Privacy Policy - ARP Networks

This Privacy Policy describes how ARP Networks, Inc. (“ARP Networks,” “we,” “us,” or “our”) collects, uses, and protects information about you when you use the arpnetworks.com domain, including the main website, blog (arpnetworks.com/blog), and customer portal (Phoenix). ARP Networks, Inc. is a California corporation providing internet hosting services. We collect only the information necessary to provide and secure our services.

This Privacy Policy does not apply to any data, content, or materials that you store, transmit, or process on ARP Networks infrastructure (such as on a virtual private server or dedicated server). For that data, you are the data controller and ARP Networks acts solely as an infrastructure provider. You are responsible for your own compliance with applicable privacy and data protection laws with respect to any personal data you handle using our services.

Owner and Data Controller:

ARP Networks, Inc.
8605 Santa Monica Blvd PMB 71478
West Hollywood, CA 90069-4109
USA

Privacy inquiries: Contact form

1. Information We Collect

Account Information

When you create an account with ARP Networks, we collect the following information:

Email address — used for account identification, billing notifications, and support communications
First and last name — used for account identification and correspondence
Company name (optional) — used for billing and account records
Password — stored exclusively as a bcrypt hash; we never store your plaintext password

Payment Information

Payment processing is handled by Stripe. ARP Networks does not store credit card numbers or raw payment card data. Stripe collects billing address, card details, and purchase history on our behalf. We retain invoice records and payment amounts for accounting and tax compliance.

Billing Data

We collect service usage records necessary for billing, including VPS resource allocation, bandwidth usage measurements, and IP block assignments. This data is used to generate accurate monthly invoices.

Technical Information

We collect certain technical information automatically when you access our services:

IP address — used for security monitoring and DDoS protection
Browser type and operating system — used to diagnose issues, improve compatibility, and maintain service performance
Web server access logs — retained for a limited period for security and abuse prevention purposes

2. How We Use Your Information

Where applicable, including under the GDPR, the legal basis for each type of processing is noted below.

Service Provision

We use your information to operate and deliver our hosting services, including:

Account management and authentication
Service provisioning and configuration
Billing and invoicing
Customer support

Legal basis: Performance of a contract — processing is necessary to provide the services you have purchased.

Communications

We use your contact information to send service announcements, billing notifications, and responses to support requests. We do not send marketing emails. You will only receive communications directly related to your account and services.

Legal basis: Performance of a contract — service announcements, billing notifications, and support communications are necessary to deliver and maintain your services. Legitimate interest — abuse warnings, suspension notices, and policy enforcement communications are necessary to secure and enforce our services.

Security and Fraud Prevention

We use technical information to protect against unauthorized access to accounts, prevent abuse of our infrastructure, and defend against DDoS attacks and other security threats.

Legal basis: Legitimate interest — protecting our infrastructure, our users, and third parties from abuse and security threats. We ensure that such processing is proportionate and does not override users’ fundamental rights and freedoms.

Legal Compliance

We may use or disclose your information as required to comply with applicable laws and regulations, or in response to valid legal requests from government authorities.

Legal basis: Legal obligation — processing is necessary to comply with applicable law.

Service Improvement and Reliability

We use technical and usage data to maintain and improve service performance, reliability, and stability, including debugging, performance monitoring, and capacity planning.

Legal basis: Legitimate interest — ensuring the continued quality and reliability of our services. We ensure that such processing is proportionate and does not override users’ fundamental rights and freedoms.

3. Third-Party Services

We use a limited number of third-party services to operate our platform. Each service is described below, including what data they collect and links to their privacy policies.

Payment Processing

Stripe (stripe.com)
Stripe processes all credit and debit card payments on our behalf. When we create invoices through Stripe, we share the following account and billing information:

Your name
Company name (if provided)
Billing address
Itemized line items for each invoice, including service description, quantity, and amount charged

In addition, Stripe independently collects payment information (credit/debit card details) that you enter directly into their payment forms. Processing occurs in the United States.

Resource labels and invoice detail: By default, ARP Networks does not include resource labels (such as IP addresses, hostnames, or other identifying labels you assign to your services) on invoices sent to Stripe. If you uncheck “Hide resource labels on invoices” in your account profile, these labels will appear as part of the itemized line item descriptions on your invoices and will be shared with Stripe. You can re-enable this setting at any time to stop including resource labels on future invoices.

