ArChat® — Privacy Policy

Last updated: April 10, 2026 · Latest revision of this document (not a product release number)

This Privacy Policy explains how ArChat collects, uses, discloses, and protects your personal data when you use our SaaS messaging and collaboration platform (“Service” or “ArChat”).

By accessing or using ArChat, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. This Policy should be read together with our Terms and Conditions of Use.

1. Data Controller

ArChat is operated by Aldo Alberto Frias, located in Mar del Plata, Province of Buenos Aires, Argentina (“ArChat”, “we”, “us” or “our”).

We act as the data controller for the personal data processed through the Service, except when we process data strictly on behalf of our customers as a data processor (in which case the customer organization is the data controller).

2. Scope of this Policy

This Privacy Policy applies to all users of ArChat, including through our website, Progressive Web App (PWA), APIs, backend services, messaging infrastructure, automatic translation features, billing systems, support, and any related services.

3. Information We Collect

3.1 Information You Provide

• Account information: email address, username, password (hashed), preferred language.
• Profile information: display name, bio, avatar, and other optional profile data.
• Communication content: messages, files, and attachments you send or receive.
• Preferences and settings: notification settings, theme, language, etc.

3.2 Automatically Collected Information

• Usage data: messages sent/received, conversations, contacts, invitations, presence status (online/offline), read receipts, and activity logs.
• Technical data: IP address, device type, browser information, device fingerprint, session tokens, request IDs, error logs, and security events.
• Subscription and billing data: plan type, subscription status, renewal dates, and metadata from the payment processor(s) designated by ArChat from time to time. We do not store full credit card numbers on ArChat systems.

3.3 Information from Third Parties

We may receive limited information from payment processors, infrastructure providers, and authentication services as necessary to operate the Service.

4. How We Use Your Information

We process your personal data for the following purposes:

• To create and manage your account and tenant environment.
• To provide, maintain, and improve the messaging, file sharing, presence, and automatic translation features (via third-party translation services as described below).
• To process subscriptions, payments, and manage billing.
• To authenticate users and ensure security of the Service.
• To prevent fraud, abuse, and unauthorized access.
• To provide customer support and respond to inquiries.
• To monitor performance, conduct analytics, and improve the Service.
• To comply with legal obligations and defend our rights.

Special note on translation (third parties): ArChat does not translate content itself. Automatic translation is provided by independent third-party services integrated into the Service. Translations are for convenience, may be inaccurate, and must be verified by you for important matters. We do not use your conversation content to train our own models; processing by third-party providers is subject to their terms and our agreements with them.

5. Legal Basis for Processing (for users in the EEA, UK, and similar jurisdictions)

We rely on the following legal bases:

• Performance of a contract: to provide the Service you requested.
• Legitimate interests: security, fraud prevention, service improvement, and business operations.
• Legal obligation: compliance with applicable laws.
• Consent: where required (you may withdraw consent at any time).

6. Sharing of Personal Data

We do not sell your personal data.

We may share your data with:

• Service Providers: cloud hosting, storage, monitoring, email delivery, automatic translation services, and analytics tools (under strict data processing agreements).
• Payment processors: one or more processors designated by ArChat from time to time (which may include, for example, Paddle or other providers as designated).
• Legal Authorities: when required by law, court order, or valid governmental request.
• Business transfers: in the event of a merger, acquisition, or sale of assets (with appropriate protections).

All third-party providers are contractually obligated to protect your data and process it only for the purposes we instruct.

7. International Data Transfers

Since ArChat is based in Argentina, your data may be transferred to and processed in countries outside Argentina, including the United States, European Union member states, and other jurisdictions where our service providers operate.

We implement appropriate safeguards (such as Standard Contractual Clauses or equivalent mechanisms) to ensure your data receives an adequate level of protection.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

• Active account data: retained while your account is active.
• Billing records: retained for the period required by tax and accounting laws.
• Logs and security data: retained for reasonable security and audit periods (usually up to 12–24 months).
• Message content: retained as long as your account is active, unless you request deletion (subject to legal retention requirements).

Upon account deletion, we will delete or anonymize your data within a reasonable timeframe, except for data we are legally required to retain.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to access, rectify, or update your data.
• Right to erasure (“right to be forgotten”).
• Right to restrict processing.
• Right to object to processing.
• Right to data portability.
• Right to withdraw consent (where processing is based on consent).

To exercise these rights, please contact us through the official support channels inside ArChat or at the email published on our website. We may request identity verification before processing your request.

We will respond to valid requests within the timeframes required by applicable law.

10. Security

We implement reasonable technical and organizational security measures to protect your data, including encryption in transit and at rest where appropriate, access controls, logging, and regular security reviews.

However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. Cookies and Similar Technologies

We use cookies, local storage, and similar technologies for authentication, security, session management, preferences, and analytics. For more details, please refer to our Cookie Policy (if published separately) or the relevant section in this Policy.

12. Children’s Privacy

ArChat is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from children.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. If we make material changes, we will notify you through the Service or by email where possible, at least 30 days before the changes take effect.

Your continued use of ArChat after the updated Policy becomes effective constitutes your acceptance of the changes.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us using the official support channels available inside ArChat or at the contact information published on our website: https://archat.com.ar

By using ArChat, you confirm that you have read and understood this Privacy Policy.