NodeFn Inc. (“NodeFn”, “we”, “our”) provides a privacy-first, cookie-free analytics platform. This Privacy Policy explains what we collect, how we use it, and how we safeguard information for visitors to our websites and customers who use our services. We may update this policy over time; material changes will appear here with a new effective date.

1. Scope & Roles

This policy covers data processed in connection with our marketing sites, sign-up pages, and analytics services. For regulatory purposes (e.g., GDPR/CCPA), our customers act as controllers/businesses for their site data and NodeFn acts as a processor/service provider. We process data solely to provide, maintain, secure, and improve the services for our customers. We do not sell or share personal information for cross-context behavioral advertising.

2. Information We Collect

A) Account & Communications

When you join a waitlist, create an account, or contact us, we collect information you provide (e.g., email, name) and related communications.

B) Service Usage (Analytics)

Cookie-free, anonymous analytics. We don’t use cookies for analytics and we don’t collect personal information about your site visitors by default. To group page views from the same visit, we use a short-lived, random session ID that isn’t shared across sites.
Traffic & attribution. Page URL/path, title, referrer, UTM parameters, timestamps; page views and navigation between pages; optional outbound link clicks.
Device/browser basics. Screen size, language, time zone, device type, browser/OS.
Coarse location. City/region/country derived from connection metadata for reporting; we don’t store raw network identifiers in analytics datasets.
Heatmaps (default ON; can be turned OFF). Pointer coordinates (x/y) for clicks and limited hover dwell, sampled at a modest rate. No text, input values, or page HTML/DOM are collected.
Screenshots & AI analysis (server-side; public pages only). To surface issues, optimization opportunities and to explain insights, our servers capture screenshots of publicly accessible pages only.

We do not collect by default: names, emails, passwords, payment details, form contents, keystrokes, page HTML/DOM, session replays, or cross-site identifiers.

3. Cookies & Similar Technologies

Our analytics are cookie-free. Our websites/app may use essential cookies or similar technologies for account sessions and security. Third-party providers used on our sites (e.g., payments, support) may set their own cookies—see their policies for details.

4. How We Use Information

Provide the services and operate account features.
Maintain security and reliability (detect abuse; ensure integrity and availability).
Improve NodeFn (quality, accuracy, performance) using de-identified or aggregate metrics rather than raw site content.
Communicate with you about updates, support, and changes.

5. Sharing

No sale or sharing for advertising.
Service providers (sub-processors). We use reputable providers for hosting, email, payments, and operations under written data-processing terms.
Legal. We may disclose information when required by law or valid legal process.

6. Security, Data Residency & Backups

Encryption: TLS in transit; industry-standard encryption at rest.
Access controls: site- and user-scoped access with account-level permissions; least-privilege infrastructure; MFA for administrative access is rolling out; admin actions logged.
Residency: data is stored and processed in the United States on AWS infrastructure. EU data residency is on our roadmap.
Backups: encrypted backups are retained in our U.S. regions.

7. Retention & Deletion

We retain analytics data to provide the services and for legitimate business needs (for example, year-over-year comparisons). Upon request, we remove account-level data and derived insights, subject to legal obligations and backup cycles.

8. Your Rights & Choices

Depending on your location, you may have rights to access, correct, or delete personal information and to object or restrict certain processing. You can also disable heatmaps for a site at any time. To exercise rights, contact us and we’ll respond in accordance with applicable law.

9. International Transfers

If you are located outside the United States, your information may be processed in the U.S. where our systems are hosted.

10. Children’s Privacy

NodeFn is not intended for children under 13 (or 16 where applicable). We do not knowingly collect such data; if you believe we have, please contact us and we will delete it.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be posted here with an updated effective date.

12. Contact

Privacy & DPA: [email protected] • Security: [email protected] • General: [email protected]