Geonode logo

We own the network.Here’s how we run it.

Owning 2.5M residential IPs means owning the responsibility that comes with them.

2.5M owned IPs

online now

195+ countries

USA, Germany, France, ect.

Prices dropped 3x

in last 12 months

Every customer is verified

We don’t sell anonymous access to residential IPs. Every Geonode account goes through Know Your Customer (KYC) verification before accessing the network.

  • Identity

    Government ID or business registration for all accounts

  • Use case

    Every customer describes their intended use. We review before activation.

  • Business entity

    Enterprise accounts require company verification and a named contact.

  • Ongoing monitoring

    Accounts with unusual traffic patterns are flagged for review within 24 hours.

Verified customer section image

What gets rejected:

We decline accounts where the stated use case involves credential stuffing, ad fraud, DDoS, spam, scraping of personal data without legal basis, or any activity that violates our Acceptable Use Policy.

Not every proxy provider does this. We do, because we own the IPs, abuse on our network is abuse of our infrastructure, not someone else’s.

How we prevent misuse

Owning the network means we see everything that runs through it. That’s a responsibility.

Real-time monitoring

Automated traffic analysis flags patterns associated with credential stuffing, brute-force attacks, and spam.

Dedicated abuse team reviews flagged accounts within 4 hours during business hours, 12 hours off-hours.

Accounts confirmed abusing the network are suspended immediately and permanently.

Reporting abuse

Anyone can report suspected abuse at abuse@geonode.com. We investigate every report within 24 hours and respond with an outcome.

We review every report manually
Send a report

Abuse response timeline

We've suspended paying customers for policy violations. Revenue isn't worth the network.

Severity
Detection
Review
Action
critical

DDoS, credential stuffing

Automated, real-time
Immediate
Instant suspension
high

High-volume abuse patterns

Automated, < 1 hour
< 4 hours
Suspension pending review
medium

Policy edge cases

Flagged, < 24 hours
< 48 hours
Warning or restriction

What data we collect. What we don't.

What we collect

Account information (name, email, company, billing)

Usage metadata (bandwidth consumed, connection timestamps, target domains at aggregate level)

Payment information (processed by Stripe - we never store card numbers)

What we do NOT collect

Content of proxied requests or responses

Target page content, scraped data, or downloaded files

Individual URL-level logs beyond aggregate domain statistics

IP-to-user mapping retained beyond 30 days (required for abuse investigation only)

Data retention

Account data Duration of account + 12 months post-deletion

Usage metadata 90 days rolling

Abuse investigation logs 30 days, then purged

Payment records As required by tax law (~7 years)

Your rights (GDPR, CCPA, and equivalents)

Request a copy of all data we hold on you

Request deletion of your account and associated data

Opt out of non-essential communications

Contact us

We comply with GDPR (EU), CCPA (California), LGPD (Brazil), and POPIA (South Africa).
We apply the strictest standard globally - if GDPR requires it, every customer gets it, regardless of location.

Where we are. Where we’re going.

We believe in showing you the real picture - not just the badges we have, but the ones we’re working toward.

Current
GDPR compliance

GDPR compliance

Data processing agreements available on request

CCPA compliance

CCPA compliance

California consumer rights honored for all users

Stripe PCI DSS

Stripe PCI DSS

Payment processing via PCI-compliant Stripe

KYC verification

All accounts verified before network access.

Acceptable Use Policy

Published, enforced, updated quarterly.

In progress
SOC 2 Type II

SOC 2 Type II

Audit preparation underway

ISO 27001

ISO 27001

Scoping phase

CSA STAR Level 1

CSA STAR Level 1

Planned after ISO 27001

We don't have SOC 2 yet. Bright Data does. Oxylabs does.

We're a 22-person team and we're building toward it.

If your procurement requires SOC 2 today, we'll tell you honestly — and we'll tell you the moment we have it.

Where IP comes from

Every IP in the Geonode network is sourced through transparent, consent-based partnerships with ISPs and device networks.

Our sourcing principles

Direct ISP partnerships for residential IP allocation

Clear, informed consent from any device contributing to the network

No bundled SDK models where proxy participation is hidden in unrelated apps

Regular audits of IP source quality and consent compliance

We do not use browser extensions that harvest bandwidth without clear user consent.

We do not purchase traffic from apps that bury proxy consent in Terms of Service.

We do not purchase traffic from apps that bury proxy consent in Terms of Service.

Some competitors’ 100M+ IP pools include traffic from apps where users don’t know they’re part of a proxy network.

Our pool is 2.5M - smaller, but every IP is clean.

FAQ

Not yet. We're targeting SOC 2 Type II completion by Q4 2026. If your procurement requires SOC 2 today, we'll tell you honestly. Contact sales@geonode.com and we'll provide whatever documentation we can in the interim.