Privacy Policy

101 Bridges collects information necessary to provide network infrastructure services and maintain our business relationship with you. The categories of information we collect include:

1.1. Information You Provide

• Account information: Name, email address, phone number, company name, job title, and billing address when you create an account or submit a service inquiry
• Payment information: Billing details, payment card information (processed by our PCI-DSS compliant payment processor), bank account details for wire transfers, and tax identification numbers
• Technical information: ASN numbers, IP address ranges, network configuration details, peering preferences, and technical contact information provided during service provisioning
• Support communications: Content of support tickets, NOC communications, emails, and live chat interactions
• Identity verification: Government-issued identification documents where required for IP address allocation or regulatory compliance

1.2. Information Collected Automatically

• Network traffic metadata: Source and destination IP addresses, port numbers, protocol types, packet sizes, and timestamps collected for network management, abuse prevention, and DDoS mitigation purposes. We do not inspect packet payloads.
• Service usage data: Bandwidth consumption, resource utilization, uptime metrics, and service performance data
• Website analytics: IP address, browser type, operating system, referring URLs, pages visited, and interaction data when you visit our website
• Authentication logs: Login timestamps, IP addresses, and session data for security and audit purposes

We use the information we collect for the following purposes:

• Service delivery: Provisioning, configuring, monitoring, and maintaining your network infrastructure services
• Network operations: Managing network performance, routing optimization, capacity planning, and ensuring service availability
• Security and abuse prevention: Detecting and mitigating DDoS attacks, identifying network abuse, preventing unauthorized access, and maintaining the integrity of our infrastructure
• Billing and accounting: Processing payments, generating invoices, managing accounts receivable, and fulfilling tax reporting obligations
• Customer support: Responding to support requests, troubleshooting technical issues, and communicating service-related information
• Legal compliance: Complying with applicable laws, regulations, and legal processes, including responding to lawful data requests from authorities
• Service improvement: Analyzing usage patterns to improve our network, develop new features, and enhance service quality
• Communications: Sending service notifications, maintenance alerts, security advisories, and, with your consent, marketing communications

For individuals in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a legal basis for processing personal data, we rely on the following grounds:

• Performance of a contract: Processing necessary to deliver the Services you have ordered, manage your account, and fulfill our contractual obligations
• Legitimate interests: Processing necessary for our legitimate business interests, including network security, fraud prevention, service optimization, and direct marketing to existing customers, provided these interests are not overridden by your rights and freedoms
• Legal obligation: Processing required to comply with applicable laws, such as tax reporting, responding to lawful government requests, and maintaining records required by telecommunications regulations
• Consent: Where we rely on your consent (such as for marketing communications or non-essential cookies), you may withdraw your consent at any time by contacting us or using the unsubscribe mechanism provided

101 Bridges does not sell your personal data. We share information only in the following circumstances:

• Service providers: With trusted third-party vendors who assist us in operating our business (e.g., payment processors, datacenter operators, support tools), bound by contractual obligations to protect your data
• Network operations partners: With upstream transit providers, peering partners, and Internet Exchange Points (IXPs) to the extent necessary for network routing and connectivity
• Regional Internet Registries: With ARIN, RIPE NCC, and APNIC as required for IP address allocation and management, including WHOIS database entries
• Abuse mitigation: With relevant parties (including other network operators, CERTs, and law enforcement) when necessary to investigate or respond to network abuse, security incidents, or illegal activity
• Legal requirements: When required by law, regulation, legal process, or governmental request
• Business transfers: In connection with a merger, acquisition, reorganization, or sale of assets, in which case your information may be transferred as part of that transaction

5.1. 101 Bridges operates infrastructure in the United States, European Union, and Asia. Your personal data may be transferred to and processed in countries other than your country of residence.

5.2. When we transfer personal data from the EEA, UK, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we implement appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with sub-processors that include equivalent protections
• Transfer Impact Assessments where required by applicable law

5.3. You may request a copy of the safeguards we use for international transfers by contacting us at the address below.

We retain personal data for as long as necessary to fulfill the purposes for which it was collected:

• Account and service data: For the duration of your service agreement plus 12 months following termination
• Billing and financial records: For 7 years to comply with tax and accounting obligations
• Network traffic metadata: For up to 90 days for security and abuse prevention purposes
• Support communications: For 3 years following resolution for quality assurance and dispute resolution
• Authentication logs: For 12 months for security audit purposes
• Website analytics: For 26 months from the date of collection

When retention periods expire, we securely delete or anonymize the data.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete personal data
• Right to erasure: Request deletion of your personal data, subject to legal retention requirements
• Right to restrict processing: Request that we limit how we use your data in certain circumstances
• Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent: Where processing is based on consent, withdraw that consent at any time
• Right to lodge a complaint: File a complaint with your local data protection authority

To exercise any of these rights, contact us at privacy@101bridges.com. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

8.1. Our website uses cookies and similar technologies. Cookies are small text files placed on your device that help us provide and improve our services.

Types of Cookies We Use

• Essential cookies: Required for the website to function, including session management and security features. These cannot be disabled.
• Analytics cookies: Help us understand how visitors interact with our website, enabling us to improve user experience. We use privacy-respecting analytics tools.
• Functional cookies: Remember your preferences and settings to provide a personalized experience (e.g., language, region, dashboard configuration).

8.2. You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

8.3. We do not use third-party advertising or tracking cookies.

9.1. 101 Bridges implements comprehensive security measures to protect personal data, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Multi-factor authentication for administrative access
• Role-based access controls with least-privilege principles
• 24/7 network monitoring and intrusion detection systems
• Physical security controls at all datacenter facilities, including biometric access, CCTV surveillance, and on-site security personnel
• Regular security assessments and penetration testing
• Employee security awareness training

9.2. While we take extensive precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

Our Services are designed for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete such data promptly.

11.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page.

11.2. For material changes, we will notify you by email (using the address associated with your account) or by placing a prominent notice on our website at least 30 days before the changes take effect.

11.3. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

For individuals in the EEA, you also have the right to lodge a complaint with your local supervisory authority. A list of supervisory authorities is available at the European Data Protection Board website.