Privacy Policy & DPA

1. Data Controller vs. Data Processor

Under the General Data Protection Regulation (GDPR), Limnu Networks operates primarily as a Data Processor on behalf of our B2B customers (the Data Controllers). Our customers are responsible for obtaining explicit consent from their end-users before adding them as subscribers to Limnu-hosted status pages.

2. What Information We Collect

• Account Information: Names, corporate email addresses, and billing details required to maintain your Limnu Networks workspace.
• Routing Metadata: Delivery timestamps, bounce codes, and IP addresses used strictly for debugging incident delivery latency.
• Content Blindness: We do not index, read, or monetize the payload of your incident alerts. Payload data is processed in memory and encrypted at rest.

3. Sub-Processors & ESP Partners

To achieve our 99.999% SLA and handle burst traffic, Limnu Networks utilizes enterprise-grade sub-processors. By using our service, you acknowledge our use of trusted infrastructure partners including AWS (Amazon Web Services) and Mailgun by Sinch for specific routing tasks. All sub-processors are bound by strict DPA agreements aligning with SOC 2 standards.

4. No Sale of Data

Limnu Networks strictly complies with the CCPA (California Consumer Privacy Act). We have never sold, do not currently sell, and will never sell your Personal Information or your subscribers' Personal Information to third parties.