Privacy Policy
Last Updated: Aug 5, 2025
1. Controller
Netti, LLC (“Netti,” “we,” “us,” “our”) is the data controller.
Address: 1001 Bishop St., Honolulu, HI 96813, United States.
Contact: privacy@netti.io.
2. Information We Collect
| Category | Examples | Source |
|---|---|---|
| Account Data | name, email, business address, phone, billing contact | provided by Client |
| Payment Data | last-four card digits, Stripe token, ACH details | Stripe |
| Project Data | process maps, prompt files, credentials, logs, KPI dashboards | provided by Client or generated during Services |
| Usage Data | IP address, browser type, pages viewed, time stamps, error logs | automatic |
| Cookie and Similar | session cookie, analytics cookie, preference cookie | automatic |
3. Purpose and Legal Basis
| Purpose | Legal Basis (GDPR) |
|---|---|
| Perform contractual obligations, deliver Services | Art. 6 (1)(b) Contract |
| Invoice, collect payments, fraud prevention | Art. 6 (1)(b) Contract / (f) Legitimate interest |
| Provide support, monitoring, incident alerts | Art. 6 (1)(b) Contract |
| Improve and secure Services, analytics | Art. 6 (1)(f) Legitimate interest |
| Send marketing with consent | Art. 6 (1)(a) Consent |
| Comply with legal obligations | Art. 6 (1)(c) Legal obligation |
4. Sub-Processors
| Provider | Location | Purpose |
|---|---|---|
| Stripe, Inc. | USA | payment processing |
| Google Workspace / Google Cloud / Looker Studio | USA | email, file storage, dashboards |
| Make.com (Celonis SE) | EU/USA | workflow execution |
| n8n self-host / Vercel Inc. | USA | workflow execution |
| Slack Technologies LLC | USA | team communications |
| Keeper Security, Inc. | USA | credential vault |
Netti updates this list at netti.io/legal/privacy. Continued use after an update constitutes acceptance.
5. Retention
- Project Data and credentials: stored for the term of the contract plus thirty (30) days, then deleted.
- Account and billing records: retained seven (7) years for tax and audit.
- Usage logs: retained for ninety (90) days, then aggregated or deleted.
6. Security Measures
- TLS 1.2+ in transit; AES-256 at rest where supported.
- Role-based access control; multi-factor authentication for all privileged accounts.
- Quarterly credential rotation and penetration testing.
- Incident-response plan with 72-hour breach notice.
7. Your Rights
Subject to law, you may request access, rectification, deletion, restriction, portability, or objection. Submit requests to privacy@netti.io. We respond within thirty (30) days. You may lodge a complaint with a supervisory authority.
8. International Transfers
Data may be processed in the United States and other jurisdictions where sub-processors operate. Standard Contractual Clauses or equivalent safeguards apply to transfers from the EEA, UK, or Switzerland.
9. Cookies
We use essential cookies for site operation and analytics cookies for aggregated statistics. Configure browser settings to block non-essential cookies. Blocking may impair site functionality.
10. SMS Data
If you opt in to SMS messages, we store your mobile number, opt-in time stamp, and message history. Reply STOP to cancel, HELP for help. Message frequency varies. Rates may apply.
11. Children
Services are directed to persons eighteen (18) years or older. We do not knowingly collect data from minors. If we learn we hold such data, we delete it.
12. Changes
We may modify this Policy with thirty (30) days’ email notice. Continued use after the effective date constitutes acceptance.
13. Contact
Netti, LLC
1001 Bishop St. #2684, Honolulu, HI 96813, USA
privacy@netti.io