Privacy Policy

Last Updated: February 14, 2026
Effective Date: February 14, 2026
Version: 1.0

Table of Contents

1. Introduction
2. Information We Collect
   • 2.1 Personal Information You Provide
   • 2.2 Health and Fitness Data
   • 2.3 Automatically Collected Information
   • 2.4 Third-Party Data
3. Legal Basis for Processing
4. How We Use Your Information
5. Data Sharing and Disclosure
6. International Data Transfers
7. Data Retention
8. Your Rights
   • 8.1 GDPR Rights (EU/EEA Users)
   • 8.2 CCPA/CPRA Rights (California Users)
   • 8.3 LGPD Rights (Brazil Users)
   • 8.4 KVKK Rights (Turkey Users)
   • 8.5 How to Exercise Your Rights
9. Children's Privacy
10. Security Measures
11. Cookies and Tracking Technologies
12. AI, Profiling, and Automated Decision-Making
13. Changes to This Privacy Policy
14. Multi-Jurisdiction Governance
15. Contact Information
16. Legal Disclaimer

1. Introduction

ARNEOX (operated by FATİH ALAY ARNEOX YAZILIM, a Turkish sole proprietorship; "we", "our", "us", "ARNEOX") provides a comprehensive fitness ecosystem consisting of multiple applications including fitness tracking, nutrition management, and running applications (collectively, the "Service" or "ARNEOX Platform").

Website: www.arneox.com
Contact: privacy@arneox.com
Address: Merdivenköy Mah. Dikyol Sk. B Blok No: 2 İç Kapı No: 179, Kadıköy / İstanbul, Turkey

This Privacy Policy explains how we collect, use, disclose, store, and safeguard your information when you use our Service. By using ARNEOX, you acknowledge that you have read and understood this Privacy Policy.

Important: ARNEOX collects and processes sensitive health and fitness data. This data is classified as "special category data" under the General Data Protection Regulation (GDPR) Article 9 and requires your explicit consent. We take this responsibility seriously and have implemented comprehensive safeguards to protect your privacy.

Infrastructure: We are operating under Turkish law with data infrastructure hosted in Frankfurt, Germany (Supabase). In Q4 2026, we plan to migrate our corporate entity to Singapore ("ARNEOX Limited"), and this Privacy Policy will be updated accordingly with 30 days' advance notice.

2. Information We Collect

We collect several types of information to provide and improve our Service. Below is a comprehensive breakdown of all data categories we collect:

2.1 Personal Information You Provide

When you create an account and use ARNEOX, you directly provide us with:

• Account Information: Email address, phone number (optional), password (encrypted), username
• Profile Information: Full name, profile photo, biography, date of birth, gender, region, language preference, timezone
• Authentication Data: Login credentials, email/phone verification status, OAuth tokens (for Google Sign-In, future Apple Sign-In)

2.2 Health and Fitness Data

⚠️ SPECIAL CATEGORY DATA (GDPR Article 9)

ARNEOX processes sensitive health and fitness data that is legally classified as "special category data" requiring your explicit consent. This includes:

Body Composition Metrics:

• Height (cm), weight (kg), body fat percentage, muscle mass, bone mass, water percentage, visceral fat level
• Body Mass Index (BMI), Basal Metabolic Rate (BMR), metabolic age
• Body circumferences: neck, shoulders, chest, arms, forearms, waist, hips, thighs, calves
• Progress photos of your physique

Workout and Performance Data:

• Exercise logs: sets, reps, weight lifted (kg), Rate of Perceived Exertion (RPE), Reps in Reserve (RIR)
• Calculated one-rep max (1RM), workout duration, estimated calories burned
• Workout notes, form check videos, AI-powered form analysis (future feature)
• Performance trends, personal records, achievements, training milestones

Nutrition and Dietary Data (future features):

• Daily caloric intake, macronutrient breakdown (protein, carbohydrates, fat, fiber)
• Water intake, meal timing, supplement usage, dietary restrictions and preferences

Health Metrics:

• Mood tracking, sleep hours, readiness score
• Heart rate data, step count, active calories (synced from third-party devices)
• Health goals: target weight, target body fat percentage, goal type, target achievement date

AI Conversation Data (future ARNEOX Agent feature):

