Privacy Notice

Effective Date: September 10, 2025

Aristotle Explorations Inc. ("Aristotle," "we," "us," or "our") provides websites, mobile and desktop applications, developer tools (including APIs and SDKs), and related online services, including aristotle.xyz and any service that references this Privacy Notice (collectively, the "Services"). This Notice describes our processing of personal information in connection with the Services. By accessing or using the Services, you acknowledge that you have read and understood this Notice.

This Notice applies globally and includes jurisdiction‑specific disclosures for certain locations (e.g., California and the EEA/UK). If any regional disclosure conflicts with the main text, the regional disclosure controls for individuals in that region.

1. Roles and Scope

  • Controller. For personal information collected through the Services for our own business purposes, Aristotle acts as the controller (or "business" under certain U.S. state laws).
  • Processor/Service Provider. Where we process personal information solely on behalf of an enterprise customer under a written agreement, we act as a processor (or "service provider"/"contractor"). In the event of conflict between this Notice and such agreement, the agreement governs for that processing.
  • Enterprise Data. For enterprise customers, we process Customer Data solely under the customer's instructions and may use it to train models by default unless the customer opts out via written request or an in-product control.
  • Coverage. This Notice covers personal information collected online (websites, apps, APIs/SDKs) and, where applicable, offline interactions that reference this Notice (support, events, surveys).

2. Definitions

  • "Personal information" (or "personal data") means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked, directly or indirectly, with an identified or identifiable natural person.
  • "Sensitive personal information" may include, as defined by law, precise geolocation, government identifiers, account logins with security credentials, racial or ethnic origin, health data, etc.
  • "Sell," "share," and "targeted advertising" have the meanings assigned under U.S. state privacy laws (e.g., California). These concepts may include making certain identifiers and online activity available to third parties (e.g., advertising or analytics partners) for cross‑context behavioral advertising or similar purposes, whether or not money is exchanged.
  • "De‑identified" refers to information that cannot reasonably be used to infer information about, or otherwise be linked to, an identified person or device.

3. Categories of Personal Information We Collect

Depending on how you interact with the Services, we may collect the following categories of personal information:

  1. Identifiers and Contact Information (e.g., name, alias, postal address, email address, telephone number, account username/handle, device identifiers, IP address).
  2. Account and Commercial Information (e.g., account profile, preferences, subscription tier, purchase or usage history, records of products or services considered, customer support communications).
  3. Payment and Billing Information processed by our payment processors (e.g., card brand, last four digits, expiry, billing address). We do not store full card numbers.
  4. Internet/Network Activity and Device Information (e.g., device type, operating system, browser type, language, referring and exit pages/URLs, clickstream data, timestamps, pages or screens viewed, links clicked, crash logs, performance/diagnostics, approximate location derived from IP address).
  5. Cookies and Similar Technologies (e.g., cookies, pixels, tags, SDKs, web beacons, local storage, advertising IDs, session replay/analytics scripts).
  6. User Content and Submissions (e.g., text, files, code, images, and other content you upload or transmit via the Services, including inputs or feedback provided to any features enabled by machine learning/AI).
  7. Inferences and Profiles drawn from the above (e.g., likely interests, usage patterns, segments) to personalize features and communications and to improve the Services.
  8. Sensitive Personal Information (only where necessary and permitted by law) such as identity verification data or precise geolocation for specific features, and then subject to additional limitations described below.

Sources. We collect personal information (a) directly from you (e.g., account registration, purchases, forms, support, content you submit), (b) automatically through your device and use of the Services, and (c) from third parties (e.g., payment processors, authentication/identity providers, analytics and advertising partners, integration partners, publicly available sources, and data enrichment providers where permitted by law).

4. Purposes for Which We Use Personal Information

We use personal information for the following purposes and any other purpose compatible with the context in which the information was collected, as permitted by law:

  1. Provision of the Services. Operating, maintaining, and providing the Services and customer support; enabling account creation, authentication, and security; processing transactions and fulfilling requests; administering features, integrations, and developer tools.
  2. Service Improvement, Research, and Development. Monitoring performance; debugging; conducting analytics (including cross‑device and cross‑service analytics); conducting research and development; creating, training, and improving algorithms and models (including machine learning/AI features); and developing new products and services; de‑identifying and aggregating data for the foregoing.
  3. Personalization. Tailoring content, interfaces, and experiences; remembering preferences and settings; recommending features or content.
  4. Communications. Sending transactional messages (e.g., confirmations, notices, security alerts) and—where permitted by law or with consent—marketing communications, newsletters, surveys, and information about events, products, or services.
  5. Advertising and Measurement. Measuring reach and effectiveness; facilitating or enabling cross‑context behavioral advertising and other forms of interest‑based advertising; performing attribution; and improving advertising relevance on our Services and, where applicable, across third‑party sites and apps.
  6. Security, Fraud Prevention, and Compliance. Protecting the Services, our users, and third parties from security threats, fraud, abuse, and unlawful activity; enforcing terms and policies; complying with legal obligations and responding to lawful requests and legal process; exercising or defending legal claims.
  7. Corporate Transactions. Supporting mergers, acquisitions, financings, reorganizations, or similar corporate events, including due diligence.
  8. Model Training. Unless you opt out (see Section 11), we may use your inputs, outputs, and other User Content to create, train, and improve features and models (including machine learning/AI). For EEA/UK users, we rely on legitimate interests for this processing; you have the right to object at any time.

