (syslog, SNMP traps, application logs),
which may incidentally contain information you choose to log.
- Configuration you create (monitoring packs, detections, retention settings,
notification endpoints).
You decide what Customer Data to send. We process it on your behalf under our Terms of Service and Data Processing Agreement.
Usage and device information (automatic). When you use the web application we collect standard technical data such as IP address, browser/device type, pages viewed, and session cookies needed to keep you signed in. See our Cookie Policy.
2. How we use information
- Provide, operate, secure, and improve the Service.
- Authenticate you and protect against fraud and abuse.
- Process payments and manage subscriptions.
- Send service, security, and administrative messages.
- Provide support and respond to your requests.
- Comply with legal obligations and enforce our agreements.
We do not sell your personal information, and we do not use Customer Data to train machine-learning models for unrelated purposes.
3. How we share information
We share information only as described here:
- Sub-processors / service providers that help us run the Service (hosting,
payments, email). See our current list in Sub-processors. They may process data only on our instructions.
- Legal and safety — when required by law, to respond to lawful requests, or to
protect the rights, safety, and property of GridNMS, our customers, or the public.
- Business transfers — in connection with a merger, acquisition, or sale of assets,
subject to this policy.
4. Where data is stored
The Service is hosted on cloud infrastructure in the United States. If you access the Service from outside the U.S., you understand your data will be processed in the U.S. For customers subject to GDPR/UK GDPR, transfer mechanisms are addressed in the Data Processing Agreement.
5. Data retention
- Account Data is retained for as long as your account is active and for a
reasonable period afterward to meet legal, tax, and accounting obligations.
- Customer Data (logs and metrics) is retained according to the retention settings
you configure in the Service, subject to plan limits. When a retention window expires, data is deleted or moved to cold storage per your configuration. When you delete your account, Customer Data is deleted within a commercially reasonable period, except where retention is legally required.
6. Security
We use technical and organizational measures to protect data, including encryption in transit (TLS), mutual TLS for collector connections, application-layer encryption of sensitive credentials at rest, per-tenant data isolation, and access controls. No method of transmission or storage is 100% secure, but we work to protect your data and to notify affected customers of incidents as required by law.
7. Your rights
Depending on where you live, you may have rights to access, correct, delete, or port your personal information, or to object to or restrict certain processing. To exercise these rights, contact us at privacy@gridnms.io. We will respond as required by applicable law.
- California (CCPA/CPRA): you have rights to know, delete, correct, and opt out of
"sale"/"sharing" (we do not sell or share personal information as defined by the CCPA).
- EEA/UK (GDPR): for Customer Data we act as processor and your data controller (the
customer) directs how the data is handled; for Account Data we are the controller and the rights above apply.
Requests about Customer Data should generally go to the customer who controls it; we will assist that customer as their processor.
8. Children's privacy
The Service is not directed to children under 16 and we do not knowingly collect their personal information.
9. Changes to this policy
We may update this policy from time to time. We will post the updated version here and update the "Last updated" date. Material changes will be communicated as required.
10. Contact
GridNMS LLC 30 N Gould St, Ste R, Sheridan, WY 82801 Privacy questions: privacy@gridnms.io