Privacy Policy

Privacy Policy details

In this Privacy Statement, “we,” “us,” “our,” or “ARATIS” refers to Aratis Solutions LLC and our affiliates, which includes any person or entity that controls Aratis Solutions LLC, is controlled by Aratis Solutions LLC, or is under common control with Aratis Solutions LLC (such as a subsidiary, parent company, or employee).

This Privacy Statement covers ARATIS’s information practices for our family of websites (https://www.AratisSolutions.com, https://CallMeAlert.com, https://TextMeAlert.com, and https://afaxsolution.com) (the “Website”), its API, and its related services (collectively, the “ARATIS API”) to build Voice and Messaging Applications using web development skills and offer such Applications to its users’ customers.

ARATIS may modify this Privacy Policy from time to time to communicate changes in our privacy practices. If we make material changes to this Privacy Policy, we will notify you here, by email, or by means of notice on the Website or otherwise through the ARATIS API, as authorized by you.

We, at ARATIS, are committed to lawful collection and processing of personal data. We respect and protect the privacy of the personal information we obtain from you through our Website and Cloud services. This Privacy Policy is intended to inform you about how we collect, use and share your personal information, and our privacy practices in general.

Information we collect

We collect information in two ways:

Information you provide to us directly

  • Registration information: In order to register for a basic account, you must provide your email address, name and physical address. We also collect your IP address.
  • Personal Data: We may use personal data, including call history, to provide products and/or services to you, enhance the operation of the Website and the ARATIS API, analyze Services use, improve the Website and the ARATIS API, and to tailor your experience with third parties as provided below in this Privacy Policy. If you use our Website or the ARATIS API to send information to another person, we may store your personal information. We may also use personal information to troubleshoot, resolve disputes, enforce our agreements with you, including our Terms of Service and this Privacy Policy, comply with applicable law, and cooperate with law enforcement activities.
  • Login credentials to services: If you want to connect your ARATIS account to any other third party service, you will be asked to provide us your login credentials for those third-party applications. For each third party service that you’ve connected to your ARATIS account, we will create a connected account to that service and securely save your personal login information. We will not use this personal information for any purposes other than those which you provided it for. If you remove a connected account, we will automatically delete associated personal information.

Information we get from your use of our services

  • Cached Content: Depending upon configuration, we may keep a cached copy of the content served as a part of your use of the ARATIS API, which can include phone numbers, media files, XML files, text content or telephone identifiers. If your web server does not specify that we can cache your content, we will not keep a cached copy of any text or audio data transmitted through the ARATIS API during calls, but we may still maintain copies in your notification log. If data privacy is a concern, you should make sure your server does not allow us to cache such content, and contact us so that we may assist you to turn off other application logging around requests to and responses from your application. ARATIS’s use and policies regarding management and deletion of call log, notification log, billing/ payment, and other log data is further documented in the Technical Documentation. Non-Personally Identifiable Information. Non-Personally Identifiable Information is information that does not identify a specific person. This type of information may include things like the Uniform Resource Locator (“URL”) of the website you visited before coming to our Website, the URL of the website you visit after leaving our Website, the type of browser you are using, your Internet Protocol (“IP”) address, or general and/or aggregated location data that does constitute personally identifiable information, and cannot be used as an identifier to discern you as a data subject. We may automatically collect this information when you visit our Website through the use of electronic tools like Cookies and Web beacons or Pixel tags, provided that, if considered personal data subject to data regulation, we have received your explicit consent to use. Release of Personally Identifiable Information. We will not sell your personal data. Nor will we share your personally identifiable information with other parties except with your explicit consent and solely as provided herein.
  • Comments: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
  • Scenario execution data and data in ARATIS internal data stores: ARATIS stores logs about the execution of your workflows so that you have the option to view details about a specific scenario run or find out what data was transferred from where to where. In respect of this data, ARATIS is the data processor and the user is the data controller. The following list shows what data we store and for how long:
      • Logs in Gateway (webhooks, Android): 30 days
      • Incomplete runs (DLQ): 30 days
      • Notifications: 7 days
      • Activity stream (logged execution of a scenario): 30 days
      • Scenario execution details: 60 days
  • Usage information: When you visit our website or use our service, we automatically record information from your web browser which helps us improve the utility value of our site and manage the provision of our services. This may include your IP address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences or history of access to our website.
  • Cookies: For your convenience, we use cookies. A cookie is a data file that we transfer to your device. We are using two types of cookies, persistent and rolling cookies. Persistent cookies store your registration email address so you do not have to type it each time you login to our Service. Persistent cookies are optional, you can choose whether or not to store this information. We use rolling cookies to store your registration ID and authentication information so you can remain logged in to our Service. The rolling cookie will delete itself from your device after 20 minutes of your inactivity (and you will be automatically logged out from our Service).

