Arcitix
Home About Solutions Case Studies Blog Careers Contact AI Incident? Secure Your AI
Privacy

Privacy Policy

How Arcitix collects, uses, and protects personal data, and the rights you have under the GDPR, UK GDPR, and CCPA/CPRA. Last updated May 16, 2026.

1. Who We Are (Data Controller)

Arcitix AI Security ("Arcitix", "we", "us") is the data controller for personal data processed through this website and our client engagements. For any privacy matter, contact our privacy team at privacy@arcitix.com. EU/UK visitors may also reach our Data Protection point of contact at dpo@arcitix.com.

2. Information We Collect

We only collect what we need:

  • Information you give us — name, work email, phone, company, inquiry type, and the contents of messages submitted via our contact form, email, or calls.
  • Engagement information — company context, security requirements, and limited technical detail needed to scope and deliver work, governed by the relevant signed agreement.
  • Technical information — server logs (IP address, user agent, timestamps, requested URL) generated automatically for security, abuse prevention, and reliability.
  • Cookies and similar technologies — see our Cookie Policy. Non-essential cookies are set only with your consent.

We do not knowingly collect data from children under 16, and we do not intentionally collect special-category data through this website.

3. How We Use Your Data & Legal Bases (GDPR Art. 6)

  • Respond to your enquiry and provide services — performance of a contract, or steps taken at your request before entering a contract.
  • Operate, secure, and improve the website — our legitimate interests in running a safe, reliable service (balanced against your rights).
  • Analytics and marketing cookies — your consent, which you may withdraw at any time.
  • Meet legal, tax, security, and regulatory obligations — compliance with a legal obligation.

4. Sharing & Disclosure

We do not sell personal data and we do not "share" it for cross-context behavioural advertising. We disclose personal data only to: processors acting on our instructions (e.g. hosting, email, infrastructure providers under data-processing agreements); professional advisors; a successor entity in a merger or acquisition; or authorities where required by law. All processors are bound by confidentiality and security obligations.

5. International Data Transfers

We operate remotely and may process data outside your country, including in the United States. Where data leaves the EEA or UK, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum) together with supplementary measures. A copy of the relevant safeguard is available on request.

6. Data Retention

We keep personal data only as long as necessary for the purpose it was collected. Indicative periods: contact-form enquiries that do not become engagements are deleted within 24 months; engagement records are retained for the term of the contract plus the period required for legal, tax, and security obligations; server logs are kept for a short rolling window for security and diagnostics. When no longer needed, data is securely deleted or anonymised.

7. Your Rights

Subject to applicable law, you have the right to: access your data; request rectification or erasure; restrict or object to processing; data portability; and to withdraw consent at any time without affecting prior processing. Under the CCPA/CPRA, California residents have the right to know, delete, correct, and opt out of sale/sharing (we do neither), and not to be discriminated against for exercising these rights.

To exercise any right, email privacy@arcitix.com. We respond within the timeframes required by law (generally one month under the GDPR, 45 days under the CCPA) and may need to verify your identity first. You may use an authorised agent where the law allows.

8. Cookies & Consent

We use strictly necessary cookies to run the site, and functional, analytics, and marketing cookies only with your consent. You can review or change your choice any time via the Cookie settings link in the footer. Full detail is in our Cookie Policy.

9. Security

We apply access controls, least-privilege handling, encryption in transit, and reasonable technical and organisational safeguards appropriate to the risk. No method of transmission or storage is perfectly secure, but we work to protect personal data and to notify affected individuals and regulators of qualifying breaches as required by law.

10. Complaints

If you have concerns, please contact us first so we can help. You also have the right to lodge a complaint with your supervisory authority — for example, your national Data Protection Authority in the EEA, or the UK Information Commissioner's Office (ICO) at ico.org.uk.

11. Changes & Contact

We may update this policy to reflect changes in law or our practices; the "last updated" date above will change accordingly. For any privacy question or request, email privacy@arcitix.com.

Arcitix

AI-native security for the AI era — autonomous defense powered by AI, and protection for the AI systems you build and ship.

NIST AI RMF OWASP LLM Top 10 MITRE ATLAS EU AI Act Ready
Solutions
Agentic SOC AI Threat Detection LLM Firewall AI Red Teaming
Company
About Us Case Studies Careers Contact
Resources
Blog Trust Center Security Practices Responsible Disclosure Privacy Policy Cookie Policy Terms

© 2026 Arcitix AI Security. All rights reserved.

Privacy Cookies Terms Legal Notice Accessibility Your Privacy Choices

We value your privacy

We use strictly necessary cookies to run this site. With your consent we also use functional, analytics, and marketing cookies. You can accept all, reject all non-essential, or choose per category. Read our Cookie Policy and Privacy Policy.

Cookie preferences

Choose which categories of cookies and similar technologies you allow. Your choice is stored for 180 days and you can change it any time from the “Cookie settings” link in the footer.

Strictly necessary Always active

Required for the site to function — security, load balancing, form submission, and remembering your cookie choice. These never store marketing or tracking data and cannot be switched off.

Functional

Remember preferences such as language or region so the site behaves the way you left it. Disabling these may reset non-essential preferences between visits.

Analytics

Aggregated, privacy-respecting measurement of how the site is used so we can improve it. No analytics run until you allow this category.

Marketing

Used to measure campaign performance and show relevant content. We load no marketing or advertising cookies unless you opt in here.