Legal

Privacy Policy

Last updated: April 13, 2026

1. Introduction

Aethyia INC. (“Company,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our websites (aethyia.com, arkinfinverse.com) or use our services. This policy applies to all users worldwide, including those in the United States, European Economic Area (EEA), United Kingdom, and California.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, and job title when you create an account or contact us.
  • Financial Data: If you use Arkin Finverse, you may upload financial documents such as bank statements, invoices, and receipts. This data is processed solely to deliver the service and is encrypted at rest and in transit.
  • Communications: Information you provide when you contact us via forms, email, or other channels.

2.2 Information Collected Automatically

  • Log Data: IP address, browser type, operating system, referring URLs, pages viewed, and access timestamps.
  • Device Information: Device type, screen resolution, and unique device identifiers.
  • Cookies and Tracking Technologies: See our Cookie Policy for details.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services.
  • Process transactions and send related information.
  • Respond to your comments, questions, and customer service requests.
  • Send you technical notices, updates, security alerts, and administrative messages.
  • Monitor and analyze trends, usage, and activities in connection with our Services.
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities.
  • Comply with legal obligations and enforce our terms and policies.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

  • Consent: Where you have given us explicit consent to process your data for a specific purpose.
  • Contract: Where processing is necessary for the performance of a contract with you.
  • Legitimate Interest: Where processing is necessary for our legitimate business interests, provided those interests do not override your fundamental rights and freedoms.
  • Legal Obligation: Where processing is necessary to comply with applicable law.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

  • Service Providers: Third-party vendors who perform services on our behalf (hosting, analytics, payment processing, email delivery).
  • Legal Requirements: When required by law, subpoena, or other legal process, or to protect our rights, safety, or the rights and safety of others.
  • Business Transfers: In connection with any merger, acquisition, or sale of all or a portion of our assets.

6. International Data Transfers

Your information may be transferred to and processed in the United States, where our servers are located. If you are accessing our Services from the EEA, UK, or other regions with data protection laws, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Financial documents uploaded to Arkin Finverse are retained for the duration of your active account and deleted within 90 days of account termination unless otherwise required by law.

8. Your Rights

8.1 Rights Under GDPR (EEA/UK Residents)

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure:Request deletion of your personal data (“right to be forgotten”).
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

8.2 Rights Under CCPA (California Residents)

  • Right to Know: Request disclosure of the categories and specific pieces of personal information collected.
  • Right to Delete: Request deletion of personal information collected from you.
  • Right to Opt-Out: Opt out of the sale of personal information. We do not sell personal information.
  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your CCPA rights.

8.3 Exercising Your Rights

To exercise any of these rights, contact us at privacy@aethyia.com. We will respond within 30 days (or as required by applicable law). We may request additional information to verify your identity before processing your request.

9. Data Security

We implement industry-standard technical and organizational measures to protect your personal data, including encryption in transit (TLS 1.2+) and at rest (AES-256), access controls, regular security audits, and secure development practices. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we learn that we have collected personal data from a child under 16, we will take steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us at privacy@aethyia.com.

11. Third-Party Links

Our Services may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the “Last updated” date. For significant changes, we may also notify you by email.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices:

Aethyia INC. — Privacy Team

Delaware, United States

Email: privacy@aethyia.com

14. Data Protection Officer

If you are located in the EEA or UK and have concerns about our data processing activities, you may contact our Data Protection Officer at dpo@aethyia.com. You also have the right to lodge a complaint with your local data protection supervisory authority.