Privacy policy for ArcRadius

Our Commitment to Your Privacy: We are committed to protecting your privacy and personal information. All phone numbers and personally identifiable information are stored using industry-standard encryption and are never shared, sold, or rented to third parties.

1. Introduction

This Privacy Policy explains how we collect, use, store, and protect your information when you use our SMS/MMS-based collaborative timeline service. By using the service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

  • Phone Number: Collected when you send your first submission to our service

  • Content Submissions: Images, text, and links you send via SMS/MMS

  • Message Metadata: Timestamps of when submissions are sent

2.2 Automatically Collected Information

  • Technical Data: Device type, carrier information (provided by SMS gateway)

  • Usage Data: Frequency of submissions, timeline access patterns

  • Service Logs: System logs for debugging and security purposes

2.3 Information We Do NOT Collect

  • We do not collect your name unless you include it in your submissions

  • We do not track your location beyond what your carrier provides

  • We do not access your contact list or other phone data

  • We do not use cookies or tracking pixels (this is an SMS-based service)

3. How We Protect Your Information

Encryption and Security:

  • Phone numbers are stored encrypted at rest using AES-256 encryption or equivalent industry-standard encryption

  • All personally identifiable information (PII) is encrypted in our databases

  • Data transmission occurs over secure, encrypted channels (TLS/SSL)

  • Access controls limit who can view or access stored phone numbers

  • Regular security audits are performed to ensure data protection

Additional Security Measures:

  • Secure server infrastructure with firewalls and intrusion detection

  • Regular software updates and security patches

  • Minimal data retention (see Section 7)

  • Employee access restricted on a need-to-know basis

  • No unencrypted backups of PII

4. How We Use Your Information

We use your information solely for the following purposes:

  • Service Delivery: To send you daily timeline links when you submit content

  • Content Display: To compile and display your submissions in the collective timeline

  • Communication: To send you service-related messages (opt-in confirmation, daily links)

  • Service Improvement: To analyze usage patterns and improve the service (in aggregate, anonymized form)

  • Security: To detect and prevent fraud, abuse, or technical issues

  • Legal Compliance: To comply with applicable laws and regulations

We do NOT use your information for:

  • Marketing or promotional purposes (beyond the service itself)

  • Selling or renting to third parties

  • Building advertising profiles

  • Sharing with data brokers

5. Information Sharing and Disclosure

5.1 We Do NOT Sell or Rent Your Information

We will never sell, rent, or trade your personal information, including your phone number, to third parties.

5.2 Service Providers

We may share information with trusted service providers who help us operate the service:

  • SMS Gateway Provider (Twilio): Necessary to send and receive messages

  • Cloud Hosting Provider: For secure data storage and service operation

  • Security Services: For fraud detection and prevention

All service providers are contractually obligated to protect your information and may only use it to provide services to us.

5.3 Content Visibility

Content you submit (images, text, links) is visible to other participants in the daily timeline. However, your phone number is never displayed or shared with other users.

5.4 Legal Requirements

We may disclose information if required by law, such as:

  • In response to valid legal process (subpoena, court order)

  • To protect the rights, property, or safety of our service, users, or the public

  • To investigate potential violations of our Terms of Service

  • In connection with a merger, acquisition, or sale of assets (with notice to users)

6. Timeline URL Access and Privacy

  • Unique URLs: Each daily timeline has a unique, hard-to-guess URL

  • Time-Limited: URLs expire after [24-72 hours, specify your timeframe]

  • Shared Access: Anyone with the URL can view the timeline during the active period

  • No Attribution: Submissions are displayed without identifying the submitter's phone number

7. Data Retention

We retain your information only as long as necessary to provide the service:

  • Active Users: Phone numbers retained while you actively use the service

  • Submitted Content: Stored for [specify period, e.g., 30 days] after timeline creation

  • Expired Timelines: Content and associated data deleted after expiration

  • Opted-Out Users: Phone number encrypted and marked for deletion within 30 days

  • Logs: System logs retained for up to 90 days for security purposes

After retention periods expire, data is permanently deleted from our systems and backups.

8. Your Rights and Choices

8.1 Opt-Out

You may opt out at any time by:

  • Replying STOP to any message from our service

  • Contacting us directly (see Section 13)

  • Simply not submitting content (you'll receive no messages)

8.2 Data Access and Deletion

You have the right to:

  • Access: Request a copy of your personal information we store

  • Correction: Request correction of inaccurate information

  • Deletion: Request deletion of your personal information

  • Portability: Request your data in a machine-readable format

To exercise these rights, contact us using the information in Section 13. We will respond within 30 days.

8.3 Do Not Sell My Personal Information

We do not sell personal information. If you wish to formally opt out of any potential future sales (though we have no plans to do so), contact us.

9. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately and we will delete it.

Users between 13 and 18 must have parental or guardian consent to use the service.

10. Third-Party Services

SMS Gateway (Twilio): We use Twilio to send and receive SMS/MMS messages. Twilio's privacy policy applies to their handling of message transmission. View Twilio's privacy policy at: https://www.twilio.com/legal/privacy

Links in Submissions: Users may submit links to third-party websites. We are not responsible for the privacy practices of external sites.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that any such transfers comply with applicable data protection laws and that your information receives adequate protection.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:

  • Sending an SMS message to active users

  • Updating the "Last Updated" date at the top of this policy

  • Posting a notice on our service

Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: joachim@ansible-arc.com

We will respond to your inquiry within 30 days.

14. State-Specific Privacy Rights

14.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected

  • Right to know if personal information is sold or disclosed

  • Right to opt out of the sale of personal information (we don't sell)

  • Right to deletion of personal information

  • Right to non-discrimination for exercising CCPA rights

14.2 Other States

Residents of Virginia, Colorado, Connecticut, and other states with privacy laws have similar rights. Contact us to exercise your rights.

15. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of discovering the breach

  • Describe the nature of the breach and data affected

  • Explain steps we're taking to address the breach

  • Provide guidance on protecting yourself

  • Comply with all applicable data breach notification laws

16. Your Consent

By using our service, you consent to this Privacy Policy and our collection, use, and protection of your information as described herein.