Last updated: 01.08.2022
At ArcX, your privacy is of great importance to us. ArcX is committed to the protection of the personal information of all customers, prospects, emergency contacts, website visitors and all other individuals who entrust their personal information to ArcX.
1. Personal Information We Collect
‘Personal information’ means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person. Personal information does not include aggregated information that cannot be linked to a specific individual.
In addition to the information ArcX collects through its publicly facing website (see “Our Website Practices” below), ArcX collects Personal information when you sign up for service including but not limited to your name, contact information, the names of your designated check-in and emergency contacts, your payment details, as well as other information that you provide to ArcX that identifies (or may identify) you. We also collect and/or transit your text messages, GPS location data, SOS emergency status, and other identifiable online activity in order to deliver the ArcX Service.
We collect only the personal information we need in order provide you with our service and make every effort to ensure that the information we hold is accurate, complete and up-to-date.
2. Why We Collect Personal Information
We collect your personal information:
- To provide you with information about our products and services, including your eligibility and suitability to use our products and services in certain locations;
- To verify your identity, payment, and other account details when you apply to purchase our products and services, which may include obtaining a credit report in order to assess your creditworthiness;
- To support various ArcX services and features, including, SOS Emergency Services, and other ongoing service and support;
- To contact you when there are account-related issues, or when we have important updates regarding our products and services;
- To better understand your needs and preferences in order to develop and/or enhance our products and services;
- To compile and analyze aggregate statistics for internal reporting purposes;
- To assess and manage risk, including detecting and preventing fraud or error; and
- To meet auditing, legal and regulatory processes and requirements.
We identify when information is necessary in order to deliver our service and when it may be provided optionally.
Your consent to the collection of your personal information by ArcX is obtained when you enroll with the ArcX service and where applicable, when you enroll with certain optional value added services and features, where such consent will be automatically withdrawn when you cancel such optional services and features, subject to legal or contractual restrictions.
You may request to withdraw your consent to the collection of certain information, whereupon we will inform you of the consequences of withdrawing your consent, which may include an inability for us to continue to provide all or a portion of the Services you have purchased or requested. Please note that there may be instances where the law permits the collection, use or disclosure of your personal information without your consent, for example for debt collection, fraud investigations, and where necessary to protect our legal interests or the safety of others.
How Long We Keep Your Information
ArcX retains personal information only for as long as necessary to fulfill legal, regulatory, or business purposes. Once your information is no longer required by ArcX to meet business, legal or regulatory requirements, it is securely destroyed, erased or made anonymous. Keep in mind however that information may be retained for a lengthier period of time due to an on-going investigation or legal proceeding, and that residual information may remain in back-ups for a period of time after its destruction date.
3. When We Share Personal Information – With Your Consent
ArcX takes appropriate and reasonable steps to protect the interests of individuals when disclosing personal information. We share your personal information only with business partners, affiliates and service providers who assist us in delivering satellite communications and SOS emergency services to you; credit agencies; IT service providers; and marketing partners. We take reasonable and appropriate steps to ensure that any such third parties who we entrust with your personal information are reputable, comply with all applicable privacy regulations, and have safeguards in place to protect this information with the same duty of care as required by ArcX. We do not otherwise share your personal information with any other third parties without your prior consent or as we are required/permitted to by law to disclose such information.
ArcX may disclose your personal information to other third parties only if we reasonably believe that such disclosure is necessary to comply with any applicable law or regulation or to comply with or respond to a legal process or law enforcement or valid governmental request or to detect, present or address fraud or security issues or to protect against harm to others.
Our Website Practices
When you visit ArcX’s websites, we automatically receive and record information in our server logs from your browser or mobile platform, including the date and time of your visit, your IP address, unique device identifier, browser type and other device information (such as your operating system version and mobile network provider). By setting cookies, ArcX is able to enhance a user’s on-line experience (e.g. once you are logged in to your account, you are able to move between webpages without having to re-enter your credentials). You can disable cookies through your website browser, but this may affect your user experience.
ArcX also uses third party advertising partners to provide on-line visitors with relevant ads across the Internet.
For a complete list of cookies used on our website, click here.
External Links and Social Media
We may offer links from our website to the sites of third parties, such as affiliated organizations, that may be of interest to you. ArcX makes no representations as to such third parties’ privacy practices and we recommend that you review their privacy policies before providing your personal information to any such third parties.
ArcX’s use of social media serves as an extension of our presence on the Internet and helps us build a positive brand image as well as provide useful information to the public. Social media account(s), such as ArcX’s Facebook and Twitter accounts, are not hosted on ArcX’s servers. Users who choose to interact with ArcX via social media should read the terms of service and privacy policies of these services/platforms.
4. How We Protect Your Information
ArcX takes state-of-the art measures to help ensure the secure management and confidentiality of your personal information. ArcX has implemented critical physical, organizational and technical measures to guard against unauthorized or unlawful access to personal information we manage and store, and avoid accidental loss or destruction of, or damage to, your personal information. These include:
- Using data centers or third-party cloud service providers with effective physical and logical data security controls;
- Using secure encryption to maintain, store and transfer information, including modern tokenization for payment card information;
- Using robust authentication processes for access to online systems and other electronic records;
- Limiting access to personal information to only those employees who need the information to perform their work-related duties; and
- Maintaining secure office premises including locked filing cabinets and secure document shredding practices for paper records.