• Your messages to our AI fitness assistant
• AI-generated responses and recommendations
• Conversation context (may contain personal, health, or emotional information disclosed during interactions)
• Function calls, token usage statistics

2.3 Automatically Collected Information

When you use ARNEOX, we automatically collect:

• Device Information: IP address, User Agent, device type, operating system version
• Usage Data: Last sign-in timestamps, app version, feature usage patterns
• System Preferences: Notification preferences, privacy settings, measurement units (metric/imperial)
• Technical Identifiers: Push notification tokens, session IDs, crash logs

2.4 Third-Party Data

With your explicit consent, we may collect data from:

• Apple Health (iOS): Steps, heart rate, workouts, active calories, sleep data
• Google Fit (Android): Steps, heart rate, workouts, active calories, sleep data
• Future Integrations: Fitbit, Garmin, other fitness wearables (user opt-in required)

We store OAuth tokens for these services in an encrypted vault using AES-256 encryption.

3. Legal Basis for Processing

We process your data under the following legal bases, depending on your location and the type of data:

GDPR (EU/EEA Users) - Article 6 & Article 9

Important: For health data (GDPR Article 9 special category data), we rely on your explicit consent. You can withdraw this consent at any time, but this may limit core functionality of the Service.

KVKK (Turkey Users)

Under Turkish Personal Data Protection Law (KVKK), we process your data based on:

• Explicit Consent: For health data and marketing communications
• Contractual Necessity: To fulfill our service obligations
• Legitimate Interest: For analytics and service improvement (with your consent)

Note: KVKK requires stricter consent standards than GDPR. We obtain explicit, informed consent for all special category data processing.

CCPA/CPRA (California Users)

California law grants you specific rights (see Section 8.2). We process your data as a "Business" under CCPA. We do NOT sell your personal information.

LGPD (Brazil Users)

Under Brazilian General Data Protection Law (LGPD), we process your data based on:

• Consent: For health data and non-essential processing
• Contractual Performance: To provide the Service
• Legitimate Interest: For fraud prevention and service improvement

4. How We Use Your Information

We use your information for the following purposes:

Core Service Functionality

• Workout Tracking: Log exercises, track progress, calculate performance metrics (1RM, volume, trends)
• Personalized Training Programs: Generate customized workout plans based on your goals and performance
• Progress Analytics: Visualize body composition changes, strength gains, achievement milestones
• Account Management: Authenticate users, manage subscriptions, provide customer support

AI-Powered Features (Future)

• ARNEOX Agent: AI fitness assistant providing personalized coaching, answering fitness questions, analyzing your progress
• Form Analysis: AI-powered video analysis to provide feedback on exercise technique (under development)
• Predictive Analytics: Forecast progress toward goals, recommend training adjustments

Privacy Note: When using AI features (OpenAI/Anthropic Claude), we anonymize your data before sending it to third-party AI providers. Personal identifiers are removed.

Analytics and Improvement

• Service Optimization: Analyze feature usage to improve app performance and user experience
• Bug Tracking: Use Sentry for crash reporting and error monitoring
• User Profiling: Create personalized recommendations based on your fitness level and preferences

Important: We use profiling for personalization only, NOT for advertising or third-party data sales.

Communication

• Transactional Emails: Account verification, password resets, subscription confirmations
• Service Updates: Notify you of new features, policy changes, scheduled maintenance
• Marketing Communications (opt-in): Fitness tips, product announcements (you can unsubscribe anytime)

Legal and Security

• Compliance: Fulfill legal obligations (tax records retention, GDPR/KVKK compliance)
• Fraud Prevention: Detect and prevent account abuse, payment fraud, terms of service violations
• Data Breach Response: Investigate and respond to security incidents

5. Data Sharing and Disclosure

We do NOT sell your data. This is a core principle of ARNEOX.

However, we share your data with the following categories of third parties to operate our Service:

Cloud Infrastructure Providers

Analytics and Monitoring

Payment and Subscription Management

Note: We do NOT store credit card information. Payment processing is handled entirely by Google Play, Apple App Store, and their payment gateways (PCI DSS compliant).

Communication Services

Third-Party Health Data Sync (User Opt-In)

OAuth tokens for these services are encrypted (AES-256) and stored in a secure vault.

