Privacy Policy

MainArc is a side project, we are not in the data business, and we collect only what we need to actually do the things you are asking us to do. If you visit the site, our hosting provider and analytics tool see basic technical data (IP address, browser type, pages viewed, referrer, time of visit) so we can tell whether anyone is reading and whether anything is broken, and that data sits in those providers' systems under their own privacy terms. If you sign up for the newsletter or download a free product, we collect your email address and whatever else you typed into the form, store it in an email service (something like ConvertKit, Buttondown, or Resend), and send you the things you asked for plus occasional updates that you can unsubscribe from any time with one click. If you contact us through any form on the site, we keep the message and your email so we can reply, and we keep it for as long as it takes to handle whatever you wrote in about. If you hire us for paid work, we keep your business contact details, invoicing information, and anything you send us as part of the project, for as long as we need to deliver the work plus whatever time we need to keep tax and legal records in order after that. We use cookies and similar tracking only for the basics: keeping the site working, remembering preferences, and seeing aggregate traffic patterns. We do not run ad networks or sell your data to anyone, ever. Now the AI part, which deserves its own breath: things you send us, including form submissions, business documents, project materials, and conversation history, may pass through third-party AI tools as part of how we operate, including large language models, design tools, and code generation tools, all of which have their own privacy and data handling policies we have read but cannot fully control; we pick tools that treat data reasonably, but if you have actually sensitive information (regulated, confidential, contractually restricted, or anything you would not want a major AI vendor's logs to see), tell us before you send it and we will handle that specific material outside our default AI workflow, and otherwise please assume that anything you send us may end up processed by one of these tools. We do not knowingly use your data to train any AI model, and we ask the tools we use to do the same where they offer the option, but the underlying behaviour of third-party AI providers is ultimately their decision. On your rights, you can ask us at any time to see what data we have about you, correct anything that is wrong, delete what we are holding (except where we are legally required to keep it), or take your data with you in a portable format, and we will respond within thirty days at the absolute outside. You can unsubscribe from any email we send using the link at the bottom of that email, which ends all marketing-style communication; transactional messages tied to paid engagements continue regardless. Data we hold gets reasonable security applied to it (encryption in transit, sensible access controls, secure providers), but no online service is perfectly safe, and if something does go wrong we will tell affected people within seventy-two hours of finding out, in plain language, with what we know and what we are doing about it. The site is not targeted at children under sixteen, and if you are under sixteen please use the site with a parent or guardian present. If you live somewhere with strong privacy laws (GDPR, CCPA, DPDP, and friends), the rights those laws give you apply to your data with us; writing to us is enough, you do not have to invoke the specific law by name. Data may be stored or processed in countries other than where you live, because the tools we use are hosted globally, and by using the site you accept that movement; where the law requires extra paperwork for those transfers, we rely on the standard contractual clauses and similar mechanisms our providers offer. If we change this policy, the date at the top updates and the new version goes live on the site; if the changes are significant and affect people who have given us their email, we will send a heads-up. To exercise any right, ask a question, or just yell at us about something, write to us with "privacy" in the subject line, and we will reply within thirty days and usually much faster. Despite running an AI-native lab, we are not in the business of knowing things about you that you have not chosen to tell us.