Privacy Policy

ISPAgents provides a cloud operations platform for internet service providers and wireless internet service providers ("operators"). This policy explains how we handle personal data for operators, their teams, and prospective customers who interact with our website and product.

Account and contact details (name, work email, company, role), authentication and session data, billing and payment metadata, product usage and audit logs, support communications, and technical data such as IP address, device, and browser information.

When an operator connects RADIUS, MikroTik, TR-069/USP, SNMP, billing, or messaging systems, the platform processes data about that operator’s own subscribers and devices on the operator’s behalf. For this data the operator is the controller and ISPAgents is the processor; we process it only to provide the service and under the operator’s instructions.

To provide, secure, and improve the platform; authenticate users and enforce permissions; calculate billing; prevent abuse and fraud; provide support; comply with legal obligations; and communicate service and product updates. Customer-impacting actions in the product are gated by roles, approvals, and audit trails.

Where applicable law requires a legal basis, we rely on performance of a contract, our legitimate interests in operating and securing the service, consent (where required, for example certain cookies or marketing), and compliance with legal obligations.

We share data with vetted subprocessors that host infrastructure, process payments, deliver email/messaging, and provide analytics and support tooling — each under contractual confidentiality and data-protection terms. We do not sell personal data. We may disclose data where required by law or to protect rights and safety.

We may process data in countries other than where it was collected. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

We retain personal data for as long as needed to provide the service, meet legal and accounting requirements, resolve disputes, and enforce agreements. Audit and security logs are retained for defined periods to support accountability and incident investigation.

We apply role-based access control, least-privilege secret handling, encryption in transit, approval gates on sensitive actions, and audit logging. No system is perfectly secure, but service changes are designed to be previewed, approved, audited, and reversible.

Subject to applicable law, you may request access, correction, deletion, restriction, portability, or objection regarding your personal data, and you may withdraw consent where processing relies on it. End-user (subscriber) requests should be directed to the relevant operator as controller.

We use strictly necessary cookies for authentication and session integrity, and may use limited analytics cookies to understand site usage. You can control non-essential cookies through your browser or any consent controls we provide.

The platform is intended for business use by operators and is not directed to children. We do not knowingly collect personal data from children.

We may update this policy to reflect changes in the service, law, or our practices. Material changes will be signposted, and the “last updated” date above will change.