Future AI Services (Under Development)

Legal Disclosures

We may disclose your information when required by law:

• Legal Obligations: Court orders, subpoenas, government requests
• Protection of Rights: Enforce our Terms of Use, investigate fraud
• Safety: Protect the safety of users or the public

6. International Data Transfers

ARNEOX operates across multiple jurisdictions, which requires international data transfers:

Current Data Flow (2026)

• Data Controller: ARNEOX (Turkey - no GDPR adequacy decision)
• Data Processor: Supabase (Frankfurt, Germany - EU/GDPR-compliant)
• Transfer Mechanism: Standard Contractual Clauses (SCCs) approved by the European Commission

Turkey to EU Transfers: Since Turkey does not have a GDPR adequacy decision, we use Standard Contractual Clauses (SCCs) for transfers between our Turkish entity and Supabase (Germany). These are legally binding agreements ensuring GDPR-level protection.

Brazil Users (LGPD Compliance)

Since August 2025, transfers from Brazil to non-adequate countries require SCCs. We have implemented SCCs for Brazil-to-Turkey and Brazil-to-Germany transfers.

California Users (CCPA Compliance)

Data from California users is processed in Germany (Supabase) and may be accessed from Turkey for operational purposes. We ensure the same privacy rights apply regardless of data location.

Future Migration to Singapore (Q4 2026)

In Q4 2026, ARNEOX will migrate its corporate entity to Singapore ("ARNEOX Limited"). At that time:

• Data Controller will become ARNEOX Limited (Singapore)
• Data Transfers will be governed by Singapore Personal Data Protection Act (PDPA)
• EU/EEA Users: SCCs will be updated to Singapore-EU transfers
• Continuity: Your data will remain in Germany (Supabase Frankfurt) unless you request otherwise

We will notify all users 30 days in advance of this change with an updated Privacy Policy.

7. Data Retention

We retain your data for the following periods:

Active Accounts

• Personal and Health Data: Retained indefinitely while your account is active
• Workout Logs: Retained indefinitely (to preserve your fitness history)
• Conversation Logs: Retained indefinitely (to maintain context for AI assistant)

Account Deletion Request

When you request account deletion via the in-app "Delete Account" button:

30-Day Grace Period (Soft Delete):

• Your data is marked for deletion but NOT permanently deleted
• You can restore your account by logging in within 30 days
• Your data is not accessible to you or others during this period
• 7 days before permanent deletion, we will send a reminder email to your registered email address

After 30 Days (Permanent Deletion):

• All personal data is permanently deleted from our active databases
• Profile information, health data, workout logs, photos, AI conversations: DELETED
• Backups: We do NOT retain backups after the 30-day period

Legal Exceptions (Data Retained After Deletion):

• Financial Records: Retained for 7 years (legal requirement for tax and accounting purposes)
• RevenueCat Logs: Subscription data retained by RevenueCat for operational and legal compliance
• Anonymized Analytics: De-identified usage data (cannot be linked back to you)

System Logs

• Error Logs (Sentry): 90 days
• API Logs: 90 days
• Security Logs: 90 days (for fraud investigation)

AI-Generated Reports (Future Feature)

• Auto-Delete: 30 days after generation (unless user saves to their account)

8. Your Rights

Depending on your location, you have specific rights regarding your personal data:

8.1 GDPR Rights (EU/EEA Users)

Under the General Data Protection Regulation (GDPR), you have the following rights:

Right to Access (Article 15)
Request a copy of all personal data we hold about you.

Right to Rectification (Article 16)
Correct inaccurate or incomplete data via in-app profile settings.

Right to Erasure / "Right to be Forgotten" (Article 17)
Request deletion of your data. Use the in-app "Delete Account" button or email privacy@arneox.com. Note the 30-day grace period (see Section 7).

Right to Restrict Processing (Article 18)
Limit how we use your data while verifying accuracy or processing a complaint.

Right to Data Portability (Article 20)
Receive your data in a machine-readable format (JSON). Email privacy@arneox.com to request export.

Right to Object (Article 21)
Object to processing based on legitimate interest (e.g., analytics, profiling for recommendations).

Right to Withdraw Consent (Article 7)
Withdraw consent for health data processing at any time. Note: This may limit core app functionality.

Right Not to be Subject to Automated Decision-Making (Article 22)
ARNEOX uses profiling for personalized recommendations but does NOT make legally significant automated decisions about you.

