ARRC PRIVACY POLICY
Effective Date: July 6, 2026
Arrc (“Arrc,” “Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information.
This Privacy Policy explains how we collect, use, store, disclose, and protect information when you access or use the Arrc platform, website, applications, products, and services (collectively, the “Services”).
By accessing or using the Services, you are informed of the practices described in this Privacy Policy.
1. INFORMATION WE COLLECT
Account Information
Name;
Email address;
Username;
Password credentials;
Company information;
Subscription details.
User Content and Inputs
Business descriptions;
Marketing preferences;
Persona inputs;
Generated captions and content;
Uploaded content and media;
Scheduling information.
Connected Social Media Information
Account identifiers;
Profile information;
Connected pages or accounts;
Publishing permissions;
Engagement or analytics data.
Usage Information
IP address;
Browser type;
Device information;
Operating system;
Pages visited;
Interactions within the Services;
Usage metrics and diagnostics.
Payment Information
Payments may be processed through third-party payment providers. Arrc does not store full payment card information on its servers.
2. HOW WE USE INFORMATION
Provide and operate the Services;
Generate AI-assisted marketing outputs;
Personalize user experiences;
Improve platform functionality;
Process subscriptions and payments;
Provide customer support;
Monitor platform performance and security;
Communicate updates, notices, and support information;
Comply with legal obligations;
Enforce our Terms of Service.
3. LEGAL BASIS FOR PROCESSING (EEA, UK, AND SWITZERLAND)
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, Arrc processes your personal data only where we have a valid legal basis. The legal bases we rely on include:
Performance of a contract — processing necessary to provide the Services you have requested or to fulfil our obligations under our Terms of Service (e.g., creating your account, processing payments);
Legitimate interests — processing necessary for our legitimate business interests, provided those interests are not overridden by your rights (e.g., improving platform functionality, fraud prevention, security monitoring);
Consent — where you have given us explicit consent to process your information for a specific purpose (e.g., marketing communications). You may withdraw consent at any time without affecting the lawfulness of prior processing;
Legal obligation — processing necessary to comply with applicable law or a legal obligation.
Where we rely on legitimate interests, you have the right to object. Where we rely on consent, withdrawal of consent does not affect processing that took place before the withdrawal.
4. AI-GENERATED CONTENT PROCESSING
Arrc uses artificial intelligence systems to assist users in generating marketing-related content.
The Services may process user-provided information to generate captions, create personas, organize workflows, and improve content suggestions.
Users acknowledge that AI-generated outputs may contain inaccuracies and should be reviewed before publication or use.
Arrc does not use your personal information or user content to train or fine-tune AI models for use by other customers or the general public without your explicit consent. Content you submit may be processed by our AI systems solely to deliver your requested outputs.
5. THIRD-PARTY PLATFORM INTEGRATIONS
Arrc may integrate with the following third-party platforms:
Meta (Facebook, Instagram, Threads);
LinkedIn;
X (formerly Twitter);
TikTok;
Pinterest;
Google;
Apple.
Arrc may access and process information authorized through applicable platform permissions when users connect third-party accounts.
Arrc is not responsible for the privacy practices or policies of third-party services. Users should review the privacy policies of those platforms independently.
6. COOKIES AND TRACKING TECHNOLOGIES
We use cookies and similar tracking technologies to operate and improve the Services. The types of cookies we use include:
Essential cookies — strictly necessary to authenticate users, maintain sessions, and enable core platform functionality. These cannot be disabled without affecting Service operation;
Functional cookies — used to remember your preferences and personalize your experience;
Analytics cookies — used to understand how the Services are used, measure performance, and improve functionality. We may use third-party analytics providers for this purpose;
Security cookies — used to support authentication workflows and protect account integrity.
We obtain consent before setting non-essential cookies where required by applicable law. Users may manage or withdraw cookie preferences through browser settings or our cookie consent tool where available. Please note that disabling certain cookies may affect the functionality of the Services.
7. HOW WE SHARE INFORMATION
Arrc does not sell personal information. We may share information in the following circumstances:
Service providers — third-party vendors supporting platform operations (e.g., hosting, analytics, customer support tools) under data processing agreements that restrict their use of your information;
Payment processors — to facilitate subscription payments;
Connected third-party integrations — only as authorized by users when connecting social media accounts;
Legal requirements — when required by law, regulation, court order, or legal process;
Protection of rights — to protect platform security, our users, or enforce our legal rights;
Business transfers — in connection with a merger, acquisition, or sale of all or part of our business, subject to confidentiality commitments.
