This Privacy Policy describes how AetherMind Studios (“AetherMind,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you visit aethermindstudios.com, use the Service Arc application at www.ServiceArcApp.com, or otherwise interact with us (collectively, the “Service”).
By using the Service, you acknowledge this Privacy Policy and our Terms of Service. If you use the Service on behalf of an organization, you represent that you have authority to accept this policy for that organization.
1. Roles and scope
For account and organization data you provide as a Service Arc customer, AetherMind generally acts as a service provider / processor on your behalf. You are responsible for the personal information you and your users upload about your customers, employees, and contractors, including providing any required notices and obtaining required consents.
For our marketing website, account administration, billing, security, and platform operations, AetherMind acts as a controller of information as described below.
2. Information we collect
Information you provide
- Account and profile data — name, email, phone, company name, job title, password or authentication tokens, and organization settings.
- Customer Data — operational records you submit, including customers, work orders, schedules, locations, notes, photos, signatures, team assignments, and uploaded files.
- Communications — support requests, demo inquiries, feedback, and correspondence with us.
- Billing information — subscription details and billing contact data. Payment card data is handled by Stripe; we do not store full card numbers.
- Integration data — tokens, identifiers, and sync metadata needed to connect third-party services such as QuickBooks Online.
Information collected automatically
- Usage and device data — IP address, browser type, device identifiers, operating system, pages viewed, features used, timestamps, and referral URLs.
- Log and diagnostic data — error reports, performance metrics, security events, and audit logs needed to operate and secure the Service.
- Cookies and similar technologies — session cookies, authentication tokens, and preference storage. See Section 10.
Information from third parties
- Authentication providers, payment processors, integration partners, and service providers that help us deliver the Service.
- Public or commercially available sources where permitted by law.
3. How we use information
We use information to:
- Provide, operate, maintain, and improve the Service
- Create and manage accounts, organizations, roles, and permissions
- Authenticate users and prevent fraud, abuse, and security incidents
- Process subscriptions, invoices, and payments
- Send transactional messages, service notices, and support responses
- Enable integrations you configure, including accounting and export workflows
- Monitor performance, troubleshoot issues, and develop new features
- Comply with law, enforce our Terms, and protect rights, safety, and property
- Send marketing communications where permitted; you may opt out as described in Section 11
We may use de-identified or aggregated data that does not reasonably identify you for analytics, benchmarking, and product improvement.
4. Legal bases for processing
Where applicable, we rely on:
- Contract — to provide the Service you request
- Legitimate interests — to secure, improve, and market the Service in a balanced way
- Consent — where required for certain communications or optional features
- Legal obligation — to comply with applicable law
5. How we share information
We do not sell your personal information. We may share information with:
- Service providers — hosting, authentication, email, analytics, customer support, and payment processors who process data under our instructions and contractual safeguards.
- Integration partners — when you enable a connection, such as QuickBooks Online or payment providers.
- Organization users — other users in your organization according to your role and permission settings.
- Professional advisors — lawyers, accountants, insurers, and auditors under confidentiality obligations.
- Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to continued protection of personal information.
- Legal and safety — when required by law, subpoena, court order, or governmental request, or when we believe disclosure is necessary to protect rights, safety, investigate fraud, or respond to security issues.
You are responsible for how you share Customer Data with your own customers, employees, and vendors outside the Service.
6. Third-party services
We use providers that may process data under their own policies, including:
- Google Firebase / Google Cloud — hosting, database, authentication, and storage
- Stripe — payment processing
- Intuit QuickBooks Online — when you connect accounting integration
- Email and notification providers — transactional messaging
Third-party websites and services linked from the Service are not controlled by us. Your use of them is governed by their own terms and privacy policies.
7. Data retention
We retain information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security. Retention periods may vary by data type and your organization’s status.
When an account is terminated, we may delete or anonymize data after a reasonable period, except where retention is required by law, for backup integrity, fraud prevention, or dispute resolution. You are responsible for exporting Customer Data before closure of your account.
8. Security
We use administrative, technical, and organizational measures designed to protect information, including HTTPS encryption in transit, organization-scoped access controls, authentication, and hosted infrastructure safeguards. Service Arc is hosted on Firebase (Google Cloud).
No method of transmission or storage is completely secure. You are responsible for safeguarding credentials, configuring user permissions appropriately, and notifying us promptly of suspected unauthorized access.
9. International users
The Service is operated from the United States. If you access the Service from outside the U.S., you understand that information may be processed and stored in the U.S. and other countries where we or our providers operate, which may have different data protection laws than your jurisdiction.
10. Cookies and tracking
We use cookies and similar technologies for authentication, session management, security, and basic analytics. You can control cookies through browser settings, but disabling them may limit Service functionality. We do not respond to “Do Not Track” browser signals in a uniform way across all third-party services.
11. Marketing and communications
We may send service-related messages that are necessary for account operation. We may also send product updates or marketing emails where permitted. You may opt out of marketing emails by following unsubscribe instructions or contacting us. Even if you opt out of marketing, we may still send transactional or legally required notices.
12. Your choices and rights
Depending on your location, you may have rights to:
- Access, correct, or delete certain personal information
- Object to or restrict certain processing
- Receive a portable copy of information you provided
- Withdraw consent where processing is consent-based
To make a request, contact us at servicearcapp@gmail.com. We may verify your identity before responding and may deny requests where permitted by law, including where fulfillment would impair others’ rights, confidentiality, or security. Organization administrators should manage end-user data within their Service Arc workspace where applicable.
13. U.S. state privacy notices
California residents
If you are a California resident, you may have additional rights under the CCPA/CPRA, including rights to know, delete, correct, and opt out of certain sharing. We do not sell personal information as defined by California law. We may use service providers to perform business functions on our behalf. To exercise rights, contact us using the information below.
Other U.S. states
Residents of states with consumer privacy laws may have similar rights regarding access, deletion, correction, and appeal of denied requests. We will honor applicable legal requirements.
14. Children’s privacy
The Service is intended for business use and is not directed to children under 13 (or under 16 where applicable). We do not knowingly collect personal information from children. If you believe a child has provided information to us, contact us and we will take appropriate steps to delete it.
15. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date reflects the latest revision. Material changes may be communicated through the Service, email, or our website. Continued use after the effective date constitutes acceptance of the revised policy.
16. Limitation of liability
To the maximum extent permitted by law, AetherMind is not liable for unauthorized access, disclosure, or loss of information caused by factors outside our reasonable control, including your failure to safeguard credentials, misconfigured permissions, third-party service failures, or events of force majeure. Our overall liability related to the Service is subject to the limitations in our Terms of Service.
17. Contact us
Privacy questions or requests: Contact page or servicearcapp@gmail.com.
AetherMind Studios
Maine, USA
This Privacy Policy is provided for operational transparency. It is not legal advice. Consider having a qualified attorney review it for your specific business, customer base, and regulatory obligations.