Right to Lodge a Complaint
File a complaint with your local data protection authority:

• Germany (Supabase host): Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)
• Your Country: Contact your local GDPR supervisory authority

8.2 CCPA/CPRA Rights (California Users)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have:

Right to Know
Request disclosure of personal information collected, sources, purposes, and third parties with whom it's shared.

Right to Delete
Request deletion of your personal information (subject to legal exceptions like financial records).

Right to Opt-Out of Sale
We do NOT sell your personal information. You do not need to opt out.

Right to Opt-Out of Sharing for Cross-Context Behavioral Advertising
We do NOT share your data for targeted advertising.

Right to Correct Inaccurate Information
Request correction of inaccurate personal data.

Right to Limit Use of Sensitive Personal Information
We use health data only for Service functionality, NOT for advertising or profiling for ads.

Right to Non-Discrimination
We will NOT discriminate against you for exercising your CCPA rights.

8.3 LGPD Rights (Brazil Users)

Under the Brazilian General Data Protection Law (LGPD), you have:

• Confirmation of data processing
• Access to your data
• Correction of incomplete or inaccurate data
• Anonymization, blocking, or deletion of unnecessary or excessive data
• Data portability
• Information about public/private entities with whom data is shared
• Information about the possibility of denying consent and its consequences
• Revocation of consent

8.4 KVKK Rights (Turkey Users)

Under Turkish Personal Data Protection Law (KVKK), you have:

• Learn whether your data is processed
• Request information about processing if data has been processed
• Learn the purpose of processing and whether data is used accordingly
• Know third parties to whom data is transferred domestically or abroad
• Request correction if data is incomplete or inaccurate
• Request deletion or destruction under KVKK Article 7 conditions
• Request notification of correction/deletion/destruction to third parties
• Object to negative consequences from automated data analysis
• Claim compensation for damages due to unlawful processing

8.5 How to Exercise Your Rights

In-App Self-Service:

• Access Data: View your profile, workout logs, and body metrics in the app
• Rectify Data: Edit your profile, update measurements, correct workout logs
• Delete Account: Settings → Account → "Delete Account" button (30-day grace period applies)

Email Requests:

• Email: privacy@arneox.com
• Subject Line: "Data Request - [Your Right]" (e.g., "Data Request - Data Portability")
• Include: Your registered email address, description of request
• Response Time: Within 30 days (GDPR), 45 days (CCPA), 30 days (KVKK/LGPD)

Identity Verification: To protect your privacy, we may ask for verification (e.g., confirm email address, answer security questions) before processing requests.

9. Children's Privacy

Age Restrictions

ARNEOX is designed for users aged 13 and older (US/COPPA), 16 and older (EU/GDPR Article 8), depending on your jurisdiction.

Current Policy: We do not knowingly collect data from children under these age thresholds without verifiable parental consent.

High School Athletes: We recognize that some high school athletes (ages 14-18) may use ARNEOX. For users under 18:

• Parental consent is recommended but not currently enforced (under development)
• Health data collection requires explicit understanding of data use
• We encourage parents to review this Privacy Policy with their children

COPPA Compliance (United States)

For users under 13 in the US:

• We require verifiable parental consent before collecting personal information
• Parents can request review, deletion, or restriction of their child's data
• Contact: privacy@arneox.com with "COPPA Request" in the subject line

GDPR Article 8 Compliance (EU/EEA)

For users under 16 in the EU:

• Parental consent is required for lawful processing
• We will implement age verification and parental consent mechanisms (under development)

If we discover we have collected data from a child without required consent, we will delete that data within 30 days.

10. Security Measures

We implement industry-standard security measures to protect your data:

Technical Safeguards

Encryption at Rest:

• Supabase provides default database encryption
• Additional encryption layers for sensitive fields (OAuth tokens, payment data)
• AES-256 encryption for encrypted vault data

Encryption in Transit:

• All data transmitted via HTTPS/TLS 1.3
• API endpoints protected by Cloudflare SSL/TLS

Access Controls:

• Row Level Security (RLS): Users can only access their own data in the database
• Role-based access control (RBAC) for admin/support access (limited to essential personnel)
• Principle of least privilege

Authentication Security:

• Passwords hashed using bcrypt (not stored in plaintext)
• OAuth 2.0 for Google Sign-In, future Apple Sign-In
• 2FA (Two-Factor Authentication): Not currently available (planned for future release)

