Overview
askarc.app is developed by FenxLabs and operated by FenixMinds B.V., a Dutch private limited company, KvK number 91762782. This privacy policy explains how personal data is collected, used, stored, and protected when you visit or use askarc.app and related services. Processing of personal data complies with the European General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and the Dutch implementation laws including the Uitvoeringswet AVG.
Data Controller and Contact
Personal Data Processed and Purposes
1. Account and identity data: Name, email address, username, password for account creation and authentication. Purpose: Service provision and account management. Lawful basis: Performance of a contract and legitimate interests for account security (Article 6(1)(b) and 6(1)(f) GDPR).
2. Service usage data: Logs, timestamps, IP addresses, device and browser identifiers, usage analytics to operate, maintain, analyse and improve the service. Purpose: Service quality, security, fraud detection, product improvement. Lawful basis: Legitimate interests (Article 6(1)(f) GDPR).
3. Content you provide: Text, files, prompts, messages and any uploaded data used to deliver the requested functionality. Purpose: To provide, train, and improve services where applicable. Lawful basis: Performance of a contract and user consent where required (Article 6(1)(b) and 6(1)(a) GDPR).
4. Payment and billing data: Billing name, billing address, payment identifiers when purchases or subscriptions occur. Purpose: Billing and compliance with financial obligations. Lawful basis: Performance of a contract and legal compliance (Article 6(1)(b) and 6(1)(c) GDPR).
5. Support and communications: Correspondence, support tickets, and feedback for customer service and dispute resolution. Purpose: Provide support and respond to inquiries. Lawful basis: Performance of a contract and legitimate interests (Article 6(1)(b) and 6(1)(f) GDPR).
6. Marketing and newsletters: Email for marketing when consent is given. Purpose: Sending service updates and offers. Lawful basis: Consent (Article 6(1)(a) GDPR). Consent can be withdrawn at any time.
Lawful Bases, Retention and Automated Decision Making
Lawful bases: Processing relies on one or more lawful bases under GDPR, primarily Article 6(1)(a) consent, Article 6(1)(b) performance of a contract, Article 6(1)(c) legal obligation, and Article 6(1)(f) legitimate interests.
Retention periods: Personal data is retained only as long as necessary to fulfill the purposes stated, to comply with legal obligations, or to resolve disputes. Account data is retained for the lifespan of the account plus a reasonable period for legal compliance and fraud prevention. Usage logs are retained for a defined period for security and analytics, generally no longer than 24 months unless otherwise required.
Automated decision making: The service does not perform automated decisions that produce legal effects or similarly significantly affect users unless explicitly disclosed and based on consent or contract. Where automated profiling occurs that has legal or similarly significant effects, clear information and rights to human review are provided in compliance with Article 22 GDPR.
Recipients, International Transfers and Security
Recipients: Personal data may be shared with service providers and subprocessors that perform services on behalf of FenixMinds B.V., including hosting, analytics, payment processors, and customer support platforms. Each recipient is contractually bound to process data only on documented instructions and to implement appropriate safeguards.
International transfers: Transfers of personal data outside the European Economic Area are subject to GDPR safeguards. Transfers rely on an adequate decision, standard contractual clauses, or other permitted transfer mechanisms under Chapter V GDPR (see Article 44 and following). Data subjects may request details of transfer mechanisms by contacting privacy@fenxlabs.ai.
Security measures: Appropriate technical and organizational measures are implemented to protect personal data against unauthorized access, loss, alteration, or disclosure. Security measures include encryption in transit, access controls, regular security assessments, and incident response procedures.
Data breaches: In the event of a personal data breach that is likely to result in a risk to individuals' rights and freedoms, FenixMinds B.V. will notify the competent supervisory authority without undue delay and, where required by Article 34 GDPR, communicate the breach to affected individuals.
Rights of Data Subjects and Complaints
Rights available: Users have the right to access their personal data (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), data portability (Article 20 GDPR), objection to processing (Article 21 GDPR), and to withdraw consent where processing is based on consent (Article 7(3) GDPR).
How to exercise rights: Requests to exercise rights should be sent to privacy@fenxlabs.ai. Requests will be responded to without undue delay and in accordance with statutory time limits. Proof of identity may be required to prevent unauthorized disclosure.
Complaints: Users may lodge a complaint with the Dutch Data Protection Authority Autoriteit Persoonsgegevens or another competent supervisory authority in the EU if they consider their rights under the GDPR have been infringed.
Cookies, Tracking and Cookie Disclaimer
Cookies used: askarc.app uses cookies and similar technologies for essential service operation, preferences, security, and analytics. Cookie categories include: essential cookies for authentication and load balancing; functional cookies for preferences; analytics cookies to measure and improve service performance; advertising cookies only where distinct consent is obtained.
Cookie consent: Non-essential cookies are placed after obtaining prior informed consent in line with ePrivacy requirements and GDPR. Consent is voluntary and can be withdrawn at any time via the cookie settings on the site or by contacting privacy@fenxlabs.ai.
Managing cookies: Users can manage cookie preferences through the cookie banner and browser settings to block or remove cookies. Blocking essential cookies may prevent access to certain features.
Third-party tracking: Third-party analytics and advertising services may set cookies. Data shared with third parties is limited to identifiers and aggregated metrics unless the user explicitly provides additional information. Third-party processing is governed by contracts and applicable transfer safeguards.
Additional Legal and Practical Information
Children: The service is not directed to children under 16. Personal data of minors will be processed only with verifiable parental consent where required by applicable law.
Changes to this policy: This policy may be updated. Material changes will be communicated via the app or by email where required. Continued use after notice constitutes acceptance of the updated policy.
Contact for privacy matters: privacy@fenxlabs.ai for rights requests, data transfer details, DPO contact, and other privacy questions.
Governing law: Applicable substantive law is Dutch law and EU data protection law where applicable. Disputes are subject to competent courts unless otherwise agreed by mandatory rules.
About AskArc's AI Solution
askarc.app integrates and orchestrates outputs from multiple AI models and services, including third-party general-purpose and specialist models. Users must be informed that responses, suggestions, summaries or other generated content may be produced wholly or in part by one or more automated models provided by third parties.
- We disclose when a response is generated or substantially shaped by AI at the start of the first interaction and in any place where AI-generated content could be mistaken for human-authored content.
- We identify third-party model providers and the role they play in producing outputs in our transparency notices and in documentation available on request.
- Outputs that are wholly or partially synthetic are labelled as AI-generated in a human-readable manner and, where technically feasible, in a machine-readable format to meet applicable transparency obligations.
- For incorporated general-purpose AI models we publish a concise summary of their high-level characteristics and training data categories sufficient to meet applicable transparency requirements and help downstream deployers and users assess risks.
- We maintain logging, provenance and traceability records linking outputs to the model(s) and model versions used, the input prompts, timestamps and any post-processing steps to support auditability, incident investigation and user requests.
- Where model outputs could materially affect rights, legal status, or important interests of a person, we implement human-in-the-loop review, the ability to contest or correct outputs, and other mitigation measures proportionate to the risk.
- We contractually require equivalent safeguards from third-party providers and subprocessors, including obligations on data protection, security, documentation and assistance in conformity assessments where applicable.
- We continuously monitor legal and regulatory developments (including the EU AI Act) and update model disclosures, risk assessments and technical measures to remain compliant.