Privacy Policy

Arythmatic Connect is a multi-tenant community platform. This Privacy Policy explains what information we collect when you create or join a workspace, how we use it, and the choices you have. By using the service you agree to the practices described here.

Arythmatic Connect is operated by Modern Identity Private Limited (“we”, “us”). When you use the service inside a workspace your employer or community organiser hosts, that organisation is the data controller for your workspace content; we act as a data processor on their behalf.

We use the information above to:

• Provide the service — render workspaces, deliver messages, sync presence.
• Authenticate you and protect accounts from unauthorised access.
• Send transactional emails (verification, invitations, digests) via AWS SES.
• Diagnose errors and improve performance.
• Operate internal product analytics. We do not embed advertising-analytics SDKs or sell behavioural data to third parties; usage signals are aggregated server-side from your activity for capacity planning and feature decisions.
• Comply with legal obligations and respond to lawful requests.

We do not sell your personal information, and we do not use the contents of your messages to train AI models without an explicit, workspace-level opt-in.

We rely on a small set of trusted vendors to operate the service. Each receives only the data needed for their function and is bound by a data-processing agreement.

• Auth0 (Okta, Inc.) — identity, login, password storage, multi-factor authentication.
• Hostinger International Ltd. — application hosting, database, and in-memory cache.
• Amazon Web Services (S3) — file and image attachment storage.
• Amazon Web Services (SES) — transactional email delivery.
• Sentry (Functional Software, Inc.) — client-side error monitoring; receives stack traces and minimal request context, never message bodies.
• Google LLC — only when you connect Google Drive or YouTube; we exchange OAuth tokens with Google to fetch the resources you reference.
• Microsoft Corporation — only when you connect OneDrive; same OAuth-token model.
• Apple, Google, and Mozilla push gateways — when you enable push, your device or browser routes alerts through its vendor.

The list of subprocessors is current as of the “last updated” date above. When we add a new subprocessor we update this list and notify workspace admins by email.

The service is hosted in data centres operated by Hostinger International Ltd., with backups stored on the same provider. File attachments and transactional email are processed by Amazon Web Services in the United States. The service is offered worldwide; if you access it from outside the country in which our provider’s data centre is located, your information will be transferred there. For transfers out of the European Economic Area, the United Kingdom, or Switzerland we rely on standard contractual clauses and the relevant adequacy decisions.

We keep workspace content for as long as your workspace is active. When a workspace or account is deleted by its administrator, the content is removed from production systems within 30 days, and the corresponding rows are dropped from rotating backups within 35 days. Account data persists until you delete your account or until the workspace that created the account is deleted (whichever first).

Limited records may be retained beyond these windows where we are required to do so by law (for example, financial records for tax purposes, or evidence preserved in response to a lawful request).

Depending on where you live you may have rights to access, correct, delete, restrict, port, or object to processing of your personal information, and to lodge a complaint with a supervisory authority. Contact us at the address in Section 12 to exercise these rights.

Workspace content is controlled by the workspace admin — requests for content held inside a workspace should be sent to that admin first; we will route requests we receive to the relevant controller.

We use TLS for all traffic, encryption at rest for stored integration tokens, and Auth0 for credential handling. Access to production systems is limited to a small operations team, requires multi-factor authentication, and is audited. No system is perfectly secure — if you suspect your account has been compromised, contact us immediately at support@arythmatic.cloud.

The service is not directed to children. You must be at least eighteen (18) years of age to use the service. Where applicable local law permits use by minors at or above a lower minimum age, the workspace admin is responsible for obtaining verifiable parental or guardian consent before inviting the minor. We do not knowingly collect personal information from a child below the applicable minimum age without that consent, and we will delete it if we learn we have.

Arythmatic Connect maintains a zero-tolerance stance on child sexual abuse material (CSAM) and child sexual exploitation and abuse (CSAE). Our full Child Safety Standards — covering prohibited content, reporting mechanisms, and cooperation with the National Center for Missing & Exploited Children (NCMEC), India’s National Cyber Crime Reporting Portal, the Internet Watch Foundation, and INHOPE-network hotlines — are published at /child-safety. Reports should be sent to support@arythmatic.cloud with the subject line beginning “CSAE Report”.

We use a small number of strictly-necessary cookies and equivalents (e.g. localStorage entries) to keep you signed in, preserve your workspace selection, remember your theme preference, and prevent abuse. We do not use third-party advertising or cross-site tracking cookies. Where local law requires consent for non-essential cookies, we surface that consent in-product.

We may update this policy from time to time. Material changes will be notified to workspace admins by email and posted at the top of this page at least thirty (30) days before they take effect, except where a change is required by law or to address an active security risk. Continued use of the service after the effective date indicates acceptance.

Questions, requests, or concerns about this policy can be sent to support@arythmatic.cloud.

Postal address: Modern Identity Private Limited, 8-1-164/345/A/1, Pragati Colony, Mailardevpally, Hyderabad 500005, Telangana, India.

In accordance with the Information Technology Act, 2000 and the rules made thereunder — including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 — Modern Identity Private Limited has designated the following Grievance Officer to address complaints from users in India:

• Name: Sumit Kumar Tiwari
• Designation: Co-Founder
• Email: sumit@askmeidentity.com
• Address: Modern Identity Private Limited, 8-1-164/345/A/1, Pragati Colony, Mailardevpally, Hyderabad 500005, Telangana, India

The Grievance Officer will acknowledge complaints within twenty-four (24) hours and dispose of them within fifteen (15) days of receipt, in line with the IT Rules timelines.