Privacy Policy

Anuvyx S.A.S and its affiliates (“Anuvyx,” “we,” “us,” or “our”) respect your privacy and are committed to protecting the information we handle.

This Privacy Policy explains how we may collect, use, and disclose personal data when you use our websites, applications, and related services (collectively, the “Services”). It also outlines the privacy rights available to you.

This Policy does not apply to:

• Customer data processed on behalf of our business customers (e.g., via our API or other enterprise offerings). That processing is governed by the applicable customer agreements.
• Employment-related data collected in connection with recruiting, hiring, or employment at Anuvyx.
• Access through third-party services. If you use our Services via a third party, that third party’s privacy policy governs your use of their service.

If you are in the European Economic Area, the United Kingdom, or Switzerland, please review our Europe Privacy Policy for region-specific information not covered here.

At-a-glance. We ask that you do not include personal information in prompts or uploads. Because we can’t control what you submit, you may still provide it. Below we explain what we may collect, how we collect it, how we use it, and how share it.

Overview of categories

Cookies and similar technologies

We use cookies and comparable technologies to run the Service, remember preferences, improve experiences, and perform analytics. Some functionality may rely on cookies even if you use the Service without creating an account.

Sensitive information

We do not seek to collect sensitive personal information (e.g., data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health, biometric templates, criminal background, or trade-union membership) and ask that you do not provide such data. With respect to model training, we do not process training data to infer or derive sensitive or special-category attributes about individuals, and we do not intentionally source datasets that focus on such categories.

Additional notes

• Your choices: Where we rely on your consent (e.g., precise location), you can grant or withdraw it through your device or account settings.
• Third-party sign-in: If you choose a third-party login, that provider will share information with us at your direction and subject to its own privacy terms.
• Examples, not limits: The examples above illustrate common scenarios and are not exhaustive. The precise data we collect depends on how you use the Service and the options you select.

We use your personal information (“Personal Data”) to operate, protect, and improve our Services, including Arex. Examples include:

1. Provide and maintain the Services
   • Deliver core functionality (e.g., respond to your text or voice prompts, process subscription payments).
   • Offer troubleshooting, customer support, and account assistance.
2. Improve, develop, and research
   • Enhance existing features and build new ones.
   • Analyze usage trends and performance to operate and expand our business.
   • Model training: We may use the Content you provide to train and refine the models that power Arex.
3. Communicate with you
   • Send service-related messages (e.g., about your Arex access, changes to the Services, required notices).
   • Share information about product updates or events. These are non-promotional unless you’ve opted into marketing (see "No selling/marketing," below).
4. Safety, security, and misuse prevention
   • Protect the integrity and security of the Services.
   • Detect, investigate, and prevent fraud, unauthorized use, unlawful activity, and other misuse.
5. Legal, compliance, and rights protection
   • Comply with laws, regulations, and lawful requests.
   • Protect the rights, privacy, safety, and property of users, Anuvyx, our partners, and the public.
   • Determine your country or region when needed to meet legal obligations.

Aggregated and De-identified Data

We may aggregate, pseudonymize, or de-identify Personal Data so it no longer identifies you and use it for the purposes above, such as analyzing how the Services are used, improving features, and conducting research. We will maintain de-identified or pseudonymized data in that form and will not attempt to re-identify it, unless required by law.

No Selling or Marketing Use

• We do not sell Personal Data and we do not share it for targeted or cross-context behavioral advertising.
• We do not collect or use Personal Data for third-party marketing, and we do not share Personal Data with third parties for their marketing purposes.

We share “Personal Data” only for the purposes described in this Privacy Policy and with appropriate safeguards. Below are the primary situations in which disclosure may occur:

• Service providers (processors). We share Personal Data with trusted vendors that help us operate, secure, and support the Services, such as hosting and cloud infrastructure, content delivery networks, analytics, support and safety monitoring, email and communication platforms, and payment and transaction processors. These providers act on our instructions, access Personal Data only as needed to perform their duties, and are bound by confidentiality and security obligations.
• Affiliates and related companies. We may share Personal Data with entities that control, are controlled by, or are under common control with Anuvyx when necessary to provide the Services, fulfill your requests, deliver customer support, or for internal operations consistent with this Policy.
• Business account administrators.If you join an Arex Enterprise or other business account, that account’s administrators may access and manage your Anuvyx account, including certain Content, to operate the business service. If you register using an email address issued by your employer or another organization, we may share that you have an account and limited account details such as your email address with that organization to enable provisioning and administration.
• Business transfers. In connection with a corporate transaction such as a merger, acquisition, financing, divestiture, reorganization, bankruptcy, or sale of assets, Personal Data may be disclosed during due diligence and transferred to a successor or affiliate as part of the transaction. Where required by law, we will use reasonable efforts to notify you of any transfer to an unaffiliated third party.
• Legal, safety, and compliance. We may disclose Personal Data to government authorities, industry partners, or other third parties when we believe it is necessary to: (i) comply with applicable law, lawful requests, or legal process; (ii) protect and defend the rights, property, or safety of Anuvyx, our users, our employees, or the public; (iii) detect, prevent, or address fraud, abuse, security incidents, or other illegal activity; (iv) enforce our agreements, policies, and terms; or (v) manage or mitigate legal claims and liability.
• Third parties you choose to interact with. Some features let you share Content or interact with third parties, for example sharing Arex conversations on social media or sending information to external applications such as web search tools. Any information you share with those third parties is governed by their own terms and privacy policies, which we encourage you to review before sharing.