Stripe Privacy Policy →

Analytics

Plausible Analytics (plausible.io)
We use Plausible Analytics for privacy-focused, cookie-less website analytics. Plausible does not collect personally identifiable information. All data is anonymized and aggregated. Plausible is compliant with GDPR, CCPA, and PECR.

Plausible Data Policy →

Blog Comments

Disqus (used on arpnetworks.com/blog only)
The blog uses Disqus as a third-party commenting service. Disqus may set its own cookies and collect usage data independently of ARP Networks. This service operates only on the blog portion of our website.

Disqus Privacy Policy →

Content Delivery

Font Awesome (Fonticons, Inc.) — Icon fonts served via CDN across our web properties. May collect usage data. Font Awesome Privacy Policy →

Google Fonts (used on arpnetworks.com/blog only) — Typeface visualization service. May collect usage data. Google Privacy Policy →

Scalar (used on /api/docs only) — Renders our interactive API documentation and loads web fonts from fonts.scalar.com. May collect usage data. Scalar Privacy Policy →

4. Data Security

We implement the following technical measures to protect your information:

HTTPS/TLS is enforced for all web traffic to and from our services
Passwords are stored using the bcrypt hashing algorithm; plaintext passwords are never stored
Session cookies are encrypted using AES-256-GCM or signed using HMAC to prevent tampering
Infrastructure security is maintained through secure server configurations, regular software updates, and strict access controls

While we employ industry-standard security practices, no system is 100% secure. We cannot guarantee the absolute security of your information transmitted to or stored on our systems. You are responsible for maintaining the confidentiality of your account credentials.

5. Data Retention

Account data is retained for the lifetime of your account to allow you to return and use our services at any time
Payment and invoice records are retained for accounting and tax compliance purposes, as required by applicable law
Server access logs are retained for a limited period for security monitoring and abuse prevention
Support communications are retained to assist with ongoing and future support requests

6. Your Rights

Depending on your location and applicable law, you may have the following rights with respect to your personal information:

Right to Access — request a copy of the personal information we hold about you
Right to Deletion — request that we delete your personal information
Right to Rectification — request correction of inaccurate or incomplete information
Right to Data Portability — request your data in a structured, machine-readable format
Right to Object — object to certain types of processing of your personal information

EEA/Swiss Users (GDPR): If you are located in the European Economic Area or Switzerland, you have rights under the General Data Protection Regulation (or equivalent Swiss data protection law) including those listed above.

California Users (CCPA/CPRA): If you are a California resident, you have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, including the right to know, the right to delete, and the right to opt out of the sale of personal information. ARP Networks does not sell personal information.

To exercise any of these rights, please contact us or submit a support ticket through your customer dashboard.

7. Cookies and Analytics

We use only essential cookies that are strictly necessary for the website to function. We do not use advertising, tracking, or marketing cookies.

Our analytics provider, Plausible Analytics, does not use cookies and does not collect personally identifiable information. All analytics data is anonymized and aggregated.

For a detailed breakdown of the cookies we use and their purposes, please see our Cookie Policy.

8. Legal Compliance

ARP Networks, Inc. is incorporated in California, USA, and is subject to United States law. We may be required to disclose your information in response to valid legal requests from law enforcement or other government authorities.

When we receive a legal request for customer data, we will:

Review the request to verify its legal validity
Provide only the specific information legally required by the request
Notify affected users when we are legally permitted to do so

9. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal information from a person under 18 without parental consent, we will take steps to delete that information promptly.

If you believe we have inadvertently collected information from a minor, please contact us.

10. International Data Transfers

ARP Networks processes and stores data in the United States. If you are located in the European Economic Area, Switzerland, or any other jurisdiction outside the United States, please be aware that your information will be transferred to and processed in the United States. By using our services, you acknowledge this transfer.

We implement appropriate safeguards to protect your information in accordance with applicable data protection laws. Please be aware that the United States may not provide the same level of data protection as the laws in your home country.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. When we do, we will update the “Last Updated” date at the top of this page.

For material changes, we will provide notice via email or a prominent notice on our website. Your continued use of our services after any changes take effect constitutes your acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Privacy & General Inquiries: Contact form
Existing Customers: Submit a support ticket through the Tickets section of your customer dashboard
Mailing address:
ARP Networks, Inc.
8605 Santa Monica Blvd PMB 71478
West Hollywood, CA 90069-4109
USA

Related Policies

Terms of Service — the rules and conditions governing use of ARP Networks services
Cookie Policy — detailed information about the cookies we use and why