How we store your personal data

We are committed to doing our very best to protect your data and keep it confidential. We employ advanced security practices to keep your data safe and secure:

  • The connection between ARATIS and your browser is always encrypted (HTTPS).
  • Every connection between ARATIS and a third party service is established in the most secure way that is supported by the given service. In some cases (e.g. FTP, databases, etc.) you have the option to set the security level manually.
  • We use AES to save your credentials securely.
  • To protect our secure HTTPS website from downgrade attacks, we have implemented and use HTTP Strict Transport Security (HSTS), the web security policy mechanism.
  • We have protection against CSRF/XSRF attacks.
  • We use CSP protection to prevent XSS.
  • All passwords that you provide us with are stored in encrypted format (PBKDF2-SHA512 with 200k iterations), so that they cannot be read and/or reproduced. No one is able to read them, not even us.
  • We use persistent IP addresses so that you can limit access or make tunnels.
  • For your protection, we do not support outdated browsers. The latest browsers are more secure and ensure the highest security standards.
  • Our servers are housed in globably dispersed data centers equipped with the latest security technologies.

How we use the information we collect

ARATIS collects this personal data for the following purposes:

  • Login to ARATIS
  • Possibility to reset passwords in the case of forgetting it
  • Informing users about executions of active workflows
  • Informing users about business matters
  • Informing users and potential users about new features of ARATIS

Right of deletion or change of user personal data

In the Profile section you have the option to ask for deletion or to change your profile. In the event that it is our duty to keep a record of some of your personal information, for example, for accounting purposes, this information is retained. We will irrevocably remove all other information within 60 days of your request.

ARATIS features that allow you to manage personal data

ARATIS deploys features, which empower its users to easily comply with the the requirements of GDPR:

  • Workflow settings: Data is confidential This is a key feature that allows you to process data in ARATIS without leaving any record about the data in ARATIS after the workflow run completes. If you do not want to include transmitted data in the log files, you can enable this option. With this option enabled, no transmitted data will be stored in the log files and the logs will include only basic information about the run of your scenario.
  • Deleting data stored in ARATIS data stores For deleting data, you can request the Delete all records function to delete all records from data store.

Authorized Third party Service Providers

We do not store your full credit card information on our servers. All payments are securely processed by the PayPal, Stripe, Wave and Global Payments gateways. We only receive a confirmation about the result of the payment.

ARATIS may provide services and products through third parties. You also may elect to use one or more third party applications that integrate with the ARATIS API. These “Third Party Service Providers” perform functions on our or your behalf. You or We may share your Personally Identifiable Information with such Third Party Service Providers to operate the Website and the ARATIS API, troubleshoot, and improve overall customer experience. ARATIS Customer Acknowledgement. ARATIS encourages our customers to adopt and post privacy policies associated to their end users’ data management. Customer acknowledges that they are acting as a controller of end user data in connection with end user use of customers’ solutions.

Communication in ARATIS forums

We offer comment forums in which users can communicate with any other users. Our services display information like your name or profile picture. Any information you share in a public forum is public information and may be seen or collected by other person(s).

With whom we share information

We do not sell, rent, or otherwise disclose your personal information to third parties for their marketing and advertising purposes without your consent.

