1. Overview

This Privacy Policy describes how Netallion collects, uses, discloses, stores, and protects personal information when providing the Services.

2. Personal information we collect

We may collect:

Account information: name, email, organization, role, authentication settings.
Security and access information: login timestamps, IP addresses, device/session identifiers, audit events.
Support information: ticket content, attachments, and communications.
Billing information: subscription status, invoices, IDs, payment status. (Payment card details are processed by our payment provider; we do not store full card numbers.)

3. How we use personal information

We use personal information to:

create and manage accounts,
authenticate users and enforce access controls,
operate and secure the Services,
provide support and communicate service updates,
prevent fraud and investigate abuse,
comply with legal obligations.

4. Customer Data and confidentiality

Customer Data may include sensitive information related to infrastructure and security posture. We process Customer Data to deliver the Services and apply measures intended to maintain tenant isolation and confidentiality.

5. Sharing and disclosure

We may share personal information:

with service providers and subprocessors supporting delivery of the Services (e.g., hosting, email delivery, payment processing), under contractual confidentiality and security obligations;
where required by law or necessary to protect rights, safety, or integrity of the Services.

We do not sell personal information.

6. International transfers

Your information may be processed in countries other than New Zealand depending on infrastructure locations and service providers. We take reasonable steps to maintain appropriate protections.

7. Data retention

We retain personal information only for as long as necessary for legitimate business, security, support, and legal purposes. See Data Retention & Deletion Policy for category-level retention.

8. Access, correction, and complaints

You may request access to or correction of your personal information. If you have a complaint, contact us and we will respond within a reasonable time.

9. Security

We use reasonable administrative, technical, and organizational measures to protect personal information. No method of transmission or storage is 100% secure.

10. Contact

Privacy and support requests: [email protected]
Security disclosures: [email protected]