Founding Partner Cohort — 40% pre-launch pricing for 12 months (20 max)Click Here
How It WorksPlatformsPricingInsights
Sign InGet Started

PRIVACY POLICY

Effective Date: April 1, 2026 Last Updated: April 1, 2026

Arccore LLC | privacy@platformpolicy.com | 8 The Green, Suite G, Dover, DE 19901, United States

1. WHAT WE COLLECT

1.1. Account details: name, work email, company name, title.

1.2. Coverage preferences: which platforms you select. Treated as strictly confidential per MIA §5.3. For California residents: the B2B personal information exemption under CCPA expired January 1, 2023. Accordingly, personal information of individual Authorized Users who are California residents — including names and email addresses provided in a business context — is subject to the full scope of CCPA/CPRA rights described in Section 6 of this Policy.

1.3. Payment information: handled by our third-party processor. We never store your full card number. We retain transaction records for legal and accounting purposes.

1.4. Usage data: login times, Signals opened, dashboard clicks, delivery settings.

1.5. Technical data: IP address, browser, device, OS, referring URL.

1.6. Correspondence: support tickets, form submissions, email exchanges.

1.7. Automated processing data: outputs of automated change-detection systems used to generate Signals, including internal classification scores. This data is not shared with clients or third parties and is used only to improve detection quality.

2. HOW WE USE IT

We use your information to: deliver Intelligence Signals to your endpoints; tailor Signal relevance to your coverage; process payments; improve the platform using aggregated, anonymized patterns; send service and security notices; respond to your inquiries; detect fraud; and meet legal obligations. We do not sell your data. We do not use it for third-party advertising.

3. WE DO NOT SHARE WITH COVERED PLATFORMS

This is our most important commitment. We will never tell Stripe, PayPal, Apple, Google, Amazon, or any Covered Platform that you are our client. We will never share your name, email, company, or coverage preferences with any platform we monitor. Access to client risk profiles is restricted to team members who genuinely require it for service delivery. This commitment is permanent and survives the end of your Subscription.

4. THIRD-PARTY SERVICE PROVIDERS

We work with a limited number of vendors for hosting, email delivery, payments, security, and analytics. Each is bound by a data processing agreement, prohibited from sharing your data with any Covered Platform, required to maintain appropriate security measures, and prohibited from processing your data for any purpose other than delivering services to us. Sub-processors are subject to equivalent contractual restrictions.

5. RETENTION

  • Account and billing records: active period plus 3 years.
  • Usage and technical data: active period plus 12 months.
  • Support correspondence: active period plus 2 years.
  • Signal receipt history and coverage preferences: retained per the indefinite confidentiality obligation in MIA §5.3; deleted upon verified written deletion request unless retention is required by law.

Request early deletion: privacy@platformpolicy.com. We will accommodate to the extent our legal obligations allow.

5.1. DATA BREACH NOTIFICATION

If we become aware of a security incident affecting your Personal Information, we will notify you without undue delay and in any event within 72 hours of becoming aware of the breach, to the extent required by applicable law. Notification will be sent to your account email address.

6. YOUR RIGHTS

Submit a verifiable request to privacy@platformpolicy.com. We respond within 45 days (extendable 45 days with notice).

6.1. All U.S. residents: access, correction, deletion, portability, and opt-out of marketing.

6.2. California (CCPA/CPRA): right to know categories collected; right to delete; right to correct; right to opt out of sale or sharing (we do neither); right to limit sensitive PI use. We maintain a "Do Not Sell or Share My Personal Information" page at platformpolicy.com/privacy — this page exists and is functional as of the effective date of this Policy. We will not discriminate against you for exercising rights. Note: the B2B personal information exemption expired January 1, 2023; individual Authorized Users who are California residents have full CCPA/CPRA rights.

