Privacy Policy

Effective Date: February 1, 2026

This Privacy Policy describes how Quantit Inc. ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with your access to and use of the Arkraft service, including related software, features, and outputs (collectively, the "Service").

Quantit Inc. is the data controller (or equivalent personal information handler, where applicable) with respect to personal information processed under this Privacy Policy.

Contents

1. Information We Collect2. How We Use Personal Information3. Legal Bases (Where Applicable)4. Sharing and Disclosure5. International Transfers6. Data Security7. Data Retention8. Your Rights and Choices9. Changes to This Privacy Policy

1. Information We Collect

  • Account & identity information: name, affiliation, email address.
  • User-provided service content: uploaded files, prompts, and other service input data you provide when using the Service.
  • Customer support and inquiries: information you provide when contacting us (e.g., via email or other support channels).
  • Usage and technical data: log data and device/browser information collected in connection with operating, maintaining, and securing the Service (to the extent available).

2. How We Use Personal Information

  • We use personal information to identify and authenticate users.
  • We use personal information to provide, maintain, and improve the Service.
  • We use personal information to respond to inquiries and provide customer support.
  • We use personal information to send notices related to Service operation (e.g., security or policy updates).
  • We use personal information for security, fraud prevention, compliance, and enforcement of our Terms of Service and other applicable policies.
  • We do not use user-provided service content for AI model training or model improvement.
  • Such content is processed only as necessary to provide, secure, maintain, and troubleshoot the Service, to perform statistical analysis for service quality improvement, and to comply with applicable law, including through service providers acting on our behalf.
  • For the avoidance of doubt, "improving the Service" in this Privacy Policy does not include use of user-provided service content for AI model training or model improvement.

3. Legal Bases (Where Applicable)

Where required by applicable law, we rely on one or more of the following legal bases for processing personal information:

  • Contract: to provide the Service you request and perform our agreement with you.
  • Legitimate interests: to operate, secure, and improve the Service, subject to balancing against your rights and interests where required by law.
  • Consent: where you have provided consent (you may withdraw it to the extent permitted by law).
  • Legal obligations: to comply with applicable laws and lawful requests.

4. Sharing and Disclosure

  • No sale of personal information: we do not sell personal information.
  • Service providers: we may share personal information with vendors who help us operate the Service (e.g., hosting, security, email delivery, analytics, customer support, and infrastructure operations) under appropriate contractual protections.
  • Service operation support: where reasonably necessary to provide and operate the Service, user-provided service content may be processed by service providers acting on our behalf, subject to appropriate contractual, confidentiality, and security safeguards.
  • Legal requirements: we may disclose information if required by law or in response to valid legal process, lawful authority request, or court order.
  • Business transfers: if we are involved in a merger, acquisition, or asset sale, we may transfer information as part of that transaction, subject to applicable law and appropriate confidentiality measures.

5. International Transfers

  • Your personal information may be processed in countries other than where you reside, including countries where our service providers operate.
  • User-provided service content may also be processed in countries other than where you reside to the extent reasonably necessary for Service operation and in accordance with applicable law.
  • Where required by law, we apply contractual, organizational, and technical safeguards reasonably designed to protect personal information in accordance with applicable legal requirements.

6. Data Security

  • We implement reasonable administrative, technical, and physical safeguards designed to protect personal information.
  • Data is protected using SSL/TLS encryption during transmission and stored using industry-standard security measures.
  • No method of transmission over the internet or method of storage is completely secure.

7. Data Retention

  • We retain personal information as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.
  • We do not use user-provided service content for AI model training or model improvement. Following termination or expiration of Service use, we delete such content from active systems within 30 days in accordance with our deletion process, unless a different period is required by applicable law.
  • Limited residual copies in backups or security logs are removed according to our backup and log retention cycles. In ordinary circumstances, these residual copies do not persist for more than 6 months after deletion from active systems, except where retention is required by applicable law or is reasonably necessary for security, fraud prevention, dispute resolution, or enforcement of our agreements.
  • For purposes of this Privacy Policy, termination of Service use means the earlier of your account closure request or the expiration/termination of your applicable subscription, trial, or contract term.
  • Our deletion process may include de-identification, logical deletion, and irreversible disposal from active systems, followed by scheduled removal from backups and logs according to the retention periods set out in this section.
  • Account & identity information: up to 6 months after account termination, unless a longer period is required by law.
  • User-provided service content: deleted from active systems within 30 days following termination or expiration of Service use under our deletion process; limited residual copies in backups or logs are handled as set out in this section.
  • Security and operational logs: retained for up to 12 months for security, fraud prevention, incident and outage response, and compliance, then deleted or de-identified according to retention cycles and applicable law, except where longer retention is required by law or is reasonably necessary for investigations, disputes, or enforcement of our agreements (including logs related to suspected policy violations, abuse, or security incidents).

8. Your Rights and Choices

  • Depending on your jurisdiction and applicable law, you may have rights to request access, correction, deletion, or restriction of your personal information.
  • You may also withdraw consent where consent is the legal basis for processing, subject to applicable law.
  • To exercise any applicable rights, contact us at support@quantit.ai.

9. Changes to This Privacy Policy

  • We may amend this Privacy Policy from time to time. If we make material changes, we will provide notice through the Service or by other reasonable means, including by updating the effective date.
  • Where required by applicable law, we will obtain additional consent before applying materially different processing practices.

Contact

Questions about this Privacy Policy may be directed to support@quantit.ai.