A Letter to All Arc Users,
Welcome to privacy at the Browser Company. To us, privacy means a web browser that the people we know and love can feel safe using. It means you don’t have to worry that your data is being misused, misappropriated, or bought and sold in ways you’re not aware of. It means we’re not now, not ever, in the business of profiting from your data.
One more reminder before you get started. We care about your privacy, but unfortunately, not everyone on the internet does. Just because we don’t collect a particular piece of information doesn’t mean websites you visit or services you use won’t try to. We do offer settings and tools to help you limit the information collected by other websites—read the section “Additional Ways to Enhance Privacy Online” below for more.
And as always, if you have any questions or suggestions, give us a shout at [email protected]. We’re all ears!
- Personal Data means any information that identifies or relates to a particular individual (often referred to as “personally identifiable information” or “PII”).
Data that is completely anonymized and cannot be linked with an individual user is NOT considered Personal Data.
- Service Providers help us run our business and provide the Services to you. They may include:
- Hosting, analytics, database, and communication providers, such as the authentication service we use to allow you to log into your account.
- Support and customer service software providers, such as the software our team uses to communicate with you when you report a bug.
- Security consultants who help us reduce security vulnerabilities in our software.
Service Providers are contractually required to only handle your data in ways that we specify, including being contractually prohibited from selling your data.
What personal data do we collect and how do we collect it?
When you use the Browser
|Category of Personal Data||Example||When we collect this data||Examples of why we collect this data|
|Profile or Contact Data||Name, Email, Account password||Directly from you, when you choose to give it to us (such as when you sign up for an account)|
|Device Data||Type of device and operating system used to access the Services||Automatically, when you use our mobile or desktop application|
|Product Usage Data||How often you use various product features|
Inferences drawn from your product usage data, for instance, “Folks love using these keyboard shortcuts!”
|Automatically, when you use our mobile or desktop application|
When you reach out directly or otherwise choose to give us information
For instance, when you submit a bug report or request support, we’ll collect the information you share with us to help solve your problem. Specifically, if you submit a bug report, we’ll automatically collect the names of browser extensions you have installed in case they’re responsible for the issue you’re reporting.
When you visit our website, arc.net
When you choose to use certain features
Notes and Easels. Notes and Easels are specific features of the Browser that allow you to create content, including text, images, and links. When you create a Note or Easel, it’s automatically stored with our Service Provider so that you can access it on other devices. We do not use or access this data for anything other than displaying your content to you. If you decide to share a Note or Easel publicly, it will be viewable by anyone with the link.
Boosts. Boosts are a feature of the Browser that lets you customize your web interface including changing the colors, fonts, and even removing entire sections from sites. Similarly to Notes and Easels, Boosts are automatically stored with our Service Provider so that you can access them on other devices. If you decide to share a Boost, the content of the Boost, along with any personalizations, will be viewable by anyone with the link. We may use aggregate data on shared Boosts to draw inferences about features usage and popularity.
Sharing features. For some features of Arc, like Folders, you can optionally create arc.net links that allow you to share those objects with others. If you choose to opt in to share an object, data about that object (for example, the title of the folder and the URLs it contains) is automatically stored with our Service Provider, and the content will be viewable by anyone with the link. When someone opens this link, we collect anonymous statistics about their usage.
Third-party connections. Some features of the Browser rely on third-party APIs (Application Programming Interfaces) for their functionality. In these instances, the Browser directly connects you with the third party. If you choose to use these features, the third party may receive certain data as detailed below. This data never passes through our servers, and we have no way of knowing its contents.
- Website translation: If you choose to use the website translation feature, the text to be translated will be sent to the Google Translate API.
- Sidebar sync: If you choose to sync your sidebar via iCloud, data about your sidebar items will be sent to iCloud. Sidebar sync is on by default when you install the Browser, and you can turn it off in the desktop app in Preferences > General.
- Search suggestions: When you type search queries or URLs, the Browser fetches search suggestions from your default search engine. Search suggestions are on by default when you install the Browser. In the desktop app, you can change your default search engine or turn off search suggestions in Preferences > General. In the mobile app, the default search engine is Google and cannot be changed at this time.
- Google Calendar and Outlook Previews: Previews allow you to glance at top sites without leaving your current tab. If you choose to connect your Google account to the Google Calendar Preview or Microsoft account to an Outlook preview, you will be prompted to sign in and grant certain permissions to Arc. If you allow access, Arc will read and display this information in the Preview. We do not store any of this information on our servers or use it for any other purpose. For Google, you can read more about this data in the Google API Services User Data Policy.