A list of our key sub-processors is available upon request by contacting us at the address in Section 15.
8. DATA SECURITY
Arrc implements reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, or misuse.
Security measures may include encrypted transmission (HTTPS), access controls, authentication protections, and secure storage practices.
However, no system can guarantee absolute security. In the event of a personal data breach that is likely to result in a risk to your rights, we will notify affected users and relevant authorities as required by applicable law.
9. DATA RETENTION
Arrc retains personal information for as long as reasonably necessary to:
Provide the Services and maintain your account;
Comply with applicable legal obligations;
Resolve disputes and enforce agreements;
Maintain platform security and integrity.
In general, account information is retained for the duration of your account plus up to three (3) years following account closure, unless a longer retention period is required by law. Aggregated or anonymized data may be retained for longer periods for analytics purposes.
Users may request deletion of certain information as described in Section 10, subject to legal and operational requirements.
10. YOUR RIGHTS AND CHOICES
Depending on your location, you may have some or all of the following rights with respect to your personal information:
Access — the right to request a copy of the personal information we hold about you;
Correction — the right to request correction of inaccurate or incomplete information;
Deletion — the right to request deletion of your personal information, subject to legal retention obligations;
Portability — the right to receive your personal information in a structured, commonly used, machine-readable format and to transmit it to another controller where technically feasible;
Restriction — the right to request that we restrict processing of your personal information in certain circumstances;
Objection — the right to object to processing based on legitimate interests or for direct marketing purposes;
Withdrawal of consent — where processing is based on consent, the right to withdraw consent at any time without affecting the lawfulness of prior processing;
Opt-out of communications — you may unsubscribe from marketing emails at any time using the unsubscribe link in any marketing message or by contacting us directly.
To exercise any of these rights, please contact: privacy@usearrc.com
For account-specific data deletion, additional instructions are available at: privacy@usearrc.com
We will respond to verifiable requests within the timeframe required by applicable law (generally 30 days, extendable by 60 additional days for complex requests). We may need to verify your identity before processing a request. If you believe we have not adequately addressed your request, you have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.
11. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
Right to know — you may request that we disclose the categories and specific pieces of personal information we have collected, the sources, the business purpose, and the categories of third parties with whom we share it;
Right to delete — you may request deletion of personal information we have collected from you, subject to certain exceptions;
Right to correct — you may request correction of inaccurate personal information;
Right to opt out of sale or sharing — Arrc does not sell personal information and does not share personal information for cross-context behavioral advertising without your consent;
Right to limit use of sensitive personal information — you may request that we limit our use of sensitive personal information to what is necessary to provide the Services;
Right to non-discrimination — we will not discriminate against you for exercising any of your CCPA/CPRA rights.
To submit a California privacy request, contact us at privacy@usearrc.com. You may designate an authorized agent to submit requests on your behalf.
12. INTERNATIONAL DATA TRANSFERS
Arrc is based in the United States. If you access the Services from outside the United States, your personal information may be transferred to, stored, and processed in the United States or other jurisdictions where privacy laws may differ from those in your country.
For transfers of personal data from the EEA, UK, or Switzerland to countries not recognized as providing an adequate level of data protection, we rely on appropriate safeguards, which may include:
Standard Contractual Clauses (SCCs) approved by the European Commission;
The UK International Data Transfer Addendum;
Other legally recognized transfer mechanisms.
You may request a copy of the relevant transfer safeguards by contacting us at privacy@usearrc.com.
13. CHILDREN’S PRIVACY
The Services are not directed toward children under the age of thirteen (13). Arrc does not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@usearrc.com.
14. CHANGES TO THIS PRIVACY POLICY
Arrc may update this Privacy Policy from time to time. Updated versions will be posted with a revised effective date. Where changes are material, we will provide notice by email or a prominent notice within the Services prior to the changes taking effect. Continued use of the Services following notice of updates constitutes acknowledgment of the revised Privacy Policy.
15. CONTACT INFORMATION
For privacy-related inquiries, requests, or complaints, contact:
Arrc (privacy@usearrc.com)