top of page
Activist_Logo2_FC_Neg.png

PRIVACY POLICY

Activist Technologies PBC Web Service & Mobile Application
Effective Date and Last Revised: May 1, 2026
 
IMPORTANT NOTICE — US RESIDENTS ONLY
Please immediately cease using this site and application if you are not a U.S. resident. We do not knowingly collect personal information from non-US residents. Any data inadvertently collected from non-US residents will be promptly deleted upon discovery. The website and mobile application are intended solely for use by residents of the United States of America or the U.S. Territories. By accessing or using our services, you represent and warrant that you are a resident of the United States or one of the US territories. 
 
1.Introduction
Welcome to Activist Technologies PBC (“Activist,” “We," "Our," or "Us"). This Privacy Policy, taken as part of the Activist Terms of Service (https://activistarc.com/terms), explains how we collect, use, disclose, and safeguard your personal information when you use our web-based service available at https://activistarc.com and our mobile application (collectively, the "Service," “Services,” or "App").
 
By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy and in the Activist Terms of Service (https://activistarc.com/terms). If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.
 
This policy applies to all users of the Service, regardless of the device or platform used to access it, to all personal information collected through our Services, including information collected online, via mobile devices, and through any related customer service interactions. It does not apply to information we collect about our employees, contractors, or job applicants, which is addressed in separate internal policies.
 
We have designed our Services for residents of the United States or the US territories only. We use technical and contractual measures to restrict access to US residents. We do not intentionally target or solicit users outside the United States, and we will delete any data provided to us from a User who is determined to be a nonresident of the US or its territories.
 
2.Information We Collect
We collect various types of information in connection with your use of the Service, including: A. Information You Provide Directly:

  1. Account registration details (e.g., name, email address, username, and password)

  2. Profile information (e.g., profile photo, display name, biography)

  3. Communications you send us, including support requests and feedback

  4. Payment and billing information (if charged and processed securely through third-party payment processors)

  5. User-generated content, including posts, comments, uploads, and other materials you submit

  1. Information Collected Automatically - When you use the Service, we automatically collect certain technical and usage information, including:

    1. Device information: device type, operating system, browser type and version, unique device identifiers (e.g., IDFA, Android Advertising ID)

    2. Log data: IP address, access times, pages or screens viewed, links clicked, and referring URLs

    3. Usage data: features used, time spent on the Service, search queries, and interaction patterns

    4. Location data: general geographic location based on IP address; precise GPS location (mobile app only, with your permission)

    5. Cookies and similar tracking technologies: session cookies, persistent cookies, pixel tags, and web beacons (see Section 7 for details)

  2. Information from Third Parties - Activist may receive information about you from third-party sources, including:

    1. Social login providers (e.g., Google, Apple, Facebook) if you choose to register or sign in using those accounts

    2. Analytics partners and advertising networks

    3. Publicly available sources and data aggregators

    4. Other users who may reference or tag you within the Service

  3. Sensitive Personal Information - Certain categories of personal information are considered "sensitive" under applicable state privacy laws and receive heightened protection. If Activist collects any of the following categories of sensitive personal information, we will do so only with your explicit opt-in consent or as otherwise required by law:

    1. Social Security number, driver's license number, state identification card number, or passport number.

    2. Financial account information, including account numbers and access credentials.

    3. Precise geolocation data (location within a radius of 1,750 feet or less).

    4. Racial or ethnic origin, religious or philosophical beliefs, or union membership.

    5. The contents of private communications (mail, email, or text messages) unless we are the intended recipient.

    6. Genetic data or biometric information processed for identification purposes.

    7. Personal information concerning a consumer's health, sex life, or sexual orientation.

    8. Personal information of known minors (children under 18 years of age).

    9. Immigration status.

    10. Mental health information.

We limit our collection of sensitive personal information to what is strictly necessary for the purposes described in this Policy and do not use sensitive personal information for purposes beyond those for which it was collected without your additional consent.
 
