Netnounce Logo
NETNOUNCE
LEGAL / PRIVACY

Privacy Policy

Last Updated: October 24, 2023

Data Minimization Principle

NETNOUNCE is an infrastructure utility. We are interested in routing packets, not inspecting them. We do not perform Deep Packet Inspection (DPI) for commercial purposes or monetization.

1. Information We Collect

We collect information necessary to provision network resources and comply with regulatory mandates:

  • Business Identity: Incorporation documents, GST/Tax IDs, and authorized signatory details (KYC).
  • Network Data: BGP session logs, NetFlow/IPFIX data (source/destination IP, ports, protocol), and routing table announcements.
  • Access Logs: IP addresses used to access our customer portal and API.

2. Mandatory Log Retention (CERT-In)

To comply with the Cyber Security Directions (No. 20(3)/2022-CERT-In), we are legally required to retain the following for a period of 5 years:

Subscriber Info
Allocation timestamps & ownership
System Logs
Access logs & authentication events

3. Data Disclosure

We do not sell data to third parties. We only disclose data in the following circumstances:

  • To Law Enforcement Agencies (LEAs) upon receipt of a valid warrant or court order.
  • To Upstream Carriers (Tier-1 providers) solely for the purpose of debugging routing loops or DDoS mitigation.
  • To Internet Registries (RIPE/ARIN/APNIC) for WHOIS directory updates as per global policy.

4. Security Measures

All customer data is stored on encrypted volumes (AES-256). Access to PII is restricted to authorized personnel via hardware 2FA.