Back to Home

Privacy Policy

Last updated: March 25, 2026

1. Introduction

Tekora NMS (“TekoraOne,” “we,” “us,” or “our”) is a product of Tekora, a SOC 2 Type II compliant managed services company headquartered in Miami, FL. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our network monitoring platform.

2. Information We Collect

Account Information

  • Name, email address, and organization name
  • Billing information (processed securely via Stripe — we never store full card numbers)
  • User roles and permissions within your organization

Network Data

  • Device information (hostnames, IP addresses, SNMP data, interface metrics)
  • Network topology and site information
  • Alert and event logs
  • Performance metrics (bandwidth, latency, uptime)

Usage Data

  • Browser type, IP address, and access timestamps
  • Feature usage and interaction data
  • Audit logs of administrative actions

3. How We Use Your Information

  • To provide and maintain the Tekora NMS platform
  • To process your subscription and billing
  • To send alerts, notifications, and service communications
  • To improve our platform and develop new features
  • To provide technical support
  • To comply with legal obligations
  • To detect and prevent security threats

4. Data Protection & Security

As a product of a SOC 2 Type II compliant organization, we implement rigorous security controls:

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls with role-based authentication (RBAC)
  • Regular security audits and penetration testing
  • 24/7 security operations center (SOC) monitoring
  • Credential vault with encrypted storage for SNMP and device credentials
  • API access secured with SHA-256 hashed keys and rate limiting
  • Comprehensive audit logging of all administrative actions

5. Data Retention

We retain your data according to your subscription plan:

  • Free plan: 7-day metric retention
  • Starter plan: 30-day metric retention
  • Pro plan: 90-day metric retention
  • Enterprise plan: 365-day metric retention

Account data is retained for the duration of your subscription. Upon account deletion, all personal data is permanently removed within 30 days. Anonymized usage statistics may be retained for analytics.

6. Data Breach Response

In the unlikely event of a data breach, we follow a strict incident response plan:

  • Immediate containment — Our 24/7 SOC team isolates affected systems within minutes of detection
  • 72-hour notification — Affected users and relevant authorities are notified within 72 hours of confirmed breach (per GDPR requirements)
  • Full investigation — A thorough forensic analysis is conducted to determine scope and root cause
  • Remediation — Vulnerabilities are patched and additional controls are implemented to prevent recurrence
  • Transparency report — A post-incident report is provided to affected customers detailing what happened, what data was affected, and what steps were taken

7. Your Rights (GDPR & CCPA)

Depending on your location, you have the following rights regarding your personal data:

GDPR Rights (EU/EEA Residents)

  • Right to Access — Request a copy of all personal data we hold about you
  • Right to Rectification — Request correction of inaccurate data
  • Right to Erasure — Request deletion of your personal data (“right to be forgotten”)
  • Right to Data Portability — Receive your data in a machine-readable format
  • Right to Object — Object to processing of your data for certain purposes
  • Right to Restrict Processing — Request limitation on how we process your data

CCPA Rights (California Residents)

  • Right to Know — What personal information we collect and how it is used
  • Right to Delete — Request deletion of personal information
  • Right to Opt-Out — Opt out of the sale of personal information (we do not sell personal data)
  • Right to Non-Discrimination — You will not be penalized for exercising your rights

To exercise any of these rights, contact us at [email protected]. We will respond to all requests within 30 days.

8. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — Payment processing (PCI DSS Level 1 compliant)
  • Postmark — Transactional email delivery
  • Slack & Microsoft Teams — Alert notifications (when configured by customer)

We do not sell, rent, or trade your personal information to any third parties.

9. White-Label & Custom Branding

Enterprise customers can customize the platform with their own business name, logos, and branding. When white-label branding is enabled, your customers interact with the platform under your brand identity. All data privacy obligations and protections described in this policy continue to apply regardless of branding customization.

10. Cookies

We use essential cookies required for authentication and session management. We do not use advertising or tracking cookies. Our cookies are:

  • Session cookies — Required for login and authentication
  • Preference cookies — Store your dashboard preferences and settings

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email and by posting the updated policy on this page with a revised “Last updated” date.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Tekora

1221 Brickell Ave, Suite 900

Miami, FL 33131

Email: [email protected]

General: [email protected]

Phone: +1 (305) 874-0177