This Privacy Policy explains how BreaktroughF1 LLP processes data within the LYNX intrusion detection system.
Zero-Knowledge Principle
LYNX is designed to operate without accessing the payload of your network traffic. All detection is based on metadata, timing, and behavioural heuristics.
1. Data Processed by LYNX
When deployed on your network, the LYNX engine processes the following data locally:
Network Metadata
IP addresses, ports, protocol types, and TCP flags processed in memory.
Session Statistics
Byte counts, packet counts, and inter-arrival timing patterns.
Fingerprints
JA4 TLS fingerprints and passive HTTP header characteristics.
Crucially: LYNX never decrypts TLS traffic and never inspects application payloads.
2. Data Sent to BreaktroughF1 LLP
By default, LYNX operates entirely on-premise. The only data transmitted to our servers are:
Licence Validation
RequiredA hardware hash and licence key checked upon service start to verify subscription status.
Federated Learning
OptionalIf enabled, the client sends locally-differentially-private model weight deltas (ε=1.0) to our aggregation server. No raw traffic, IPs, or alerts are included in these updates.
Telemetry
OptionalAnonymous crash reports and performance metrics (e.g., CPU load, memory utilization, drop rates) to help improve software stability.
3. LYNX Web Dashboard
If you use our hosted cloud dashboard to manage your fleet, we process your account information (email, hashed passwords) and the alert metadata forwarded by your LYNX nodes.
4. Data Retention
Local Appliance Retention
Local data on the LYNX appliance (e.g., the ring buffer and session tables) is ephemeral and destroyed continuously. Alert logs are retained locally according to your configured rotation policy.
Cloud Dashboard Retention
Data on the cloud dashboard is retained until you delete your account or explicitly clear your alert history.
5. Your Rights
Under applicable data protection laws, you have the right to access, correct, or delete your personal data. You may exercise these rights directly through the dashboard or by contacting us.