Privacy

Privacy Policy

Arc is designed for enterprise deployments with minimal data collection, customer-specific controls, and flexible hosting. This page explains the basic privacy rules we follow for the website, customer onboarding, and Arc deployments.

Last updated March 10, 2026.

Privacy in short

We keep customer environments separated, collect only the data needed to operate, support, and secure Arc, and allow sensitive features like screenshots, analytics, and voice to stay off unless a customer explicitly includes them in a rollout.

What we collect

Basic business contact details when someone books a demo, starts a sales conversation, or becomes an Arc customer.
Customer support, onboarding, and deployment records that are needed to deliver the service.
Conversation history, admin actions, and related audit data if those records are part of the customer’s Arc deployment.
Optional screenshots, voice, login, or analytics data only when those features are deliberately enabled.

How we use it

To provide onboarding, support, deployment management, and customer-requested product functionality.
To protect the service, investigate issues, and maintain a clear audit trail of conversations and assistant actions.
To apply customer-specific feature controls, retention rules, and access policies.
To comply with law, enforce agreements, and respond to security or incident-response requests.

Deployment and processors

Arc can run in several models, including Arc-managed deployments, customer-hosted backends, and on-prem or customer-controlled licensing setups. Because of that, the exact list of processors can vary by deployment.

Website and scheduling: when you book a demo through this site, scheduling details are processed by Cal.com.
Infrastructure and hosting: Arc may use cloud hosting, networking, or storage providers for Arc-managed environments.
Support and communications: Arc may use business tools needed to answer customer requests and manage onboarding.
Model and compute providers: when a customer enables AI processing, Arc may use approved model or compute providers under customer-approved terms and deployment rules.

Retention and zero data retention

Arc’s privacy posture is to minimize retention and keep collection narrow. Customer data is organized so retention, deletion, and customer-specific handling rules can be applied without affecting other tenants.

Arc keeps customers in separate deployment boundaries and only stores the support and onboarding data the customer wants kept.
Optional extras like screenshots and analytics can remain off entirely unless they are explicitly part of the rollout.
Arc’s policy is to use zero-data-retention or no-training AI processing modes where the provider supports them and where they are configured for the deployment.
Arc does not use customer content to train third-party models.

Security and customer control

Arc ships as signed desktop software with controlled updates, allowing customers to approve versions, stage rollouts, or pin known-good releases.
Arc is visible, branded, permission-based, and designed to be reviewed, allowlisted, monitored, and removed by enterprise IT teams.
Arc sits beside the customer’s product rather than being buried inside it, which keeps the assistant layer separate from the core application and lowers integration risk.
Admin access is scoped to each customer, and Arc only appears in the apps and environments the customer has approved.
Customers can centrally pause a deployment, disable a feature, or tighten policy if they need to stop or change behavior quickly.

Questions, deletion requests, and contact

Customers may request details about retention, deletion, or deployment-specific processing through their Arc contact. For website or general privacy questions, contact hello@arc.local.

Read the terms and conditions Book a demo