Privacy Policy

Full text

Arterial Privacy Policy
Effective Date: March 19, 2026

Arterial, Inc. ("Arterial," "we," "us," or "our") respects your privacy. This Privacy Policy describes how we collect, use, disclose, and protect information when providing our Services - including our website, hardware (e.g., ARTIE camera systems), software, analytics dashboard, APIs, and data products (collectively, the "Services").
By accessing or using the Services, you ("Customer," "you," or "your") agree to the collection and use of information in accordance with this policy.

1. Information We Collect
1.1 Customer-Provided Data
  - Information you share when you sign up, request a demo, contact us, or otherwise interact with us (e.g., name, email, phone number, organization).
  - Billing and payment information (if applicable).
1.2 Data Collected via Hardware & Services
When our hardware (e.g., ARTIE camera) is deployed as part of the Services, we collect:
  - Imagery, video, and sensor data (e.g., from cameras, GPS, inertial sensors).
  - Metadata such as timestamp, GPS coordinates, and vehicle-related data.
  - Derived data and analysis outputs (hazard detections, pavement condition scores, field inventory, and similar outputs).
1.3 Automatically Collected Information
When you use our website or dashboard, we may automatically collect:
  - Log data (IP address, browser type, pages visited, access times).
  - Usage data (how you interact with the dashboard, APIs, and other tools).
  - Subject to your privacy choices, optional analytics data collected through cookies or similar technologies to understand site performance and usability.

2. How We Use the Information
We use the information we collect for a variety of purposes, including:
  - To provide, operate, and maintain the Services.
  - To develop, improve, and optimize our machine learning models, analytics, and overall platform.
  - To measure website performance and usability, only when you have opted in to non-essential analytics or similar technologies.
  - To generate reports and insights (e.g., hazard maps, road-condition assessments).
  - To support data-as-a-service offerings.
  - For research, quality assurance, and internal testing.
  - For billing, account management, and customer support.
  - For marketing and promotional purposes, if you have given your explicit consent.
  - To comply with legal obligations and enforce our Terms of Service.

2.1 Legal Basis for Processing (GDPR)
Where applicable, we process personal data under the following legal bases:
  - Consent - where you have provided explicit permission (e.g., optional analytics, marketing).
  - Contract - where processing is necessary to provide our Services.
  - Legitimate Interests - to improve, secure, and operate our platform, provided such interests are not overridden by your rights.
  - Legal Obligations - where required to comply with applicable laws.

You may withdraw consent at any time through our privacy controls.

3. Disclosure of Information
We may share information with the following categories of third parties:
  - Infrastructure providers (e.g., cloud hosting, databases).
  - Analytics providers (only where consent is provided).
  - Service providers supporting our platform operations.

All third parties are contractually obligated to protect data and use it only for specified purposes.

We do not sell personal information.

4. Security
We take the security of your data seriously. We maintain administrative, technical, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction. We use industry-standard encryption protocols and access controls to safeguard your information.

However, no system is 100% secure, and we cannot guarantee absolute protection of your data.

5. Privacy & Public Spaces / Imagery Considerations
  - Our hardware typically captures images in public spaces, where there is no expectation of privacy for passersby in many jurisdictions.
  - We do not intentionally identify individuals (e.g., facial recognition is not a core service), and we do not use data for tracking identifiable people unless explicitly agreed in a contract.
  - We are committed to privacy by design, minimizing collection of personally identifiable information, and limiting data use to authorized purposes.
  - If local laws or agency policies require data anonymization or blurring, we will work with you to implement appropriate measures.

6. Data Retention
We retain non-personal information as long as necessary to fulfill the purposes outlined in this Privacy Policy. Personal information provided by customers will be retained as long as needed for the purpose for which it was collected, and in compliance with applicable legal requirements.

7. Your Privacy Rights
Depending on your jurisdiction, you may have the right to:
  - Access the personal data we hold about you.
  - Request correction of inaccurate data.
  - Request deletion of your data.
  - Object to or restrict processing.
  - Request data portability.
  - Withdraw consent at any time.

To exercise these rights, contact: privacy@arterial.us

We will respond in accordance with applicable laws.

8. California Privacy Rights
We do not sell or share personal information as defined under California law.

California residents have the right to:
  - Know what personal information is collected and how it is used.
  - Request deletion of their personal information.
  - Opt out of the sale or sharing of personal information.
  - Not be discriminated against for exercising these rights.

To make a request, contact: privacy@arterial.us

We honor Global Privacy Control (GPC) signals where required.

9. AI and Machine Learning
We may use data collected through our Services to develop and improve machine learning models and analytics.
  - We prioritize the use of aggregated or de-identified data where possible.
  - We do not use personal data to train models without an appropriate legal basis.
  - We do not use our systems for facial recognition or individual tracking unless explicitly agreed in a contractual context.
  - We implement safeguards to reduce bias and support responsible AI use.

Customers may contact us to request limitations on data use where applicable.

10. Cookies and Tracking Technologies
We use cookies and similar technologies to:
  - Enable essential website functionality.
  - Store your privacy preferences.
  - Provide optional analytics (only with your consent).

Optional analytics and tracking technologies are disabled by default and only activated upon opt-in.

You may manage your preferences at any time through our privacy controls or browser settings.

11. International Data Transfers
Our Services are operated in the United States.

If you access our Services from outside the U.S., your data may be transferred to and processed in the U.S.

Where required, we implement appropriate safeguards for international data transfers.

12. Children's Privacy
Our Services are not directed to children under 13, and we do not knowingly collect personal information from children.

13. Third-Party Links
Our Services may include links to third-party services. We are not responsible for their privacy practices or policies. We recommend that you review the privacy policies of any linked websites.

14. Compliance & Legal Requests
  - If we receive a subpoena, court order, or other legal request for data, we will, where legally permitted, provide notice and cooperate unless prohibited.

15. Changes to this Privacy Policy
We may update this policy from time to time. When we make material changes, we will:
  - notify you (e.g., via your dashboard, email, or website); and
  - provide the new Effective Date.

Your continued use of the Services after we post changes constitutes your acceptance of the revised policy.

16. Contact Us
If you have any questions about this Privacy Policy or your data, please contact us at:
privacy@arterial.us