While no system is completely secure, these measures significantly reduce the likelihood of a data security breach. We also recommend that you help protect yourself from unauthorized access to your personal information – you should never share your ArcX account login credentials with another person or use the same username and password that you use with other online services. ArcX will not be liable for any unauthorized access to your personal information that is beyond our reasonable control.
Let us know right away if your contact information changes or you find any errors in your account statements or invoices. If you have reason to believe that the security of your account has been compromised, you must immediately notify ArcX of the problem in order for us to resolve the issue in a timely manner.
5. Accessing Your Information
You can make a written request for access to your personal information at any time if it is for information that you are unable to access yourself through your account so that you can ascertain which personal information is in ArcX’S possession, and the use and disclosure of your personal information by ArcX. To act on your request, we will need to verify your identity to the degree of certainty required by law, which may require you to provide information necessary to verify your account. You will need to provide as much information as you can to help us process your request and locate the information you require.
If you need assistance in preparing your request, please contact us and we would be pleased to help you. Upon your request, ArcX will also inform you of how your personal information has been or is being used, and who your personal information has been shared with. We may charge an appropriate fee to cover any expenses related to responding to your access request that we will disclose prior to responding to your request.
ArcX responds to access requests within 30 days, unless an extension of time is required. However, there may be contexts where access is refused or only partial information is provided, for example, in the context of an on-going investigation or where another individual’s personal information or identity must be protected.
6. How We Are Accountable
ArcX takes privacy complaints very seriously and has a procedure in place for escalating and managing any privacy related concerns to ensure that they are responded to in a timely and effective manner.
ArcX has appointed a Privacy Officer who oversees information-handling practices and ArcX’s privacy management program, including the containment, investigation and corrective actions for all privacy breach situations. The Privacy Officer’s duties include:
- Developing and, on a regular basis, reviewing the implementation of internal procedures to protect personal information;
- Ensuring all staff are trained on privacy best practices and are aware of the importance of safeguarding any personal information that they are privy to;
- Ensuring that all inquiries and complaints relating to privacy are appropriately handled; and
- Ensuring all third parties to whom ArcX provides access to personal information commit to protecting such information.
7. Legal And Regulatory Compliance
Personal information is collected, used, shared and stored in accordance with the privacy laws in the geographies in which ArcX operates, such as the EU General Data Protection Regulation (“GDPR”), the US Privacy Act and similar state regulations, Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”), and Australia’s Privacy Act 1988. ArcX respects the privacy best practice principles contained in the Canadian Standards Association Model Code for the Protection of Personal Information, CAN/CSA-Q830-96, the OECD Privacy Principles, and the Generally Accepted Privacy Principals recognized globally.
EU and UK Residents
ArcX remains the Controller of all Personal Data (the “Data Controller”) provided to us by our customers and our customers have all of the rights and privileges provided by the EU General Data Protection Regulation (GDPR) and the UK Data Protection, Privacy and Electronic Communications Regulation (also known as UK-GDPR). All third parties with whom we contract for the processing of customer personal information (each a “Data Processor”) must agree to ArcX’s Data Processing Agreement to maintain the security and integrity of your information.
In processing Customer Personal Data, ArcX’s legal bases for doing so include consent, performance of contractual commitments and the legitimate interest of the parties in processing the data.
EU and UK data subjects permanently residing in the European Union or the UK may have supplementary statutory rights with respect to their Personal Data as outlined in the GDPR and UK-GDPR, respectively. This includes the right to access their Personal Data, have it deleted, have it corrected, or object to/restrict processing of such data. If you would like to make such a request, please e-mail firstname.lastname@example.org. ArcX has developed a Data Subject Rights Procedure to ensure your request is responded to in a timely manner. In the context of a request for erasure, ArcX may scramble or anonymize the data subject’s information in a manner that is irreversible.
ArcX operates through its U.S., UK and EU establishments, the UK have been deemed to adequately protect data originating from the EU under the EU Data Protection Directive 95/46/EC (the GDPR’s predecessor). An adequacy finding allows the flow of data from the EU to Canada as a trusted country in data protection. In addition, ArcX uses data hosting providers who have made GDPR commitments of their own. Where data is transferred from the EU to a country that does not have an adequacy determination from the EU, ArcX will ensure that any such transfer from a data controller or processor in the EU satisfies all required GDPR requirements.
Right to Know. You have a right to request that we disclose to you the personal information we have collected about you and to request additional information about our collection, use, disclosure, or sale of such personal information.
Right to Request Deletion: California residents to whom the CCPA applies have the right to request that we delete their personal information under certain circumstances, subject to several exceptions. These exceptions include when information is: (1) needed to complete the transaction for which it was collected or to provide goods or services requested by the consumer; (2) used in the context of the business relationship with the consumer; (3) required to perform a contract; (4) used to detect security incidents and protect against malicious, fraudulent or illegal activity; (6) used solely for our internal uses as are reasonably expected; or (7) required to comply with a legal obligation or applicable laws.
Right to Opt-Out. ArcX does not sell your data for advertising or any other purposes and has not done so in the past 12 months. This being so, ArcX does not offer an opt-out to the sale of personal information.
If you are a California resident to whom the CCPA applies and would like to make requests related to the right to know, a request to delete, or a request for further information about our compliance with the CCPA, you may do so by emailing email@example.com. To act on your request, we will need to verify your identity to the degree of certainty required by law, which may require you to provide information necessary to verify your account. You may also designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
9. Contact Us
Any inquires, concerns or complaints regarding privacy should be directed to:
47 Upper Richmond Road
Please remember that e-mail and text messaging are not secure forms of communication, so never send confidential personal information to us this way.