6.3. Other U.S. states. Residents of the following states have equivalent privacy rights (access, correction, deletion, portability, opt-out of sale/sharing) under applicable state law: Virginia (VCDPA, effective Jan. 1, 2023); Colorado (CPA, effective July 1, 2023); Connecticut (CTDPA, effective July 1, 2023); Texas (TDPSA, effective July 1, 2024); Oregon (OCPA, effective July 1, 2024); Montana (CDPA, effective Oct. 1, 2024); Washington (My Health MY Data Act, effective March 31, 2024, for health data); New Hampshire (NHPA, effective Jan. 1, 2025); New Jersey (NJDPA, effective Jan. 15, 2025); Maryland (MODPA, effective Oct. 1, 2025); Delaware (DPDPA); Nevada (SB 220 opt-out of sale); Iowa (ICDPA, effective January 1, 2025); Indiana (INCDPA, effective January 1, 2026); Tennessee (TIPA, effective July 1, 2025); Nebraska (NDPA, effective January 1, 2025); Minnesota (MCDPA, effective July 31, 2025). Residents of all other U.S. states have equivalent rights to the extent provided by applicable law. If we deny a request, you may appeal within 60 days by emailing privacy@platformpolicy.com with subject line "Privacy Request Appeal."

7. SECURITY AND BREACH NOTIFICATION

We use TLS encryption, role-based access controls, MFA for administrative systems, and periodic security reviews. In accordance with the New York SHIELD Act (N.Y. Gen. Bus. Law § 899-aa et seq.), we implement and maintain reasonable administrative, technical, and physical safeguards appropriate to the size and complexity of our business and the nature of the information we hold. In the event of a breach of security involving the private information of New York residents, we will notify affected individuals and the New York Attorney General in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement. We apply the most stringent applicable breach notification timeline across all relevant jurisdictions.

8. AI AND AUTOMATED DECISION-MAKING

We use automated systems, including machine learning models, to detect and classify policy changes. No automated system makes final determinations about what constitutes a Material Policy Change for high or critical severity Signals — human analysts review those before issuance. We do not make automated decisions that produce legal or similarly significant effects concerning individual persons.

9. COOKIES

We use essential cookies (required for platform operation), analytics cookies (aggregated usage patterns only), and preference cookies (your settings). We obtain your affirmative consent for non-essential cookies through a cookie consent banner displayed on your first visit. Essential cookies do not require consent as they are necessary for platform operation. You can manage or withdraw consent for non-essential cookies at any time through our cookie consent banner or your browser settings. We also honor Global Privacy Control (GPC) signals as a valid opt-out from non-essential cookies, consistent with California (CCPA/CPRA), Colorado (CPA), Texas (TDPSA), and other applicable state laws. Blocking essential cookies may impair platform functionality. For complete details on the types of cookies we use, their duration, third-party providers, and your consent options, see our Cookie Policy (Document 9) at platformpolicy.com/legal/cookie-policy.

10. CHILDREN

PlatformPolicy is for businesses and adults (18+). We do not knowingly collect data from children under 13.

11. GLOBAL VISITORS

This service is designed for U.S.-based clients. If you access our website from outside the United States, you do so at your own initiative. We collect minimal technical data (IP address, browser type) from all website visitors through standard server logs and analytics cookies. EU and UK visitors may contact privacy@platformpolicy.com to exercise applicable rights under GDPR or UK GDPR regarding that limited data.

Texas Residents. PlatformPolicy's Enforcement Events database is compiled from public records and published reporting. To the extent such database contains personal information about Texas residents, we comply with applicable Texas data privacy laws, including the Texas Data Privacy and Security Act (TDPSA, effective July 1, 2024) and Texas data broker registration requirements where applicable. Texas residents have the right to know, access, correct, delete, and opt out of the sale or sharing of their personal data. Submit requests to privacy@platformpolicy.com.

California Data Broker Notice. PlatformPolicy's Enforcement Events database is compiled exclusively from public records, court filings, regulatory records, and published reporting. We do not sell personal information to third parties and do not believe we qualify as a "data broker" under California Business & Professions Code § 1798.99.80 because we do not sell personal information of consumers with whom we have no direct relationship. We have assessed our practices against California's data broker definition and have determined that registration is not required at this time. If our business practices change in a manner that requires registration, we will comply. Questions may be directed to privacy@platformpolicy.com.

12. CHANGES

We will email you and post a notice at least 14 days before material changes take effect. Continued use after that date constitutes acceptance.

Contact: privacy@platformpolicy.com | Arccore LLC, 8 The Green, Suite G, Dover, DE 19901, United States