1. Introduction

Artevus Technologies ("Artevus", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we handle information in connection with our websites, mobile applications (available on Apple App Store and Google Play Store), web platforms, APIs, and all other digital services (collectively, "Services").

This Policy applies to all users of Artevus Services globally, including users of our proprietary products and clients of our software development services. We have designed our Services with a strong privacy-first philosophy: we do not sell your data, we do not use it for advertising, and we collect only what is necessary to operate and improve our Services.

2. Our Core Privacy Commitment — No Data Storage Policy

Artevus Technologies operates under a strict no-unnecessary-data-retention policy. We do not store, sell, share, or monetize your personal data. Personal identifiers such as email addresses, usernames, and profile information exist solely to authenticate and operate your account and are permanently deleted upon account deletion.

Specifically, our commitment means:

We do NOT sell your personal data to any third party under any circumstances.
We do NOT use your personal data for advertising or marketing purposes without your explicit consent.
We do NOT retain your data after your account is deleted.
We do NOT share your personal information except as expressly described in this Policy.
We collect only the minimum data necessary ("data minimization") to provide and improve the Services.

3. Information We Collect

3.1 Information You Provide Directly

When you create an account or use certain features, you may voluntarily provide:

Account registration data: name, email address, username, and password.
Profile information: optional details you choose to add to your profile.
Communications: messages, feedback, support requests, or other content you send to us.
Payment information: processed securely through third-party payment providers; we do not store full payment card details.

3.2 Information Collected Automatically

When you use our Services, we may automatically collect:

Device information: device type, operating system, unique device identifiers (used only for app functionality and analytics).
Usage data: features accessed, actions taken, and interaction patterns within the app (for product improvement only).
Log data: IP address, browser type, pages visited, time and date of access, and crash reports.
App performance data: diagnostic and performance data to identify and fix technical issues.

3.3 Information We Do NOT Collect

We explicitly do not collect:

Financial account numbers or full payment card details (handled by third-party processors).
Biometric data (fingerprints, facial recognition, etc.).
Precise real-time location data unless you explicitly grant permission for a location-dependent feature.
Contact lists or address books without your explicit consent.
Background data or activity when the app is not in active use, unless required for a specific feature you have enabled.

4. How We Use Your Information

We use the information we collect strictly for the following purposes:

Account Management: To create, authenticate, and manage your account.
Service Delivery: To provide, operate, maintain, and personalize the Services you use.
Communications: To send you important service-related notices, security alerts, and support responses. (We do not send unsolicited marketing emails unless you opt in.)
Product Improvement: To analyze usage patterns, identify bugs, and improve features and performance.
Security: To detect, prevent, and respond to fraud, abuse, security threats, and violations of our Terms & Conditions.
Legal Compliance: To comply with applicable laws, regulations, and legal processes.
Customer Support: To respond to your inquiries and provide technical assistance.

We will not use your data for any purpose not listed above without obtaining your prior consent.

5. Data Retention Policy

Artevus follows a strict minimal-retention approach:

Active accounts: Data is retained only as long as necessary to provide the Services or as required by law.
Inactive accounts: Accounts inactive for 24 consecutive months may be subject to deletion notice and subsequent deletion.
Deleted accounts: Upon account deletion, all personal data is permanently erased from our systems within 30 days. See Section 9 for full account deletion details.
Anonymized/aggregated data: Non-identifiable, aggregated data (e.g., total user counts, feature usage statistics) may be retained indefinitely for analytical purposes.
Legal hold: Data may be retained beyond normal periods if required by applicable legal obligations, court orders, or regulatory requirements.

6.1 We Do Not Sell Your Data

Artevus will never sell, rent, trade, or otherwise transfer your personal data to third parties for commercial or advertising purposes. This is an absolute commitment with no exceptions.

We may share data with trusted third-party service providers who assist in operating our Services, strictly under confidentiality and data processing agreements. These providers may include:

Cloud infrastructure and hosting providers (e.g., AWS, Google Cloud, Azure).
Analytics platforms (aggregated, anonymized data only).
Payment processors (PCI-DSS compliant; they do not receive unnecessary personal data).
Email delivery services (for transactional communications only).
Customer support tools.

All service providers are contractually prohibited from using your data for any purpose other than providing services to Artevus.

6.3 Legal Disclosures

We may disclose your information if required by law or in good faith belief that such action is necessary to:

Comply with a legal obligation, court order, or valid government request.
Protect the rights, property, or safety of Artevus, our users, or the public.
Enforce our Terms & Conditions or other applicable agreements.

6.4 Business Transfers

In the event of a merger, acquisition, sale of assets, or reorganization, your data may be transferred to the successor entity. You will be notified of any such transfer and any material changes to this Privacy Policy.