Legal Bases (EEA/UK). Where required, we rely on one or more of the following legal bases: (i) performance of a contract; (ii) our legitimate interests (e.g., to secure, operate, improve, and promote the Services); (iii) consent (e.g., for non‑essential cookies and certain marketing); and (iv) compliance with legal obligations.

Combining Information. We may combine information collected across our Services and from third‑party sources, and we may infer new information from the combined data, consistent with this Notice.

5. Disclosure of Personal Information

We disclose personal information to the following categories of recipients, for the purposes described above:

  • Service Providers and Contractors that perform services for us under appropriate contractual terms (e.g., hosting, cloud storage, analytics, advertising and measurement, email/SMS communications, payment processing, customer support, security and threat detection, auditing, and professional services).
  • Affiliates within our corporate group for purposes consistent with this Notice.
  • Advertising and Analytics Partners to facilitate measurement, attribution, and cross‑context behavioral advertising (which may constitute a "sale" or "sharing" under certain U.S. state laws).
  • Business Partners with whom we jointly offer products, features, promotions, or integrations.
  • Professional Advisors (e.g., lawyers, auditors, insurers, bankers) under confidentiality obligations.
  • Legal and Safety Recipients as required or permitted by law (e.g., regulators, law enforcement, courts) and when we believe disclosure is appropriate to protect rights, safety, and property.
  • Transaction Recipients in connection with a merger, acquisition, financing, divestiture, reorganization, or similar corporate transaction.
  • Public or Community Areas when you choose to post information or content that is visible to others (e.g., forums, profiles, blogs).

We may share aggregated or de‑identified information that cannot reasonably be used to identify an individual.

6. Cookies and Similar Technologies; Advertising and Analytics

We and our partners use cookies and similar technologies to operate and secure the Services, remember preferences, measure performance, and facilitate advertising. Categories include strictly necessary, functional, performance/analytics, and advertising cookies/SDKs.

  • Controls. You may manage web cookies via your browser. In the EEA/UK we do not set non-essential cookies/SDKs. We honor Global Privacy Control (GPC) and similar opt-out preference signals for browser-based interactions.
  • Interest‑Based Advertising. We may enable or participate in advertising that relies on identifiers and usage information to create or inform advertising audiences and to deliver ads that are more likely to be relevant to you across sites and apps. You may opt out of our processing and/or disclosure of personal information for targeted advertising or for what some U.S. state laws call a "sale" or "sharing" by contacting us as set out in Section 11 (Your Rights and Choices).

De-identified Data. When we de-identify data, we (i) maintain it in de-identified form, (ii) do not attempt to re-identify it (except to test de-identification), and (iii) contractually require recipients to do the same.

7. Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Notice, including to provide the Services, comply with legal and accounting obligations, enforce agreements, resolve disputes, secure our Services, and pursue legitimate business interests. We may retain de‑identified or aggregated information for longer as permitted by law. Criteria used to determine retention periods include the nature and sensitivity of the data, potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.

8. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit and at rest where applicable, access controls, monitoring, and other customary measures appropriate to the nature of the information and our operations. No method of transmission over the Internet or method of electronic storage is 100% secure; accordingly, we cannot guarantee absolute security.

9. International Transfers

We are headquartered in the United States and may transfer personal information to the U.S. and other jurisdictions that may have different data protection laws than your jurisdiction. Where required, we implement appropriate safeguards for cross‑border transfers, such as the EU Standard Contractual Clauses and the UK International Data Transfer Addendum. Copies of relevant transfer safeguards may be made available upon request, subject to redactions for confidentiality.

10. Children

The Services are not directed to children under 13 (or under 16 for certain U.S. state "sale/share" rules). We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us and we will take appropriate steps to delete such information as required by law. We do not knowingly sell or share the personal information of individuals under 16 years of age. We do not engage in targeted advertising to individuals we know are under 16.

11. Your Rights and Choices (All by Email)

Your rights may vary based on your location and the nature of our processing. At this time, all requests must be submitted by email.

