Privacy Policy

Effective Date: March 24, 2026 · Last Updated: March 24, 2026

1. Introduction

Arcos is a software product operated by Abate Consultants LLC (“Company,” “we,” “us,” or “our”). Arcos is a software platform that transforms user input into structured schedules, priorities, and workflow automation.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Arcos platform and related services (the “Service”) available at www.usearcos.com. This policy is designed to comply with the New Jersey Data Privacy Act (N.J.S.A. 56:8-166 et seq.), the New Jersey Consumer Fraud Act, and other applicable state and federal privacy laws.

By accessing or using our Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Your name and email address when you create an account, or profile information provided through Google OAuth sign-in.
  • Task and Command Input: Text you enter into the system, including task descriptions, commands, and natural language requests processed by the platform.
  • Scheduling Data: Due dates, priorities, time estimates, scheduling preferences, and scheduling hours you configure.
  • Project Data: Project names, categories, and organizational structures you create.
  • Settings and Preferences: Theme choices, scheduling hours, timezone preferences, notification settings, and calendar display options.

2.2 Calendar Integration Data

  • Google Calendar: If you connect your Google Calendar, we access calendar event data (event titles, times, and calendar identifiers) through Google’s OAuth 2.0 protocol.
  • Microsoft Outlook: If you connect your Outlook calendar, we access calendar event data through Microsoft’s OAuth 2.0 protocol.
  • Calendar data is used to detect scheduling conflicts and synchronize events. You may disconnect calendar integrations at any time from Settings.

2.3 Information Collected Automatically

  • Usage Patterns: How you interact with the platform, including features used, actions taken, and timestamps of activity.
  • Performance Insights: Execution metrics such as task completion rates, scheduling adherence, and productivity patterns used to generate your Progress score.
  • Device and Browser Data: Browser type, operating system, screen resolution, timezone, and similar technical information.
  • Session Data: Authentication tokens and session identifiers necessary to maintain your login state.

3. How We Use Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve the Arcos platform
  • To authenticate your identity and secure your account
  • To generate structured schedules, priorities, and workflow automation from your input
  • To synchronize calendar data when you connect external calendar services
  • To calculate your Progress score and generate productivity insights
  • To personalize your experience based on your usage patterns and preferences
  • To process natural language commands through the assistant interface
  • To send administrative communications regarding your account
  • To detect, prevent, and address security issues
  • To comply with legal obligations

4. AI Usage and Processing

Arcos uses third-party AI services, including OpenAI and Anthropic, to process user inputs, generate structured outputs, and improve system functionality. These services may process data as necessary to provide core features of the platform.

Specifically, AI services are used to:

  • Interpret natural language commands and convert them into structured tasks
  • Generate scheduling recommendations and day-planning suggestions
  • Provide contextual suggestions in the command interface
  • Classify user intent to route requests appropriately

Data sent to AI providers is limited to what is necessary to process your request. We do not use your data to train third-party AI models. AI providers process data in accordance with their respective privacy policies and data processing agreements.

5. Sharing of Information

We do not sell, rent, or trade your personal information. We may share information only in the following limited circumstances:

  • AI Service Providers: OpenAI and Anthropic receive limited data necessary to process your commands and generate structured outputs, as described in Section 4.
  • Infrastructure Providers: Trusted third-party services that assist us in hosting and operating the platform, subject to confidentiality obligations.
  • Calendar Providers: When you connect Google Calendar or Microsoft Outlook, data is exchanged in accordance with their respective API policies.
  • Email Service: We use Resend for transactional and onboarding emails. Only email addresses and message content are shared with this provider.
  • Analytics: We use Microsoft Clarity to understand how users interact with the platform. Clarity collects usage data such as clicks, scrolls, and page navigation to help us improve the experience. No personal task content is shared with Clarity.
  • Legal Requirements: When required by law, subpoena, court order, or other governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account deletion:

  • Account data, tasks, projects, and scheduling data are deleted within 45 days
  • Calendar integration tokens are revoked and deleted immediately
  • Usage analytics and performance data are anonymized or deleted
  • Data required for legal compliance may be retained as permitted by law

7. User Rights

Under the New Jersey Data Privacy Act and other applicable laws, you have the following rights:

  • Right to Know: Confirm whether we are processing your personal data and access a copy of that data.
  • Right to Correct: Request correction of inaccurate personal data.
  • Right to Delete: Request deletion of your personal data, subject to certain legal exceptions.
  • Right to Data Portability: Request a copy of your data in a portable format.
  • Right to Opt Out: Opt out of the processing of personal data for targeted advertising, sale, or profiling.

To exercise any of these rights, contact us at privacy@usearcos.com. We will respond within 45 days as required by law. We will not discriminate against you for exercising your privacy rights.

8. Security

We implement industry-standard security measures to protect your information:

  • Passwords are stored using bcrypt cryptographic hashing
  • All data transmission is encrypted using TLS/SSL
  • CSRF protection on all form submissions
  • Rate limiting on authentication endpoints
  • Session tokens are securely generated and managed
  • Calendar OAuth tokens are stored securely and can be revoked at any time

While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Google Calendar and Microsoft Outlook Data

Our use of Google Calendar data complies with the Google API Services User Data Policy, including the Limited Use requirements. Our use of Microsoft Outlook data complies with Microsoft’s API terms.

  • We only request access to calendar data necessary for scheduling features
  • Calendar data is used solely for displaying events and detecting scheduling conflicts
  • You may revoke access to connected calendars at any time from Settings
  • OAuth tokens are stored securely and deleted when you disconnect a calendar
  • We do not use calendar data for advertising or share it with unrelated third parties

10. Cookies and Local Storage

  • Session Cookies: Essential cookies used to maintain your authenticated session.
  • Local Storage: Used to store theme preferences and certain UI state. This data remains on your device.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

11. Children’s Privacy

The Service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Last Updated” date at the top of this page. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Information

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or need to report a data concern, contact us at:

Arcos
Operated by Abate Consultants LLC
Email: privacy@usearcos.com