1. Introduction and Company Information
Arithmo Systems Ltd. ("Arithmo," "the Company," "We," "Us," or "Our") is a leading provider of high-efficiency artificial intelligence infrastructure, specializing in structural customization at inference time. This Privacy Policy governs the processing of Personal Data across all platforms, websites, and services operated by Arithmo, including our proprietary inference layer.
This document describes our practices regarding the collection, use, and protection of information in our capacity as both a Data Controller and a Data Processor, as further defined by applicable Data Protection Laws. This Privacy Notice is meant to be read together with our Terms of Service, which you can find at arithmo.io/terms-of-service.
2. Definitions and Key Terms
To ensure transparency and compliance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), the following definitions apply:
Personal Data (or Personal Information): Any information relating to an identified or identifiable natural person. For the avoidance of doubt, pursuant to our Data Processing Agreement (DPA), a Customer's business contact information is not by itself deemed to be Personal Data subject to the specialized processing protections of the DPA.
Processing: Any operation or set of operations performed on Personal Data, such as collection, recording, organization, storage, adaptation, retrieval, use, disclosure by transmission, or destruction.
Data Subject: The identified or identifiable natural person to whom the Personal Data relates.
Controller: The entity which determines the purposes and means of the Processing of Personal Data.
Processor: The entity which Processes Personal Data on behalf of the Controller.
3. Categories of Data Subjects and Information Collected
Arithmo processes various categories of Personal Data to provide our structural inference customization services:
Customers and Authorized Users: We collect business contact information and account credentials for individuals authorized to access the platform. This includes employees, agents, advisors, and freelancers of our Customers.
Prospects and Vendors: We process contact details for business partners, vendors, and prospective clients (including their employees or contact persons) as necessary for business development and procurement.
User-Generated Content and "Traces": We process inputs, queries, and metadata provided during the use of our inference services. This includes historical data ("Traces") provided for model evaluation, which may include conversations and task-specific behavior required to bake knowledge into LoRA adapters.
Website Visitors: We collect technical logs, online identifiers, and IP addresses from individuals visiting our informational domains.
Aggregated Data: Any aggregated, statistical, or de-identified data derived from the use of our services ("Aggregated Data") is the sole and exclusive property of Arithmo. We use this for research, analysis, benchmarks, security monitoring, and ensuring compliance with acceptable use requirements.
4. Purpose of Processing and Legal Basis
We process Personal Data based on the following legal grounds:
Performance of a Contract: To fulfill our obligations under our service agreements, including the provision of the Arithmo Inference Layer, model distillation, and technical support.
Legitimate Interests: To maintain the security and integrity of our platform, monitor compliance with acceptable use policies, and develop benchmarks for the improvement of our inference economics.
Legal Obligation: To comply with applicable labor laws, corporate regulations, or requests from competent supervisory authorities.
Consent: Where explicitly provided, such as for certain cookies or marketing communications.
5. Service Providers and Security
Arithmo utilizes industry-leading, production-grade cloud infrastructure (primarily but not limited to Google Cloud Platform (GCP) and Amazon Web Services (AWS)) to host data and provide elastic compute capacity.
Our security framework is designed to protect data against unauthorized access or accidental loss through the following measures:
- Technical and Organizational Measures: Implementation of industry-standard security protocols.
- Encryption: Data is encrypted both in transit and at rest using modern cryptographic standards.
- Architectural Security: We utilize per-tenant environment isolation and horizontal auto-scaling to ensure data segregation and platform stability.
- Audit and Compliance: Arithmo has initiated the SOC2 Type II audit process. We maintain strict access controls and comprehensive audit logging across all platform layers.
6. California Privacy Rights (CCPA/CPRA)
This section applies to residents of California.
Notice of Non-Sale and Non-Sharing: Arithmo does not sell or share Personal Data to third parties for cross-contextual behavioral advertising. We do not monetize Personal Information collected through our services.
California residents hold the following rights:
- Right to Know/Access: The right to request disclosure of the categories and specific pieces of personal information we have collected.
- Right to Delete: The right to request deletion of personal information, subject to legal exceptions.
- Right to Non-Discrimination: The right to not receive discriminatory treatment for exercising your privacy rights.
7. Job Candidates and Applicants
Arithmo processes Personal Data from individuals applying for employment, including CVs, professional background, and contact details.
Purpose: Evaluation of candidacy and compliance with local labor laws.
Retention: Data of unsuccessful applicants may be retained for future opportunities for a reasonable period unless the candidate requests immediate deletion.
8. Cookies and Tracking Technologies
We utilize cookies to optimize our informational site and SaaS platform:
Essential Cookies: Required for session management, security, and core platform functionality.
Analytical/Performance Cookies: Used to understand user interaction and optimize the interface.
Management: Users may adjust cookie settings through their browser; however, some platform features may be unavailable if essential cookies are disabled.
9. Data Retention
Arithmo retains Personal Data only for the duration of the relevant service agreement or as required to fulfill the purposes described in this policy.
Upon termination of services, Personal Data is deleted or returned in accordance with our DPA. However, we may retain copies as required for evidence, legal claims, or mandatory backups. Please note that electronic copies of files containing Personal Data created pursuant to automatic archiving or backup procedures are overwritten in the ordinary course of business and are not further actively processed.
10. Children’s Privacy
Our services are directed toward enterprise clients and are not intended for individuals under the age of 18. We do not knowingly collect Personal Data from children. If we become aware of such collection, we will take immediate steps to delete the information.
11. International Data Transfers
Arithmo operates globally, and Personal Data may be transferred between the EU, UK, Israel, and the US.
To ensure an adequate level of protection, we rely on:
- Adequacy Decisions: Including the European Commission’s recognition of Israel’s robust data protection status.
- Standard Contractual Clauses (SCCs): Utilizing the EU Standard Contractual Clauses for transfers to third countries.
- UK Protection: We specifically implement the UK International Data Transfer Addendum to the EU SCCs for transfers originating from the United Kingdom.
12. Contact Information
For all inquiries regarding data rights or this Privacy Policy, please contact our privacy team:
Email: info@arithmo.io
Mailing Address: Arithmo Systems Ltd. Ha’ashel 7, Herzliya, Israel