Organizational Safeguards

• Employee Training: Limited personnel have access to personal data; all sign confidentiality agreements
• Data Minimization: We collect only data necessary for Service functionality
• Regular Security Audits: Periodic reviews of RLS policies, access logs, and third-party integrations

Data Breach Notification

Current Policy (Under Development):

• We are committed to implementing a formal breach notification procedure compliant with:
  • GDPR Article 33: Notify supervisory authority within 72 hours of breach discovery
  • GDPR Article 34: Notify affected users "without undue delay" if high risk to rights and freedoms
  • KVKK: Notify Turkish Data Protection Authority and affected users
  • CCPA: Notify California Attorney General and affected users without unreasonable delay

Interim Process:

• In the event of a breach, we will notify affected users via email within 72 hours
• Notification will include: nature of breach, data affected, mitigation steps, contact information

Note: We are working with legal counsel to formalize breach response procedures compliant with all applicable jurisdictions. This will be updated in a future Privacy Policy revision.

11. Cookies and Tracking Technologies

We use cookies and similar technologies for analytics and Service functionality:

Types of Cookies We Use

Essential Cookies:

• Session Management: Keep you logged in, remember preferences
• Security: Prevent fraud, CSRF protection
• Duration: Session-based (deleted when you close the app/browser)

Analytics Cookies:

• Mixpanel: Track feature usage, app performance, user engagement
• Purpose: Improve user experience, identify bugs, prioritize feature development
• Data Collected: Device IDs, anonymized user IDs, event timestamps, feature interactions
• Duration: Persistent (up to 1 year)

Web Analytics (www.arneox.com):

• We may use Google Analytics or similar tools on our website
• You can opt out via browser settings or privacy extensions (e.g., uBlock Origin, Privacy Badger)

In-App Tracking

ARNEOX tracks in-app events (e.g., "Workout Logged", "Profile Updated") via Mixpanel. This data is used for:

• Feature performance analysis
• A/B testing (when applicable)
• Bug identification

You can opt out: Settings → Privacy → "Analytics Consent" toggle (future feature)

Third-Party Tracking

We do NOT use third-party advertising networks or tracking pixels. No data is shared for cross-site tracking or behavioral advertising.

Your Choices

• Browser Settings: Block cookies via browser settings (note: may break functionality)
• Mobile OS Settings:
  • iOS: Settings → Privacy → Tracking → Disable "Allow Apps to Request to Track"
  • Android: Settings → Google → Ads → Opt out of Ads Personalization
• In-App Opt-Out (future): Disable analytics consent in app settings

12. AI, Profiling, and Automated Decision-Making

Current Profiling Practices

We use profiling to personalize your experience:

What is Profiling?
Analyzing your data to predict or recommend:

• Workout programs tailored to your fitness level
• Suggested exercises based on past performance
• Progress predictions toward your goals

Legal Basis: Legitimate interest (GDPR Article 6(1)(f)) and consent (for health data).

Important: We do NOT use profiling for:

• Advertising or marketing to you
• Selling data to third parties
• Discriminatory decision-making

You can object: Email privacy@arneox.com to opt out of profiling (may reduce personalization quality).

Future AI Features (ARNEOX Agent)

Under Development:

• AI-powered fitness assistant (chatbot) for coaching, Q&A, progress analysis
• AI video analysis for exercise form feedback

Privacy Protections:

• Data Anonymization: Personal identifiers removed before sending to OpenAI/Anthropic Claude
• No Training Data: Your conversations will NOT be used to train third-party AI models
• User Control: You can delete AI conversations at any time

Transparency: When AI makes recommendations, we will explain the reasoning (e.g., "Based on your last 4 weeks of bench press progress...").

No Legally Significant Automated Decisions

We do NOT use automated decision-making for:

• Subscription approvals/denials (manual review if flagged)
• Account suspensions (human review required)
• Legally binding decisions about you

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in legal requirements (new regulations, court rulings)
• New features or services (e.g., ARNEOX Agent, nutrition app)
• Improvements to privacy practices
• Corporate changes (e.g., Singapore migration Q4 2026)

How We Notify You

Material Changes:

• 30 days' advance notice via email to your registered email address
• In-app notification upon next login
• Updated "Last Updated" date at the top of this document
• Version number increment (e.g., 1.0 → 2.0)

Non-Material Changes (e.g., typo fixes, clarifications):

• Updated "Last Updated" date only
• No advance notice required

Your Consent

Continued use of ARNEOX after the effective date of changes constitutes acceptance of the updated Privacy Policy.

