URL has been copied successfully!
Blacknode Ltd — eidolonhub.com
Last updated: May 2026
This document provides detailed information about how Blacknode Ltd processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR 2016/679), and the Data Protection Act 2018.
—
1. Data Controller
Blacknode Ltd
Registered in England and Wales
Email: [email protected]
Website: https://eidolonhub.com
Blacknode Ltd is the data controller for all personal data collected through eidolonhub.com and the Eidolon Home AI licensing system.
—
2. Personal data we process
2.1 Account and purchase data
Data Purpose Legal basis Retention
Name Account creation, order fulfilment Contract (Art. 6(1)(b)) 7 years
Email address Account access, license delivery, support Contract (Art. 6(1)(b)) 7 years
Billing address Tax compliance, fraud prevention Legal obligation (Art. 6(1)(c)) 7 years
Order history Account management, support Contract (Art. 6(1)(b)) 7 years
IP address at purchase Fraud prevention Legitimate interests (Art. 6(1)(f)) 2 years
2.2 License and activation data
Data Purpose Legal basis Retention
License key Software activation and validation Contract (Art. 6(1)(b)) License duration + 2 years
Hardware fingerprint Machine-based license enforcement Contract (Art. 6(1)(b)) License duration + 2 years
Activation date and count License compliance Contract (Art. 6(1)(b)) License duration + 2 years
Note on hardware fingerprint: The hardware fingerprint is an anonymised identifier derived from your machine’s hardware components. It is used solely to validate that your license is being used on an authorised machine. It is not used to track your activity, identify you personally, or share your data with third parties.
2.3 Website analytics (consent-based)
Data Purpose Legal basis Retention
Anonymised usage data Website improvement Consent (Art. 6(1)(a)) 26 months
Browser type and OS Compatibility analysis Consent (Art. 6(1)(a)) 26 months
Analytics data is only processed if you have given explicit consent via the cookie banner. You may withdraw consent at any time via the cookie settings link in the footer.
2.4 Support communications
Data Purpose Legal basis Retention
Name and email Identifying and responding to requests Legitimate interests (Art. 6(1)(f)) 3 years from last contact
Technical details shared Resolving support issues Legitimate interests (Art. 6(1)(f)) 3 years from last contact
—
3. Data we do NOT process
Eidolon Home AI software runs entirely on your local hardware. We confirm that we do not collect or process:
Content of your AI conversations
Images, videos, music, or documents you generate
Telemetry or usage statistics from installed software
Keystroke data or screen content
Location data beyond billing address
—
4. Third-party data processors
We use the following third-party processors who may handle your personal data on our behalf. Each processor has been selected for compliance with applicable data protection law.
Stripe Inc.
Purpose: Payment processing
Data processed: Name, email, billing address, payment details
Location: United States (EU-US Data Privacy Framework)
Privacy policy: https://stripe.com/privacy
Cloudflare Inc.
Purpose: CDN, DNS, DDoS protection, license data storage (D1)
Data processed: IP addresses, license keys, activation data
Location: United States and EU (Standard Contractual Clauses)
Privacy policy: https://www.cloudflare.com/privacy/
Google LLC
Purpose: Website analytics (Google Analytics 4) — only if consent given
Data processed: Anonymised usage data, browser information
Location: United States (EU-US Data Privacy Framework)
Privacy policy: https://policies.google.com/privacy
Automattic Inc. (WordPress / WooCommerce)
Purpose: Ecommerce platform, account management
Data processed: Account data, order history
Location: United States (Standard Contractual Clauses)
Privacy policy: https://automattic.com/privacy/
—
5. International data transfers
Some of our data processors operate outside the UK and EU. Where personal data is transferred internationally, we ensure appropriate safeguards are in place:
EU-US Data Privacy Framework (Stripe, Google)
Standard Contractual Clauses (Cloudflare, Automattic)
These mechanisms ensure your data receives equivalent protection to that required under UK/EU law.
—
6. Your rights under UK GDPR and EU GDPR
You have the following rights regarding your personal data:
Right Description
Access (Art. 15) Request a copy of all personal data we hold about you
Rectification (Art. 16) Request correction of inaccurate or incomplete data
Erasure (Art. 17) Request deletion of your data, subject to legal retention obligations
Restriction (Art. 18) Request that we limit how we use your data in certain circumstances
Portability (Art. 20) Receive your data in a structured, machine-readable format
Objection (Art. 21) Object to processing based on legitimate interests
Withdraw consent (Art. 7(3)) Withdraw consent at any time where processing is consent-based
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing your request.
—
7. Right to lodge a complaint
If you believe we have processed your personal data unlawfully or in breach of your rights, you have the right to lodge a complaint with a supervisory authority:
UK residents:
Information Commissioner’s Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113
EU residents:
Your national data protection authority. A list is available at:
https://edpb.europa.eu/about-edpb/about-edpb/members_en
—
8. Automated decision-making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
The hardware fingerprint system makes automated checks to validate license compliance. This is a technical contract enforcement mechanism and does not constitute profiling or automated decision-making under Art. 22 GDPR.
—
9. Data security
We implement the following technical and organisational measures to protect your personal data:
HTTPS/TLS encryption on all website connections
PCI-DSS compliant payment processing via Stripe (we do not store card details)
Cryptographically generated license keys
Access controls limiting who can access personal data internally
Cloudflare security infrastructure protecting our systems
—
10. Changes to this document
We may update this document to reflect changes in our data processing practices or applicable law. The “Last updated” date at the top of this page will be updated accordingly. We encourage you to review this document periodically.
—
11. Contact
For any data protection queries, requests to exercise your rights, or concerns:
Blacknode Ltd
Email: [email protected]
Website: https://eidolonhub.com
We aim to respond to all data protection requests within 30 days.