3.How We Use Your Information

  1. We process your personal information only for the purposes identified at or before the time of collection, and only as reasonably necessary and proportionate to achieve those purposes. Our primary purposes are:

    1. To Operate and Provide the Service you requested.

    2. Create and manage your account.

    3. Authenticate your identity and maintain session security.

    4. Process transactions and send related communications.

    5. Provide customer support and respond to inquiries.

    6. Deliver the features and functionality of the Service.

    7. To Improve and Personalize:

      1. Analyze usage trends and user behavior to improve the Service.

      2. Personalize your experience, including content recommendations.

      3. Conduct research and development of new features.

      4. Perform testing, debugging, and quality assurance.

    8. To Communicate With You:

      1. Send administrative notices, such as updates to our Terms of Service or this Privacy Policy.

      2. Send system promotional communications (where you have opted in to send or receive them).

      3. Respond to your requests, questions, and comments.

      4. Provide service-related notifications (e.g., account activity, security alerts).

      5. Provide marketing-related communications, including targeted marketing opportunities.

    9. For Safety, Security, and Legal Compliance:

      1. Detect, investigate, and prevent fraud, abuse, or other harmful activity.

      2. Enforce our Terms of Service and other applicable agreements.

      3. Comply with applicable laws, regulations, legal processes, and government requests.

      4. Protect the rights, property, and safety of Activist, our users, and the public.

    10. Business operations: 

      1. To conduct internal audits.

      2. To maintain records. 

      3. Facilitate business transactions (such as mergers or acquisitions).

      4. To manage our business relationships.

  2. Data Minimization

    1. Consistent with the requirements of several state privacy laws, including Maryland's Online Data Privacy Act, we collect only the personal information that is adequate, relevant, and reasonably necessary for the disclosed purpose. We do not retain personal information for longer than is reasonably necessary to fulfill the purposes for which it was collected. Our data retention schedules are reviewed annually.

  3. No Sale of Sensitive Personal Information

    1. We do not sell sensitive personal information under any circumstances. We do not use or disclose sensitive personal information for purposes other than those described in this Policy without first obtaining your explicit consent. This prohibition applies regardless of whether you have exercised a separate opt-out right.

 
4.How We Share Your Information

  1. We do not sell your personal information to data brokers or other third parties for monetary compensation in the traditional sense. However, as described below, certain disclosures of personal information to third parties for cross-context behavioral advertising may constitute a "sale" or "sharing" under applicable state law (including the CCPA/CPRA). You have the right to opt out of such disclosures as described in Section 7.

  2. Authorized Disclosures

    1. Service providers and contractors: We share personal information with vendors that perform services on our behalf (cloud hosting, payment processing, analytics, email delivery, customer support). These parties are contractually prohibited from using your data for any purpose other than performing services for us.

    2. Business partners: With your consent, we may share information with carefully selected partners to offer you joint products, services, or promotions.

    3. Affiliated entities: We may share information within our corporate family, subject to this Policy and applicable law.

    4. Legal and regulatory authorities: We may disclose information if required by law, subpoena, court order, or regulatory process, or to protect the rights, property, or safety of our company, users, or others.

    5. Business transfers: If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website if your data becomes subject to a different privacy policy.

    6. Aggregated or De-Identified Data - We may share aggregated or de-identified information that cannot reasonably be used to identify you with partners, advertisers, or the public for research, analysis, or similar purposes.

    7. With your consent: We will share information with third parties when you have given us explicit consent to do so.

  3. Advertising and Analytics Partners

    1. We may disclose identifiers, usage data, and inferences to advertising technology companies and analytics providers for targeted advertising and measuring ad effectiveness. This disclosure may constitute a "sale" or "sharing" of personal information under California law and an "opt-outeligible" disclosure under other state laws. You may opt out of these disclosures as described in Section 7. We honor Global Privacy Control (GPC) signals as an opt-out of sale and sharing.

 
5.Cookies and Tracking Technologies
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your interactions with the Service. Cookies are small text files stored on your browser or device. We use the following types of cookies:

  1. Essential cookies: Required for the Service to function properly (e.g., authentication, session management)

  2. Analytics cookies: Help us understand how users interact with the Service (e.g., Google Analytics)

  3. Preference cookies: Remember your settings and preferences for a personalized experience

  4. Marketing cookies: Used to deliver relevant advertisements (only where applicable and with consent) You can control cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the Service. We also honor browser-based Global Privacy Control (GPC) signals, which we treat as an opt-out of sale and sharing of personal information under applicable state law. For more information, please visit our Cookie Policy at https://activistarc.com/cookie-policy.

 
6.State-Specific Privacy Rights
Depending on your state of residence, you may have certain rights regarding your personal information under applicable state law. The table below, as of the date of creation of this Privacy Policy, summarizes the comprehensive state consumer privacy laws currently in effect in the United States and the primary rights they confer.