  • How to submit requests: Email [email protected] with your name, the email address associated with your account (if different), your country/state of residence, and a clear description of your request. You may also contact [email protected] if you are unable to reach us at the privacy address.
  • Email Preferences: To opt out of marketing emails, use the unsubscribe link in those emails or email [email protected].
  • Access, Correction, Deletion, and Portability: Subject to legal exceptions, you may request access to the personal information we hold about you, request correction of inaccurate information, request deletion, and/or request a portable copy, by emailing [email protected].
  • Targeted Advertising; “Sale” or “Sharing” (U.S. States): Where applicable, you may opt out of our processing and/or disclosure of personal information for targeted advertising or for what certain laws call a “sale” or “sharing” by emailing [email protected] with the subject line “Opt‑Out of Sale/Share and Targeted Advertising.”
  • Limit Use and Disclosure of Sensitive Personal Information (CA): If we collect sensitive personal information for non‑exempt purposes, California residents may request that we limit our use and disclosure of such data by emailing [email protected] with the subject line “Limit Sensitive Personal Information.”
  • Appeals (Certain U.S. States): If we decline to act on a request, you may appeal by replying to our decision email with “Appeal Request” in the subject line.
  • Authorized Agents (CA): You may designate an authorized agent to make a request on your behalf by emailing documentation of the agent’s authorization to [email protected]. We may require you to verify your identity directly with us.
  • Verification: To protect privacy, we will take reasonable steps to verify your identity before processing a rights request. The steps may vary depending on the sensitivity of the request and the type of information involved.
  • Opt-Out of Model Training: Email [email protected] with subject "Opt-Out of Model Training."
  • Global Privacy Control: We honor GPC signals as a request to opt out of "sale/share" and targeted advertising for that browser.

EEA/UK Users. In addition to the above, you may object to or request restriction of certain processing, and you have the right to lodge a complaint with a supervisory authority (e.g., the ICO in the UK). Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal. Submit requests and withdrawals via [email protected].

12. California Privacy Disclosures (including Notice at Collection)

Notice at Collection. We collect the categories of personal information listed below for the purposes described in Sections 4–6, from the sources listed in Section 3, and we retain them as described in Section 7. We do not sell personal information for monetary consideration. Some of our analytics and advertising activities may be considered a "sale" or "sharing" under California law. California residents may opt out by emailing [email protected] with the subject line "Opt‑Out of Sale/Share and Targeted Advertising." We honor GPC signals for browser interactions. We do not knowingly sell or share the personal information of individuals under 16.

Category (CPRA)ExamplesSold/Shared for Cross‑Context Behavioral Advertising?
IdentifiersName, alias, postal address, email, phone, IP, device IDsMay be considered shared and/or sold as defined by law (email to opt out)
Customer Records / Commercial InformationAccount info, purchases, service historyNot sold/shared for advertising
Internet or Network ActivityBrowsing history on our Services, interactions with ads, analytics dataMay be considered shared and/or sold as defined by law (email to opt out)
Geolocation (approximate)City/region inferred from IPMay be considered shared and/or sold as defined by law (email to opt out)
InferencesPreferences, segmentsMay be considered shared and/or sold as defined by law (email to opt out)
Sensitive Personal InformationIdentity verification data, precise geolocation (if enabled)Not sold/shared for advertising; limited use as permitted by law
Audio/Visual/Electronic InformationImages, voice, screens, and other content in User ContentMay be considered shared and/or sold as defined by law (email to opt out)

Non‑Discrimination. We will not discriminate against you for exercising your rights.

13. Developer & API Users (if applicable)

If you use our APIs/SDKs or developer tools, we may process app/tenant identifiers, authentication tokens, integration metadata, IP addresses, request/response headers, and limited payload metadata for security, abuse prevention, analytics, billing, and to operate and improve the Services. Do not include personal information in fields not intended for such information.

14. Third‑Party Sites, Services, and Integrations

The Services may include links to or integrations with third‑party websites, platforms, and services (including plugins and SDKs). We are not responsible for the privacy or security practices of such third parties. We encourage you to review the privacy policies applicable to those services.

15. Additional Regional Information and Contacts

Where required, we may designate an EU or UK representative and/or a Data Protection Officer; we will update this Notice with relevant details once applicable. You may also contact us at [email protected] for further information about how we handle personal information in your jurisdiction.

16. Changes to This Notice

We may update this Notice from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will post the updated Notice and, where required by law, provide additional notice or obtain consent. The Effective Date above indicates when this Notice was last revised.

17. Contact Us

Aristotle Explorations Inc.
400 Concar Dr, San Mateo, CA 94402
Email: [email protected] (preferred) or [email protected]