7. Apple App Store and Google Play Store Compliance

7.1 Apple App Store Compliance

Our iOS applications comply with Apple's App Store Review Guidelines and Apple's Privacy requirements, including:

App Privacy Nutrition Labels: Our App Store listings accurately disclose all data types collected, their purposes, and whether data is linked to user identity.
App Tracking Transparency (ATT): We comply with ATT requirements. If our apps use tracking, we request explicit permission via ATT prompt before any tracking occurs.
Apple Sign-In: Where we offer Sign in with Apple, we comply fully with Apple's authentication requirements and do not store Apple-provided credentials beyond what is necessary for authentication.
HealthKit / SensorKit: We do not access HealthKit, SensorKit, or other sensitive Apple frameworks unless strictly required for a declared app function and with explicit user consent.
Data minimization: We collect only data necessary for the stated app purpose, consistent with Apple guidelines.
In-App Purchases: Where applicable, all in-app purchases comply with Apple's In-App Purchase guidelines.

7.2 Google Play Store Compliance

Our Android applications comply with Google Play Developer Program Policies and Google's Data Safety requirements, including:

Data Safety Section: Our Play Store listings include an accurate Data Safety disclosure covering all data collected, how it is used, whether it is shared, and applicable security practices.
Sensitive Permissions: We request only the minimum permissions necessary for app functionality. Dangerous permissions (e.g., camera, location, microphone) are requested contextually with clear explanations.
Background Location: We do not access background location data unless a specific feature explicitly requires it, in which case we request separate background location permission with a justified disclosure.
Children's Policies: Apps directed at children comply with Families Policy requirements, including COPPA.
Play Billing: Where applicable, all in-app purchases comply with Google Play Billing policies.
Malware Policy: Our apps do not engage in deceptive, malicious, or harmful behavior.

7.3 Cross-Platform Privacy Consistency

All privacy commitments in this Policy apply equally across web and both mobile platforms (iOS and Android). Users have the same data rights and controls regardless of which platform they use to access our Services.

8. Your Data Rights

Depending on your location, you may have the following rights regarding your personal data:

8.1 Right to Access

You may request a copy of the personal data we hold about you at any time by contacting privacy@artevus.com.

8.2 Right to Correction

You may update or correct inaccurate personal data directly in your account settings, or by contacting our support team.

8.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data. This right is fully honored through our account deletion process (see Section 9). Upon exercising this right, all personal data is permanently deleted within 30 days.

8.4 Right to Data Portability

Upon request, we will provide your personal data in a structured, machine-readable format to allow transfer to another service, where technically feasible.

8.5 Right to Restrict Processing

You may request that we restrict the processing of your data in certain circumstances, such as when you contest the accuracy of the data or have objected to processing.

8.6 Right to Object

You may object to processing of your personal data for direct marketing or where processing is based on legitimate interests.

8.7 Rights Under Specific Laws

GDPR (EU/EEA Users): All rights listed above apply. Our legal basis for processing is contract performance, legitimate interests, or consent as applicable.
CCPA (California Users): You have the right to know, delete, and opt-out of sale of personal information. We do not sell personal information.
PIPEDA (Canadian Users): You have rights of access and correction under Canadian privacy law.
Other Jurisdictions: We comply with applicable local data protection laws in jurisdictions where we operate.

To exercise any of these rights, contact us at privacy@artevus.com. We will respond within the timeframe required by applicable law (generally 30 days).

9. Account Deletion — Complete Data Erasure Policy

IMPORTANT: When you delete your Artevus account, ALL of your personal data is permanently and irreversibly deleted from our systems. We do not retain, archive, or back up any personal data after account deletion. This process is permanent and cannot be undone.

9.1 What Gets Deleted

Upon account deletion, the following data is permanently erased:

Your email address and all contact information.
Your username and display name.
Your password hash and authentication credentials.
Your profile information and settings.
All content you have created or uploaded within the Service (unless required for legal hold).
Your usage history, preferences, and personalization data.
Any linked social account connections or third-party integrations.
All session tokens, authentication keys, and access records.
Any support tickets or correspondence linked to your account identity (anonymized summaries may be retained for quality purposes).

9.2 Deletion Timeline

Account deletion is processed as follows:

Immediate: Your account is deactivated and you lose access to the Services immediately upon requesting deletion.
Within 30 days: All personal data is permanently purged from our primary databases and active systems.
Within 90 days: Data is purged from backup systems and disaster recovery archives.
After 90 days: No personal data linked to your account exists anywhere in Artevus systems.

9.3 Data We May Retain After Deletion

The only information that may be retained after account deletion is:

Anonymized and aggregated data that cannot be linked back to you (e.g., aggregate usage statistics).
Transaction records required for financial compliance and auditing purposes (stripped of personal identifiers where possible).
Data subject to active legal hold, litigation, or regulatory investigation.

In all retained cases, data is either fully anonymized (no longer personal data) or retained strictly to meet legal obligations.

9.4 How to Delete Your Account

You can delete your account through any of the following methods:

In-App: Navigate to Settings > Account > Delete Account within any Artevus app or platform.
Web: Log in to your account at www.artevus.com, go to Account Settings, and select Delete Account.
Email Request: Send a deletion request to privacy@artevus.com from your registered email address.

