ServicesHow It WorksPricingAboutContact
Home/Privacy Policy

Privacy Policy

Last updated: March 1, 2026

Arx Inc. ("Arx Inc.," "we," "us," or "our") is committed to protecting the privacy and security of the personal information entrusted to us by our clients, partners, and visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website or engage our services.

1. Information We Collect

1.1 Information You Provide

We may collect personally identifiable information that you voluntarily provide when you interact with us, including but not limited to:

  • Contact information (name, email address, company name, role)
  • Project details submitted through audit request forms
  • Cryptocurrency wallet addresses for payment processing
  • Communications you send to us (emails, support requests, feedback)
  • Business records and contractual information for service engagements

1.2 Information Collected Automatically

When you visit our website, we may automatically collect certain technical information, including:

  • IP address and approximate geographic location
  • Browser type, operating system, and device information
  • Pages visited, time spent on pages, and navigation patterns
  • Referring URL and search terms
  • Cookies and similar tracking technologies (see our Cookies Policy)

1.3 Blockchain and On-Chain Data

In the course of providing smart contract audit and risk intelligence services, we may interact with publicly available blockchain data. This data is inherently public and is not considered personal information under this policy, except where it can be linked to an identifiable individual through information you provide to us.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our audit and security services
  • To communicate with you regarding engagements, reports, and support
  • To process payments and maintain financial records
  • To comply with legal obligations and regulatory requirements
  • To protect our rights, property, and safety, and those of our clients
  • To analyze website usage and improve user experience
  • To send occasional communications about our services, research publications, and security advisories (with your consent)

3. Legal Basis for Processing

We process personal information on the following legal bases:

  • Contractual necessity: Processing required to perform our audit and security services under an executed Master Services Agreement
  • Legitimate interests: Processing necessary for our legitimate business interests, including security, fraud prevention, and service improvement
  • Consent: Processing based on your explicit consent, such as marketing communications
  • Legal obligation: Processing required to comply with applicable laws and regulations

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share information in the following limited circumstances:

  • Service providers: With trusted third-party vendors who assist us in operating our business (hosting, analytics, payment processing), subject to confidentiality obligations
  • Legal requirements: When required by law, regulation, legal process, or governmental request
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate confidentiality protections
  • With your consent: When you have given explicit permission to share specific information

Audit reports are published only with client consent as specified in the Master Services Agreement. Confidential findings, proprietary code, and client-specific vulnerability details are never disclosed without written authorization.

5. Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, regular security assessments, and employee training on data protection practices.

Given the nature of our business, we maintain heightened security protocols for all client engagement data, including code repositories, audit findings, and vulnerability disclosures.

6. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Engagement-related records are retained for a minimum of five (5) years following the completion of an audit engagement, or longer if required by applicable law.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right to access the personal information we hold about you
  • Right to rectification of inaccurate or incomplete information
  • Right to erasure ("right to be forgotten") in certain circumstances
  • Right to restrict or object to certain processing activities
  • Right to data portability
  • Right to withdraw consent at any time

To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within 30 days.

8. International Data Transfers

Arx Inc. is incorporated in the Commonwealth of Virginia, United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by posting the updated policy on our website with a revised "Last updated" date. Your continued use of our services after the effective date of the revised policy constitutes your acceptance of the changes.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Arx Inc.
4000 Legato Road, Suite 1100
Fairfax, Virginia 22033
Email: [email protected]