We keep personal data only for as long as it’s needed to deliver the Service or for other valid reasons, such as safety and security, dispute resolution, or meeting legal obligations. The specific retention period varies based on:

• Purpose – why we collected and process the data in the first place.
• Data profile – the volume, nature, and sensitivity of the information.
• Risk – the potential harm from unauthorized use or disclosure.
• Legal requirements – laws, regulations, court orders, or other obligations that apply to us.

When we may retain data longer

In some situations, we must keep information beyond our standard timeframes, for example:

• Legal obligations (e.g., complying with a court order or statutory recordkeeping).
• Requests and complaints (e.g., where a matter is open or under review).
• Security, safety, and integrity of our business and the Service (e.g., investigating suspected misuse or unusual activity).
• Litigation and regulatory matters (e.g., where the data is relevant to an active claim or investigation).

Feature- and setting-based retention

Certain features or settings affect how long we retain data. For example:

• Private Chat:when enabled, conversations won’t appear in your conversation history and are deleted from Anuvyx systems within 30 days, unless we need to keep them longer for legal, compliance, or safety reasons.
• User-initiated deletion: if you delete some or all conversations, or delete your account, we delete the associated data within 30 days, unless retention is required for legal, compliance, or safety purposes.

We continually review our practices to ensure data is not kept longer than necessary.

Depending on where you live and subject to applicable legal exceptions, you may have certain rights regarding your personal data (“Personal Data”). These may include the right to:

• Access the Personal Data we hold about you and information about how we process it.
• Delete your Personal Data (subject to legal retention requirements).
• Correct or update inaccurate or incomplete Personal Data.
• Data portability, by requesting a copy of certain Personal Data in a transferable format.
• Restrict certain processing activities.
• Object to processing in specific circumstances.
• Withdraw consent where we rely on consent as the legal basis (this does not affect processing carried out before withdrawal).
• Lodge a complaint with your local data protection authority.
• Use an authorized agent to submit certain requests, where permitted by law.
• Be free from discrimination for exercising your privacy rights.
• Appeal our decision regarding your rights request if applicable law provides that right.

For information specific to European privacy rights

Please see Anuvyx’s Europe Privacy Policy.

How to Exercise Your Rights

You can exercise some rights directly in your Anuvyx account. If you cannot complete your request there, email support@anuvyx.com with your full legal name, email address, and city, state/province, and country of residence. We will respond within the timeframe required by applicable law.

Please note that we may deny requests where an exception applies (for example, if we must retain certain information to comply with legal obligations or to establish, exercise, or defend legal claims). If an exception applies, we will explain this in our response.

Identity Verification

To protect your information, we may require you to verify your identity (e.g., by validating account credentials or providing additional information sufficient for us to confirm your identity) before we act on certain requests.

Authorized Agents

If you use an authorized agent to submit a request (as defined under applicable law), you must provide the agent with written permission to act on your behalf. We may request proof of that authorization and may deny requests where authorization cannot be verified.

Appeals

If we decline to act on your request, you may appeal by emailing support@anuvyx.com. Your appeal should (1) provide enough information for us to verify your identity and locate the original request and (2) explain the basis for the appeal. We will respond as required by law.

Model Output Accuracy (Arex)

Services like Arex generate outputs by predicting likely next words based on your input. This means outputs may be inaccurate or incomplete. Do not rely on model outputs for factual accuracy. If Arex output includes inaccurate Personal Data about you, you may request correction or removal at support@anuvyx.com. We will consider your request in light of applicable law and the technical limitations of our models.

International Data Transfers

Anuvyx processes Personal Data on servers located in multiple jurisdictions, including the United States. Regardless of where processing occurs, we apply the protections described in this Privacy Policy and transfer Personal Data only under legally valid transfer mechanisms.

Do Not Track

There is currently no industry consensus on how to respond to “Do Not Track” signals. Accordingly, we do not alter our data practices when we detect such signals from your browser.

Our “Services” are not intended for children under 13. Children under 13 must not register for or use the Services, and we do not knowingly collect personal information from them. If you believe a child under 13 has provided personal data to Anuvyx, please email support@anuvyx.com. We will investigate and, where appropriate, delete the information from our systems.

Teens (13 to 17): Users aged 13 to 17 may use the Services only with a parent or legal guardian’s permission, and we encourage parents or guardians to monitor their teens’ use.

Content advisory: Depending on how you interact with the Services, including the modes or features you choose, the Services may occasionally surface mature material, such as suggestive dialogue, coarse language, crude humor, references to sexual situations, or violence. We implement safeguards to reduce such content, but the Services are not appropriate for all ages.

Local laws: Where applicable law sets a higher minimum age for consent to online services, we will follow that higher age threshold.

We employ commercially reasonable technical, administrative, and organizational safeguards to help protect personal data against loss, misuse, and unauthorized access, disclosure, alteration, or destruction. That said, no method of transmission over the internet or of electronic storage is completely secure, and we cannot guarantee absolute security.

You can help keep your information safe by:

• Protecting your login credentials and using strong, unique passwords,
• Limiting access to your devices, and
• Signing out of your accounts after each session.

Please choose carefully what you share through the “Services”, email, or other online communications. We are not responsible for any bypass of privacy settings or security measures on the “Services”, nor for the security practices of third-party websites or services.

We may revise this Privacy Policy periodically. When we do, we will post the updated version on this page and indicate the new Effective Date. If applicable law requires additional notice (for example, email or an in-product message), we will provide it. Unless stated otherwise, changes take effect on the Effective Date. By continuing to use the “Service” after that date, you agree to the updated Policy. For material changes, we will notify you in advance and, where required, seek your consent.

If you have questions, concerns, or complaints about how we collect, use, or store your personal information, or if you wish to exercise any privacy rights, please contact us:

Anuvyx S.A.S – support@anuvyx.com