California (CCPA/CPRA)
Jan 1, 2020 / Jan 1, 2023
Access, delete, correct, opt-out of sale/sharing, limit sensitive data use, portability


Virginia (VCDPA)
Jan 1, 2023
Access, delete, correct, opt-out of sale, targeted ads, and profiling


Colorado (CPA)
July 1, 2023
Access, delete, correct, opt-out of sale, targeted ads, and profiling


Connecticut (CTDPA)
July 1, 2023
Access, delete, correct, opt-out; minors' data protections


Utah (UCPA)
Dec 31, 2023
Access, delete, opt-out of sale and targeted ads


Texas (TDPSA)
July 1, 2024
Access, delete, correct, opt-out of sale, targeted ads, and profiling


Florida (FDBR)
July 1, 2024
Access, delete, correct, opt-out (large businesses only)


Montana (MCDPA)
Oct 1, 2024
Access, delete, correct, opt-out; enhanced geo-location controls


Oregon (OCPA)
July 1, 2024
Access, delete, correct, opt-out; strict geo-location/minor data rules


New Jersey (NJDPA)
Jan 15, 2025
Access, delete, correct, opt-out of sale, and targeted ads


New Hampshire (NHPA)
Jan 1, 2025
Access, delete, correct, opt-out


Nebraska (NDPA)
Jan 1, 2025
Access, delete, correct, opt-out


Iowa (ICDPA)
Jan 1, 2025
Access, delete, opt-out of sale and targeted ads


Delaware (DPDPA)
Jan 1, 2025
Access, delete, correct, opt-out; children's protections


Tennessee (TIPA)
July 1, 2025
Access, delete, correct, opt-out


Minnesota (MCDPA)
July 31, 2025
Access, delete, correct, opt-out; data minimization


Maryland (MODPA)
Oct 1, 2025
Strict data minimization; sensitive data restrictions


Indiana (ICDPA)
Jan 1, 2026
Access, delete, correct, opt-out; sensitive data opt-in


Kentucky (KCDPA)
Jan 1, 2026
Access, delete, correct, opt-out of sale, targeted ads


Rhode Island (RIDTPPA)
Jan 1, 2026
Access, delete, correct, opt-out; sensitive data opt-in


The rights described above are subject to exceptions, limitations, and verification requirements under each applicable law. We respond to verified consumer requests within the timeframes required by applicable law (generally 45–60 days, with an additional 45 days where reasonably necessary). All rights described in this section are available to eligible residents of those states; residents of states without comprehensive privacy laws may contact us for good-faith customer service.

  1. Right to Know / Access

    1. You have the right to know whether we are processing your personal information and, if so, to request that we disclose: 

      1. the categories and specific pieces of personal information we have collected about you; 

      2. the categories of sources from which we collected that information; 

      3. the business or commercial purposes for the collection; 

      4. the categories of third parties to whom we have disclosed the information; and 

      5. the categories of personal information we have sold or shared (if applicable).

  2. Right to Delete

    1. You have the right to request that we delete personal information we have collected from you, subject to certain exceptions. We may deny your deletion request if retaining the information is necessary for our service providers or us to: 

      1. complete a transaction, 

      2. detect security incidents, 

      3. exercise free speech rights, 

      4. comply with legal obligations, 

      5. enable internal research, or 

      6. engage in other permissible uses under applicable law. 

When we delete your personal information, we will direct our service providers and contractors to do the same.

  1. Right to Correct

(i)    You have the right to request that we correct inaccurate personal information we maintain about you, taking into account the nature of the information and the purposes of its processing. We will use commercially reasonable efforts to correct inaccurate information upon receipt of a verified, substantiated request. 

  1. Right to Opt Out of Sale, Sharing, and Targeted Advertising

(i)    You have the right to opt out of the "sale" of your personal information and the "sharing" of your personal information for cross-context behavioral advertising (California), or the use of your personal information for targeted advertising (Virginia, Colorado, Connecticut, and most other state laws with active privacy requirements). To exercise this right:

  1. Click the "Do Not Sell or Share My Personal Information" link in our website footer.

  2. Toggle the "Opt Out of Targeted Advertising" setting in our mobile app's privacy settings.

  3. Enable the Global Privacy Control (GPC) signal in your browser, which we honor automatically.

  4. Submit a request through our Privacy Request Portal at [privacy@example.com]. We will process your opt-out request within 15 business days and will not require you to create an account to exercise this right.