If you choose to use any feature included in the Arc Max bundle, certain data as detailed below will be sent to one or both of our AI subprocessors — OpenAI and Anthropic.
|Feature||Data Processed||When Data is Processed||Purpose of Processing||Subprocessor & Location|
|Tidy Tab Titles||Name of tab title, tab URL||Tab is pinned||When enabled, tabs you pin will be renamed to help keep you organized throughout the day.||OpenAI, USA|
|Tidy Downloads||Name of tab title, filename of downloaded file||File is downloaded||When enabled, files you download will be renamed to help keep you organized throughout the day.||OpenAI, USA|
|5-Second Previews||Content of webpage||Hover over a link||When enabled, hovering over a URL will provide a summary of the webpage.||OpenAI, USA|
|ChatGPT in the Command Bar||Content of command bar||Submit query using ChatGPT from the command bar||When enabled, asking a question in the command bar via ChatGPT site search will open an answer in ChatGPT.||OpenAI, USA|
|Ask on Page||Content of webpage, webpage URL||Submit question from Find in Page||When enabled, asking a question about a webpage will provide an answer based on the content of that page.||Anthropic, USA|
Arc Max uses OpenAI’s API Platform and Anthropic’s Claude for commercial applications. These features are off by default in the desktop app and not available in the mobile app at this time.
Why do we collect personal data?
In general, we collect personal data to provide and improve our product and Services. This includes data to make the Browser work (such as account information) or data to make the Browser better (such as Device or Product Usage Data). We also collect data to make sure we’re able to:
- Protect against fraud, or implement additional security measures.
- Correspond with you if you reach out with a bug report, support request, or general inquiry. We may also send you updates, product information, or other marketing communications.
- Meet legal requirements, safety measures, and enforce legal rights. We’re required to comply with any legal process, law, or regulation that requests we disclose personal information we’ve collected, so long as we consider the request reasonable and lawful. This includes:
- Enforcing our agreement terms or resolving disputes.
- Protecting your rights, property, or safety, or that of any party that interacts with our product.
How do we store and protect your data?
We do our best to protect the Personal Data we collect from any unauthorized parties accessing, using, or sharing it, but it’s important to remember that no method of transmitting data over the internet or storing data is 100% secure. We also ask you to help us out with protecting your data. Easy steps include creating a strong password and limiting access to your device and account credentials.
We hold on to Personal Data for as long as you have an account with us or as otherwise necessary to provide you with our Services. We’ll only hang on to it for longer if needed to meet our legal requirements discussed above, or if it’s anonymized so that it can’t be linked to a specific user.
If you are a resident of California, Nevada, or the EU, you may be afforded specific privacy rights and protections related to your personal data. Learn more here.
Are there age limits to who can use the product?
As noted in the Beta User Agreement, we do not knowingly collect or solicit Personal Data about children under 16 years of age; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 16 years of age, we will delete that information as quickly as possible. If you believe that a child under 16 years of age may have provided Personal Data to us, please contact us at [email protected].
What are additional ways to enhance privacy online?
As an important reminder, Arc’s data practices may not extend to the websites you visit when using our browser, which we can’t control. We do offer settings and tools to help you limit the information collected by websites you visit.
Navigate to Arc > Preferences > General > Privacy Preferences to control cookies and change other privacy and security settings. In the General preferences window, you can also change your default search engine and turn search suggestions on and off.
If you opted not to receive legal notice emails (— we get it), or you haven’t given us your email in the first place, the updated policy will still apply. We’ll do our best to get these updates in front of you, however, the ball’s ultimately in your court to read and understand them. If you continue to use the product we’ll assume the updates are good with you. Of course, give us a shout if there’s anything that needs further explaining.
How can you contact us?Website: arc.net
Email: [email protected]
Address: 285 N 6th St, Brooklyn NY, 5th Floor, 11211
If you are located in the EU or UK and have any questions or requests related to how we handle your data, you may use the following information to contact our Data Protection Officer and our EU or UK-Based Member Representative.
- EU: DP-Dock GmbH, Attn: The Browser Company, Ballindamm 39, 20095 Hamburg, Germany
- UK: DP Data Protection Services UK Ltd., Attn: The Browser Company, 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom
By email: [email protected]