We may disclose:

Your information to third parties working for and with ARATIS:

We work with third party service providers (for example hosting services) to help us provide, improve or advertise our services. ARATIS may give relevant persons working for these third parties access to your information, but only to the extent necessary for them to perform their services for us. All such third parties must agree to observe the privacy of our users, and to protect the confidentiality of their personal information.

As required by law

 We reserve the right to disclose your Personally Identifiable Information and any other content stored by ARATIS when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our Website; enforce or apply this Privacy Policy, Terms of Service or other agreements; or protect the rights, property or safety of the Website, users of the ARATIS API, employers, or others.

Release of Non-Personally Identifiable Information

We may disclose or share Non-Personally Identifiable Information with Affiliates and Third Party Service Providers, and Third Party Advertisers. For example, we may share aggregated demographic information (which does not include any Personally Identifiable Information) with “Third Party Advertisers” or “Third Party Advertising Companies.” We may use Third Party Advertising Companies to serve ads when you visit our Website or participate in the ARATIS API. These companies may use Non-Personally Identifiable Information about your visits to this Website, your use of the ARATIS API, and visits to other websites or locations in order to provide, through the use of network tags, advertisements about goods and services that may be of interest to you. We also use Third Party Service Providers to track and analyze Non-Personally Identifiable usage and volume statistical information from our users to administer our Website and the ARATIS API, in order to constantly improve their quality. We may also publish this information for promotional purposes or as a representative audience for Third Party Advertisers. Such data is collected on our behalf, and is owned and used by ARATIS. Updating Information. If you are enrolled in the ARATIS API, you may change any of your Personally Identifiable Information by logging into your account and accessing the “Account Profile” page. We encourage you to promptly update your personal data if it changes, as out-of-date personal data may negatively affect the quality of your ARATIS API use and experience. You may ask to have the information on your account deleted or removed; however, because we keep track of past transactions, you cannot delete information associated with past transactions on the Website or through the ARATIS API. Additionally, it may be impossible for us to completely delete all of your information because we periodically backup information.

Website and to use the ARATIS API

You cannot opt-out of Administrative Emails. “Administrative Emails” relate to your activity on the Website and the ARATIS API, and include but are not limited to emails regarding your account, requests or inquiries, and purchases of products and services. If you do not want to receive promotional emails from us, you may elect to opt-out of receiving promotional emails at any time after registering by hitting the “unsubscribe” button at the bottom of any of our emails.

Security of Information

You can access your personal data on our Website with your email and password. This password is encrypted. We advise against sharing your password with anyone. In addition, your personal data resides on a secure server that only selected personnel and contractors have access to. We may encrypt certain sensitive information using Secure Socket Layer (SSL) technology to ensure that your personal data is safe as it is transmitted to us. However, no data transmission can be guaranteed to be 100% secure. As a result, while we employ commercially reasonable security measures to protect data and seek to partner with companies that do the same, we cannot guarantee the security of any information transmitted to or from the Website or via the ARATIS API, and are not responsible for the actions of any third parties that may receive any such information. ARATIS’s developer support team has access to your contact details and other information you share during the course of the communication over support tickets. Please note that ARATIS’s developer support team will be able to access the call and SMS detail records, debug logs, audio recordings and auth keys to your account for debugging purposes.

Privacy Policies of Third Party Websites

This Privacy Policy only addresses the use and disclosure of information we collect from you on https://www.AratisSolutions.com and, as applicable, via the ARATIS API. Other websites or services that may be accessible through our Website may have their own privacy policies and data collection, use and disclosure practices. If you use, link or visit any such third party website, we urge you review such website’s privacy policy. We are not responsible for the policies or practices of third parties.

Changes to our Privacy Policy

This Privacy Policy may change from time to time. If we make a change that we believe substantially reduces your rights, we will provide you with notice by email. By continuing to use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.

Please feel free to contact us at support@AratisSolutions.com if you have any questions about our Privacy Policy, or you need more information then we have shown here.

Last revision: August 10, 2018.