  1. Right to Limit Use of Sensitive Personal Information

(i)    California residents have the right to direct us to limit the use and disclosure of sensitive personal information to uses necessary to perform our Services. Residents of Indiana, Kentucky, Rhode Island, and other states requiring opt-in consent for sensitive personal information are protected by our practice of not collecting such information without your prior explicit consent. To exercise your right to limit the use of sensitive data, contact us through our Privacy Request Portal.

  1. Right to Portability (Data Portability)

(i)    You have the right to receive a copy of your personal information in a portable, readily usable format that allows you to transmit the information to another entity. Upon receipt of a verified request, we will provide your personal information in a structured, commonly used electronic format (such as JSON or CSV).

  1. Right to Non-Discrimination / Non-Retaliation

(i)    We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you goods or services, charge you different prices, provide you with a different level of service quality, or retaliate against you in any way for submitting a privacy rights request.

  1. Opt-Out Preference Signals

(i)    We recognize and honor opt-out preference signals, including the Global Privacy Control (GPC), as a valid exercise of your right to opt out of the sale and sharing of personal information under applicable state law. When we receive a GPC signal from your browser, we will treat it as a request to opt out and will not require you to take any additional action to confirm the opt-out.
 
7.How to Exercise Your Privacy Rights
A. To submit a request to exercise any of the rights described in this Policy, you may use any of the following methods:

  1. Online Privacy Request Portal: https://activistarc.com/privacy  

  2. Email: privacy@activistarc.com 

  3. Toll-Free Phone: [1-800-242-2098] (available Monday–Friday, 9 AM–5 PM ET)

​

Postal Mail: 
Activist Technologies PBC
Attn: Privacy Team
6909 Laurel Ave, #5608
Takoma Park, MD 20912 B.

 

Verification of Identity
(i) To protect your personal information, we must verify your identity before processing most types of requests (except opt-out requests, which require no verification). We will request that you provide information we can match against our records. The level of verification required depends on the sensitivity of the request. We may use a third-party identity verification service. We will not use the information provided for verification for any purpose other than verifying your identity and responding to your request. C. Authorized Agents
(i)    You may designate an authorized agent to submit privacy requests on your behalf. An authorized agent must provide written proof of authorization (such as a signed power of attorney or written authorization letter). We may require you to directly verify your identity with us, even when using an authorized agent.
D. Response Times and Appeals
(i)    We will acknowledge receipt of your request within 10 business days and will respond substantively within 45 days. If we require additional time (up to 45 days in most states), we will inform you of the extension and the reason for it. If we deny your request in whole or in part, we will explain the reason. You have the right to appeal our decision by contacting our Privacy Team at [privacy@example.com]. We will respond to appeals within 60 days. If your appeal is denied and you are a resident of a state with a comprehensive privacy law, you may contact your state Attorney General.
 
8.Children's Privacy and Minors' Data

  1. Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from individuals under 18, as stated by the Children's Online Privacy Protection Act (COPPA).

  2. Enhanced Protections for Users Under 18

             (i)     In addition to COPPA compliance, we provide the following protections:

  1. Consent for sale/sharing: We do not sell or share the personal information of any known minor.

  2. No targeted advertising to minors: We do not use the personal information of known minors for targeted advertising.

  3. Age-appropriate design: We implement age-appropriate design principles consistent with the requirements of applicable state age-appropriate design codes.

  4. No profiling of minors: We do not engage in profiling of known minors.

  1. Any individual under the age of 18 who is discovered using our system will have their Activist Account and all User Data related to that account deleted. If you are the parent or legal guardian of a minor and you believe that a minor is using the Activist Services, please use the Online Privacy Request Portal (https://activistarc.com/privacy/) to alert us to the issue.

 
 
9.Data Security
A. We implement and maintain reasonable and appropriate technical, administrative, and physical security measures designed to protect the personal information we collect against unauthorized access, disclosure, alteration, loss, or destruction. These measures include:

  1. Encryption of personal information in transit using TLS/SSL protocols and encryption of sensitive personal information at rest.

  2. Access controls, including role-based access and multi-factor authentication for systems handling personal information.

  3. Regular security assessments, penetration testing, and vulnerability scanning.

  4. Employee privacy and security training programs.

  5. Incident response plans to detect, investigate, and respond to security breaches.

No security system is impenetrable. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately at support@activistarc.com. In the event of a data breach affecting your personal information, we will notify you and applicable regulatory authorities as required by applicable state breach notification laws.
 
10.Data Retention

  1. We retain personal information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. Our retention criteria include the nature and sensitivity of the personal information, the purposes for which it is processed, applicable legal and regulatory requirements, our legitimate business needs, and potential legal claims or disputes.

