Privacy Policy

Arqo is operated by Arqo, Inc., a Delaware corporation. For privacy questions or to exercise your rights, contact privacy@tryarqo.com.

Account information. Email address and an authentication identifier when you create an account. If you sign in with a third-party provider, we receive whatever that provider returns (typically email and a stable user ID).

Content you create. The screenplays, scene notes, character bibles, and other writing you save in Arqo. We treat this as your private work product.

Usage telemetry. Anonymized event data (which features you used, error reports, performance timings, funnel events such as signup completion and export starts). Used to fix bugs and improve the product. Sentry is our error tracker; we configure it to scrub form values and request bodies. PostHog is our product-analytics processor; we send only event names, identifiers, and counts — never the contents of your scripts.

Payment information. When you subscribe, Paddle (our merchant of record) collects your payment details and billing address. We never see your card number — Paddle returns us a customer reference, the price you paid, and the country (for tax purposes).

Cookies. Strictly necessary cookies for authentication and session management. Optional analytics cookies are off by default; you opt in via the cookie banner.

Feedback you submit. When you use the in-app feedback widget, we store the message you typed, the category you chose, the page URL, your browser user agent, and viewport size in our Supabase database. We also email a copy to our team inbox. Feedback submissions are retained indefinitely so we can track recurring issues, and are never shared with third parties beyond the email and database vendors listed in Section 5. You can request deletion of your submissions at any time by emailing privacy@tryarqo.com.

We use the data above to:

• Provide the screenwriting service you paid for
• Sync your scripts across your devices
• Send you transactional emails (billing receipts, password resets, important service notices)
• Run AI features when you actively invoke them (we send relevant context to model providers — see Section 5)
• Fix bugs and improve performance
• Comply with our legal obligations

We do not use your scripts to train AI models, ours or anyone else’s. We do not sell your data to anyone for any reason.

For users in the EU/UK, we process your data on these legal bases:

• Contract: processing necessary to provide the service you signed up for (account, scripts, billing)
• Legitimate interest: error reporting, security monitoring, fraud prevention
• Consent: optional analytics cookies, marketing emails (you can withdraw at any time)
• Legal obligation: tax records, response to lawful requests

We share data only with vendors strictly needed to run the service. Each is bound by a data processing agreement.

• Supabase (database + auth) — stores your account and scripts
• Vercel (hosting) — runs the application
• Anthropic (AI provider) — receives the context you send when you invoke an AI feature
• Paddle (merchant of record) — handles payment, tax, and invoicing
• Resend (email) — delivers transactional email
• Sentry (error tracking) — receives scrubbed error reports
• PostHog (product analytics) — receives anonymized event names, identifiers, and counts. Never the contents of your scripts.
• Upstash (rate limiting) — receives hashed IP addresses for rate-limit buckets
• Liveblocks (realtime collaboration) — provides the WebSocket infrastructure for collaborative script editing. Receives presence data (cursor position, who's online), document operations (CRDT updates), and user identifiers. Hosted in the US.

We may also disclose data when required by law, to protect our rights, or in connection with a corporate transaction (sale, merger). In a corporate transaction, your privacy rights carry over.

Our primary data centers are in the United States. If you’re in the EU/UK and your data is transferred to the US, the transfer is governed by the EU Standard Contractual Clauses or an equivalent mechanism in our agreements with each processor.

Active accounts: for as long as you keep your account.

After account deletion: we delete your scripts, account record, and AI usage data within 30 days. Backups containing your data cycle out within 90 days.

Billing records: Paddle retains transaction records for 7 years (tax obligation). We retain a minimal ledger of plan changes for the same period.

Depending on where you live (GDPR for EU/UK, CCPA for California, similar laws elsewhere), you have rights to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data (right to erasure / right to be forgotten)
• Export your data in a portable format
• Object to or restrict certain processing
• Withdraw consent (where processing is consent-based)
• Lodge a complaint with your local data protection authority

Most rights you can exercise yourself: export your scripts from the app, delete your account from Settings, opt out of analytics from the cookie banner. For anything else, email privacy@tryarqo.com and we’ll respond within 30 days.

Data in transit is encrypted with TLS. Data at rest is encrypted at the storage layer. Authentication uses secure session cookies with HttpOnly, Secure, and SameSite flags. We rotate secrets, run automated security checks on every deploy, and log access to sensitive infrastructure.

No system is perfectly secure. If you discover a vulnerability, please email security@tryarqo.com — we’ll respond within 72 hours.

Arqo is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has created an account, contact us and we’ll delete it.

We’ll update this policy as the service changes. Material changes get at least 30 days’ notice via email and an in-app notice. The “last updated” date at the top reflects the most recent revision.

Arqo, Inc., Delaware. privacy@tryarqo.com for privacy questions and rights requests. hello@tryarqo.com for everything else.