If you do NOT agree with changes:

• Stop using the Service
• Delete your account (30-day grace period applies)

For material changes affecting special category data (health data), we may require re-consent via in-app prompt.

14. Multi-Jurisdiction Governance

Current Governance (February 2026)

Data Controller: FATİH ALAY ARNEOX YAZILIM (Turkey)
Governing Law: Turkish Personal Data Protection Law (KVKK)
Data Location: Frankfurt, Germany (Supabase)
Applicable Regulations:

• GDPR (EU/EEA users)
• CCPA/CPRA (California users)
• LGPD (Brazil users)
• KVKK (Turkey users)

Future Migration to Singapore (Q4 2026)

Planned Changes:

• New Data Controller: ARNEOX Limited (Singapore)
• Governing Law: Singapore Personal Data Protection Act (PDPA)
• Data Location: No change (Frankfurt, Germany via Supabase)
• International Transfers: Singapore-EU SCCs implemented

Transition Process:

1. 90 days before migration: Announcement to all users
2. 30 days before migration: Updated Privacy Policy published
3. Migration date: Corporate entity transfers, updated contact information
4. Post-migration: Singapore PDPA compliance, EU-Singapore SCCs active

Your Rights Remain Protected: The migration will NOT reduce your privacy rights. We will maintain GDPR/CCPA/LGPD compliance.

15. Contact Information

For questions, requests, or concerns about this Privacy Policy or your data:

Privacy Contact:
Email: privacy@arneox.com
Subject Line: "Privacy Inquiry - [Your Topic]"

General Support:
Email: support@arneox.com
Website: www.arneox.com

Postal Address:
ARNEOX
FATİH ALAY ARNEOX YAZILIM
Merdivenköy Mah. Dikyol Sk. B Blok No: 2 İç Kapı No: 179
Kadıköy / İstanbul, Turkey

Data Protection Authority Contacts (for complaints):

• Germany (Supabase host): BfDI - Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
• Turkey: Kişisel Verileri Koruma Kurumu (KVKK)
• EU/EEA: Find your local supervisory authority
• California: California Attorney General - Privacy
• Brazil: ANPD - Autoridade Nacional de Proteção de Dados

16. Legal Disclaimer

⚠️ IMPORTANT LEGAL DISCLAIMER

This Privacy Policy is generated based on general legal principles and current regulations as of February 14, 2026. It is designed to provide comprehensive privacy protections across multiple jurisdictions (GDPR, CCPA/CPRA, LGPD, KVKK, Singapore PDPA).

This document is NOT a substitute for professional legal advice.

Before using this Privacy Policy in a production environment, we strongly recommend:

1. Legal Review: Have this document reviewed by a licensed attorney in your jurisdiction (Turkey, Singapore, and any countries where users reside)
2. Accuracy Verification: Ensure all company-specific details are accurate and up-to-date
3. Implementation Verification: Confirm that all technical measures described in this policy are actually implemented (e.g., 30-day deletion process, data export mechanism, breach notification system)
4. Regular Updates: Laws change frequently. Update this Privacy Policy at least annually or whenever regulations change
5. Regulatory Compliance: If you reach 1 million users in Turkey, VERBİS registration will be required

Jurisdiction-Specific Recommendations:

• Turkey: Register with VERBİS when threshold is met; consult Turkish data protection lawyer for KVKK compliance
• Singapore (Q4 2026): Consult Singapore attorney before migration; register with PDPC if required
• EU/EEA: If you open EU offices, appoint an EU representative (GDPR Article 27)
• California: If revenue >$25M or process 100k+ CA residents, additional CPRA requirements may apply

Liability Limitation: This document is provided "as-is" without warranties of any kind. ARNEOX and the document author(s) are not liable for any legal consequences arising from use of this Privacy Policy.

Last Legal Review: Pending
Recommended Review Frequency: Every 12 months or upon regulatory changes

End of Privacy Policy

Version: 1.0
Effective Date: February 14, 2026
Next Scheduled Review: February 14, 2027

By using ARNEOX, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.