Privacy Policy
Effective date: 11 May 2026
This Privacy Policy explains how Infranode LP ("InfraNodes", "we", "us", or "our") collects, uses, shares, and protects personal data when you visit infranodes.cloud, contact us, request access, or use infrastructure hosting services that we provide under an order, quotation, master services agreement, data processing agreement, or similar written service document.
Infranode LP is the controller for personal data used to operate this website, manage customer accounts, respond to inquiries, provide support, bill customers, protect our network, and handle legal or abuse matters. For customer content hosted on our infrastructure, our customer is usually the controller and InfraNodes acts as processor or service provider under the applicable service agreement and data processing terms.
1. Who we are
Infranode LP
2nd Floor 9 Chapel Place
London
EC2A 3DQ
United Kingdom
Privacy contact: privacy@infranodes.cloud. Security contact: security@infranodes.cloud.
2. Personal data we collect
Website, sales, support, and access requests
- Contact details such as name, work email address, company name, and role if you provide them.
- Inquiry, signup, and support form content, including service interest, support context, and message text.
- Technical information such as IP address, user agent, approximate request time, request URL, security event metadata, and anti-abuse signals.
Customer account and service data
- Account contacts, billing contacts, authorized users, authentication metadata, support tickets, order history, invoices, tax information, and payment status.
- Service metadata such as allocated resources, IP addresses, hostnames, routing configuration, usage metrics, bandwidth, storage, logs, abuse reports, and security alerts.
- Facility access records, visitor coordination details, access approvals, and remote-hands instructions where colocation or facility services are provided.
Customer content
Customer content is data that a customer or its users store, transmit, process, or host using InfraNodes services. We do not decide what personal data a customer places in customer content. Customers are responsible for having the rights, notices, consents, and lawful bases needed for that content.
3. How we collect personal data
- Directly from you when you submit forms, email us, request support, sign an order, or use a customer account.
- Automatically from website requests, infrastructure systems, monitoring tools, security systems, and service logs.
- From customers, authorized users, payment providers, data center partners, network providers, fraud prevention providers, abuse reporters, and public or commercial sources used to verify business information.
4. Why we use personal data and our lawful bases
To respond to inquiries and access requests
We use contact details and message content to respond to sales, support, and signup requests. Our lawful basis is legitimate interests in operating a business-to-business infrastructure service and responding to requests, or taking steps before entering into a contract.
To provide and administer services
We use account, service, usage, support, and billing data to provision services, authenticate users, provide support, manage capacity, issue invoices, collect payments, and communicate about service changes. Our lawful bases are contract, legitimate interests, and legal obligation where tax, accounting, or regulatory records are required.
To secure our website, services, customers, and network
We use request logs, security telemetry, abuse reports, and service metadata to detect, prevent, investigate, and respond to spam, malware, vulnerability exploitation, denial-of-service attacks, unauthorized access, fraud, and violations of our acceptable use rules. Our lawful basis is legitimate interests and, where applicable, legal obligation.
To comply with law and enforce rights
We may use and disclose data where necessary to comply with court orders, lawful requests, sanctions screening, tax rules, network abuse obligations, or to establish, exercise, or defend legal claims. Our lawful bases are legal obligation and legitimate interests.
Marketing communications
We may send business contacts service updates or relevant marketing about InfraNodes services. You can opt out at any time. Where required, we rely on consent; otherwise we rely on legitimate interests for proportionate business-to-business communications.
5. Website forms, signup, and signin placeholders
Sales, support, and signup forms are protected by Cloudflare Turnstile and processed through Cloudflare Pages Functions. Notification email is sent through Resend using server-side secrets.
The public signup form is an access request only. It does not create an account, password, session, customer record, order, or right to use services unless InfraNodes separately confirms terms with you. The public signin page is a placeholder. It always rejects credentials and does not create a session.
6. Cookies and similar technologies
We use technologies that are necessary to deliver and secure the website, including Cloudflare security and Turnstile checks. These help distinguish legitimate visitors from automated abuse.
We do not currently describe this site as using advertising cookies. If we introduce non-essential analytics or advertising cookies, we will update this policy and provide any consent controls required by applicable law.
7. Who we share personal data with
- Hosting, DNS, security, email, monitoring, support, billing, accounting, and payment providers that help us operate the website and services.
- Cloudflare, for Pages hosting, DNS, security services, Turnstile, and related infrastructure functions.
- Resend, for transactional email notifications from website forms and service communications.
- Data center, facility, carrier, IP transit, peering, hardware, and remote-hands providers where needed to deliver infrastructure services.
- Professional advisers, auditors, insurers, banks, payment providers, and debt collection providers where necessary.
- Law enforcement, regulators, courts, rights holders, network operators, or abuse reporters where disclosure is legally required or reasonably necessary to protect customers, our services, or third parties.
- A buyer, investor, or successor if we restructure, merge, sell, or transfer part of our business, subject to appropriate confidentiality and data protection controls.
8. International transfers
We are based in the United Kingdom, but some providers, customers, networks, and support processes may be located in other countries. Where personal data is transferred outside the UK or EEA, we use safeguards such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, EU Standard Contractual Clauses, or another lawful transfer mechanism.
9. Retention
- Website inquiries, signup requests, and general sales correspondence are normally retained for up to 24 months after the last interaction unless a longer period is needed for customer management, security, or legal reasons.
- Customer account, billing, contract, invoice, and tax records are normally retained for the service term and up to seven years afterwards.
- Support tickets, abuse reports, security events, and operational logs are retained for as long as needed to provide support, investigate incidents, protect the network, comply with law, and resolve disputes.
- Customer content is retained for the service term and then deleted or made unavailable according to the applicable service agreement, backup cycles, and lawful preservation requirements.
10. Security
We use technical and organizational measures designed to protect personal data, including access controls, least-privilege administration, monitoring, encrypted transport where supported, provider security controls, operational logging, and incident response procedures. No internet service can be guaranteed secure, so customers must also secure their own systems, credentials, applications, backups, and hosted content.
11. Your rights
Depending on your location and the data involved, you may have rights to be informed, access your personal data, correct inaccurate data, erase data, restrict processing, object to processing, receive portable data, withdraw consent, and complain to a supervisory authority. These rights are not absolute and may depend on the lawful basis, the type of data, and our legal obligations.
To exercise rights, contact privacy@infranodes.cloud. We may need to verify your identity and may ask for information that helps us locate the relevant records. If you are an end user of one of our customers, please contact that customer first because they usually control the relevant customer content.
You can complain to the UK Information Commissioner's Office at ico.org.uk/make-a-complaint/.
12. Children's data
InfraNodes services are intended for business use and are not directed to children. Do not submit personal data about children unless it is necessary for a service relationship and you have the legal authority to do so.
13. Automated decisions
We do not use website form submissions to make decisions that produce legal or similarly significant effects solely by automated means. We may use automated security tools to block or flag spam, abuse, malware, or suspicious access attempts.
14. Changes to this policy
We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new effective date. Material changes may also be notified through customer account contacts or other appropriate channels.