  2. When personal information is no longer needed, we securely delete or anonymize it. You may request deletion of your personal information as described in Section 7, subject to applicable exceptions.

 
11.Geographic Restrictions and Access Controls

  1. Our Services are intended solely for residents of the US and the US territories. We may employ any of the following measures to restrict access to US residents:

    1. IP address geolocation filtering to block or redirect traffic from outside the United States.

    2. Requiring users to represent their US residency during account registration affirmatively.

    3. Our Terms of Service contractually limit use to US residents.

    4. We do not knowingly collect or process personal information of nonresidents of the US or the US territories, including but not limited to the European Union, United Kingdom, Canada, or other non-US jurisdictions.

    5. In the event we inadvertently receive data from a non-US resident, we will promptly delete such data and will not process it for any other purpose.

  2. Because we restrict access to US residents, we do not offer GDPR, UK GDPR, or PIPEDA rights under this Policy. If you believe you are a non-US resident whose data was inadvertently collected, please contact us at privacy@activistarc.com, and we will process your deletion request promptly.

 
12.California-Specific Disclosures
A. This section provides additional disclosures required specifically under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and regulations issued by the California Privacy Protection Agency (CPPA).

  1. Categories of Personal Information Collected (Last 12 Months)

    1. Identifiers (name, email, IP address, account name)

    2. Customer records information (contact details, billing information)

    3. Commercial information (purchase history, browsing history on our Services)

    4. Internet or other electronic network activity information (interactions with our Services)

    5. Geolocation data (approximate, derived from IP)

    6. Inferences drawn to create a profile about your preferences

    7. Sensitive personal information (only where you have opted in and provided consent)

  2. Categories of Sources

    1. Directly from you when you use our Services or contact us.

    2. Automatically through cookies and tracking technologies.

    3. From our service providers and business partners (subject to your consent).

    4. From third-party analytics and advertising partners.

  3. Business / Commercial Purposes for Collection

    1. As described in Section 3 above. We do not collect personal information beyond what is described herein.

  4. California "Shine the Light" Law

    1. California Civil Code Section 1798.83 ("Shine the Light") permits California residents to request information regarding the disclosure of their personal information to third parties for those third parties' direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes without your consent. California residents may request confirmation of this policy by contacting us at privacy@activistarc.com.

  5. Automated Decision-Making Technology (ADMT)

    1. We may use automated decision-making technology, including profiling, in connection with our Services. In compliance with CPPA regulations effective in 2026, we provide the following disclosures:

      1. We use automated systems to personalize content and recommendations based on your usage patterns.

      2. Automated decision-making is not used to make decisions with significant legal or similarly significant effects on you without human review.

      3. You have the right to opt out of certain uses of ADMT, including profiling for targeted advertising, as described in Section 7.

 
13.Third-Party Links and Services
A. Our Services may contain links to third-party websites, applications, and services. This Policy does not apply to the practices of third parties whose products or services may be linked to or from our Services. We encourage you to review the privacy policies of any third-party services you choose to access. We are not responsible for the privacy practices or content of those third parties.
 
14.Changes to This Privacy Policy
A. We may update this Privacy Policy from time to time. When we make material changes, we will:  (i)       post the revised Policy on our website with an updated "Last Revised" date; 

  1. provide you with notice via email or a prominent in-app notification at least 30 days before the changes take effect; and 

  2. obtain your affirmative consent where required by applicable law.

Your continued use of our Services after the effective date of a revised Policy constitutes your acceptance of the changes, to the extent permitted by applicable law. We encourage you to review this Policy periodically.
 
15. Contact Us
A. If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, or to exercise your privacy rights, please get in touch with our Privacy Team:
             (i)     Privacy Team Contact Information

  1. Activist Address: 6909 Laurel Ave, #5608, Takoma Park, MD, 20912

  2. Activist Legal E-mail: legal@activistarc.com 

  3. Toll-Free: 1-800-242-2098 

  4. Online: https://activistarc.com/privacy/

  5. For security-related concerns: support@activistarc.com

  6. For media inquiries regarding privacy: support@activistarc.com 

  7. If you are a California resident and wish to contact the California Privacy Protection Agency (CPPA) about a complaint, you may do so at https://cppa.ca.gov. If you reside in another state with an active comprehensive privacy law, you may contact your state Attorney General's office if you believe your privacy rights have been violated and your appeal to us has been denied.

bottom of page