Upon submission of a deletion request, you will receive a confirmation email. The deletion is irreversible. We recommend you download any content you wish to keep before initiating deletion.

10. Data Security

Artevus implements industry-standard security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction:

Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) 1.2 or higher.
Encryption at Rest: Sensitive data stored in our databases is encrypted at rest using AES-256 encryption.
Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis, with multi-factor authentication required for administrative access.
Security Audits: We conduct regular security assessments, penetration testing, and code audits.
Incident Response: We maintain a documented data breach response plan and will notify affected users and regulatory authorities as required by law in the event of a breach.
Password Security: User passwords are stored as one-way hashed values using bcrypt or equivalent secure algorithms; we never store plaintext passwords.

While we implement strong security measures, no method of electronic transmission or storage is 100% secure. We encourage users to use strong, unique passwords and enable two-factor authentication where available.

11. Cookies and Tracking Technologies

11.1 Cookies

Our websites may use cookies and similar tracking technologies. We use:

Essential Cookies: Required for the Services to function (e.g., session management, authentication). These cannot be disabled without affecting functionality.
Analytics Cookies: Help us understand how users interact with the Services (e.g., Google Analytics). These are set only with your consent.
Preference Cookies: Remember your settings and preferences to improve your experience.

You can manage cookie preferences through your browser settings or through our Cookie Consent tool on the website. Blocking essential cookies may impact service functionality.

11.2 Mobile App Tracking

Our mobile apps do not use advertising trackers. On iOS devices, we comply with App Tracking Transparency (ATT) requirements. On Android, we collect only anonymized usage analytics. We do not share your app usage data with advertising networks.

12. Children's Privacy

Our Services are not directed to children under the age of 13 (or 16 in the EU). We do not knowingly collect personal data from children under these ages. If we become aware that we have inadvertently collected personal data from a child below the applicable age threshold, we will take immediate steps to delete such data.

If you are a parent or guardian and believe your child has provided personal information to Artevus, please contact us immediately at privacy@artevus.com. For products specifically designed for educational use involving children, separate and more stringent privacy terms apply in compliance with COPPA and applicable regional laws.

13. International Data Transfers

Artevus operates globally. Your information may be transferred to and processed in countries outside your country of residence, including countries that may have different data protection laws.

When transferring data from the EU/EEA to third countries, we rely on appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission, or other mechanisms recognized under GDPR. By using our Services, you consent to such transfers subject to the protections described in this Policy.

14. Third-Party Integrations and SDKs

Our Services may integrate third-party SDKs or APIs. The following categories of third-party tools may be present in our apps:

Analytics: Anonymized usage tracking (e.g., Firebase Analytics, Mixpanel). No personally identifiable information is shared.
Crash Reporting: Crash and diagnostic data tools (e.g., Crashlytics). Device identifiers and crash logs only.
Authentication: OAuth providers (e.g., Google Sign-In, Apple Sign-In). We receive only the minimum data needed for authentication.
Payment Processing: PCI-DSS compliant processors (e.g., Stripe). Payment data is handled entirely by the processor.

Each third-party service has its own privacy policy. We carefully vet all integrations and require them to meet our privacy standards.

15. Push Notifications

We may send you push notifications through our mobile applications. You can manage notification preferences:

iOS: Go to Settings > Notifications > [Artevus App] to manage permissions.
Android: Go to Settings > Apps > [Artevus App] > Notifications.
In-App: Go to Settings > Notifications in any Artevus app.

We only send notifications relevant to your use of the Services (e.g., account alerts, service updates). We do not send promotional push notifications without your opt-in consent.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by:

Posting the updated Policy on our website with a new "Last Updated" date.
Sending an in-app notification or email for significant changes.
Requesting your renewed consent where required by law.

Your continued use of the Services after the effective date of the updated Policy constitutes your acceptance of the changes. If you do not agree with the updated Policy, you should discontinue use and may request account deletion.

17. Contact Us — Privacy Matters

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Artevus Technologies (Private) Limited
Data Privacy Team

Email: info@artevus.com
General Support: info@artevus.com
Website: www.artevus.com

We are committed to resolving your privacy concerns promptly and transparently. We will respond to all privacy-related inquiries within 30 days.

Summary of Key Commitments

The following summarizes Artevus Technologies' core commitments to users:

NO DATA SELLING: We never sell your personal data to third parties.
NO ADVERTISING TRACKING: We do not use your data for advertising.
MINIMAL COLLECTION: We collect only what is necessary to operate the Services.
FULL DELETION: When you delete your account, ALL your personal data is permanently deleted within 30 days.
NO RETENTION: We do not retain personal data after account deletion (except anonymized aggregates or legal holds).
SECURE STORAGE: Data in transit and at rest is encrypted using industry-standard methods.
APP STORE COMPLIANT: Our mobile apps comply with both Apple App Store and Google Play Store privacy requirements.
YOUR RIGHTS: You have the right to access, correct, delete, and port your data at any time.
TRANSPARENT UPDATES: We notify you of any material changes to these policies.