01Scope of this policy
NOEIN, Inc. ("NOEIN", "we", "us", or "our") operates the website at getnoein.com and the NOEIN platform, the operating system for manufacturing (together, the "Service"). This Privacy Policy explains what information we collect, how we use and protect it, and the choices and rights you have.
This policy covers two kinds of relationship. When you browse our site or request access, NOEIN is the controller of your personal data. When we host and process operational data on behalf of a customer under a commercial agreement, NOEIN acts as a processor, and that data is governed by the agreement and Data Processing Addendum (DPA) with the customer rather than by this policy.
02Information we collect
Information you provide. When you request access, contact us, or create an account, we may collect your name, work email, company, role, phone number, and the contents of your messages or access request (such as the ERP/MES systems you run).
Usage data. We automatically collect technical information about how the Service is accessed — IP address, browser type and version, device identifiers, pages viewed, referring URLs, and timestamps — for security, analytics, and diagnostics.
Customer & industrial data. The platform connects to systems you authorize (e.g. ERP, MES, historians, document stores, vendor email) and processes the operational data they contain on your behalf. We treat this as confidential customer data, process it only to provide the Service, and never sell it.
03How we use information
We use the information we collect to:
- Provide, operate, secure, and improve the Service;
- Review and respond to access requests and support inquiries;
- Surface exceptions, risks, and insights across your connected systems;
- Send service, security, and administrative notices;
- Monitor usage, detect abuse, and prevent or address technical and security issues;
- Comply with legal obligations and enforce our agreements.
Where required by law, we rely on a lawful basis for each use — performance of a contract, our legitimate interests in operating and securing the Service, your consent, or compliance with a legal obligation.
04AI and automated processing
The Service uses large language models to answer questions and surface insights over your connected data. To generate a response, relevant context from your authorized systems may be sent to our AI provider (currently Anthropic's Claude, accessed via Replicate) at the moment of a request.
We do not use your customer or industrial data to train foundation models, and we contract with AI providers that are bound not to train on data submitted through our API access. AI outputs may be inaccurate or incomplete and are decision support, not professional, engineering, financial, or legal advice — see our Terms of Service.
07Data retention
We retain personal data only as long as necessary for the purposes described in this policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Customer data hosted on the platform is retained per the customer agreement and deleted or returned on termination as set out in the DPA. You may request deletion of your personal data as described below.
08Security
We apply commercially reasonable administrative, technical, and organizational safeguards — including encryption in transit, access controls, least-privilege provisioning, and audit logging — designed to protect information against unauthorized access, loss, or misuse. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security. If we become aware of a breach affecting your personal data, we will notify you and the relevant authorities as required by law.
09International data transfers
NOEIN operates from the United States with team members in San Francisco, California and Warsaw, Poland, and uses service providers that may process data in other countries. Where we transfer personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.
10Your privacy rights
Depending on where you live, you may have the right to access, correct, delete, or port your personal data, to object to or restrict certain processing, and to withdraw consent. Residents of California (under the CCPA/CPRA) and the EEA/UK (under the GDPR) have these rights, including the right not to receive discriminatory treatment for exercising them.
To exercise any of these rights, email paritosh@getnoein.com. We will verify your request and respond within the timeframe required by applicable law. If we process data on behalf of a customer, we will refer your request to that customer.
11Children's privacy
The Service is a business product not directed to children, and we do not knowingly collect personal data from anyone under 16. If you believe a child has provided us personal data, contact us and we will delete it.
12Third-party links
The Service may link to sites and services we do not operate. We are not responsible for their content or privacy practices, and we encourage you to review the privacy policy of every site you visit.
13Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version here, update the "Last updated" date above, and, for material changes, provide additional notice (such as by email or a prominent notice in the Service) before the change takes effect.
14Contact us
If you have questions about this Privacy Policy or our data practices, contact us:
- By email: paritosh@getnoein.com
- By visiting: getnoein.com
- NOEIN, Inc. · San Francisco, California, USA