Aryna Privacy Policy
Effective date: 17 June 2025
Last updated: 17 June 2025
1. Who we are
Aryna Ltd. (“Aryna”, “we”, “our” or “us”) provides an AI-powered platform that helps individuals and teams create content and manage social-media and personal-brand presence across channels. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you visit aryna.ai, use our mobile or desktop applications, interact with our social-media plug-ins, or otherwise engage with our services (collectively, the “Services”).
2. Scope
This Policy applies to visitors, registered users, and organisations on whose behalf a user accesses the Services. Separate contractual data-processing agreements (“DPAs”) may apply to enterprise customers.
3. Information we collect
| Category | Typical examples | Source |
|---|---|---|
| Account & profile data | name, email, password hash, profile photo, bio, linked social-media handles | you |
| User-generated content | drafts, posts, images, videos, prompts supplied to Aryna’s AI tools | you |
| Social-media metadata | follower counts, engagement metrics, scheduling data, comments | APIs of networks you connect (e.g., Instagram, X/Twitter, LinkedIn) |
| Device & usage data | IP address, browser type, device-ID, crash logs, clickstreams | automatic collection |
| Cookies & similar tech | session cookies, analytics pixels, advertising identifiers | automatic collection |
| Payment data | last 4 digits of card, billing address, VAT/Tax ID | payment processor |
| Sensitive data (only if you disclose it) | e.g. biometric images in a profile picture, information revealing race/health in posted content | you |
4. How and why we use your information
| Purpose | EU/UK legal basis | Typical U.S. state purpose category |
|---|---|---|
| Provide, secure, and maintain the Services | Contract performance; Legitimate interest | “Operations” |
| Run generative-AI functions (e.g., content rewriting, image generation) | Legitimate interest; Consent for optional features | “Targeted advertising & profiling” (where applicable) |
| Personalise recommendations & measure engagement | Consent (where required for cookies); Legitimate interest | “Analytics” |
| Marketing emails & in-product messages | Consent / Soft opt-in (EU e-Privacy) | “Advertising” |
| Compliance with law, detecting fraud and abuse | Legal obligation; Legitimate interest | “Security” |
| Improve models (R&D) on an aggregated/anonymised basis | Legitimate interest | “Research & development” |
Automated decision-making & profiling
Aryna uses machine-learning models to suggest optimal posting times and content styles. These decisions have no legal or similarly significant effect on you. You can opt-out of marketing-profile building in your user settings (§ 10).
5. Sharing and disclosure
We never sell personal information. We share it only with:
- Service providers (hosting, analytics, payment, customer support, email, content delivery).
- Social-media platforms you connect (to publish content or pull analytics).
- Affiliates & successors in the event of a merger or acquisition (notice will be provided).
- Legal & regulatory bodies when required to comply with law, court orders, or to protect rights and safety.
All vendors are bound by confidentiality and data-processing agreements consistent with GDPR and relevant U.S. state laws.
6. International transfers
We are headquartered in the UK and use cloud infrastructure in the EU and the United States. Where personal data is transferred outside the UK/EEA to a country lacking an adequacy decision, we rely on EU/UK Standard Contractual Clauses plus supplementary safeguards (encryption in-transit/at-rest, access controls) .
7. Cookies and similar technologies
We use:
- Essential cookies – sign-in, load balancing.
- Analytics cookies – first-party analytics and Google Analytics 4 (IP-anonymised).
- Advertising cookies – Meta Pixel, LinkedIn Insight Tag (consent banner in EU/UK).
Manage your preferences anytime via the Cookie Settings link in the footer.
8. Data retention
We keep personal data only as long as necessary for the purposes described:
- Account information – for the life of your account + 6 years (tax/audit).
- Draft content – until you delete it or 24 months of inactivity.
- Logs – 18 months for security analysis.
- Marketing opt-out records – indefinitely (to honour opt-out).
9. Security
We employ industry-standard safeguards: TLS 1.3 encryption, least-privilege access, regular penetration tests, and ISO 27001-aligned policies. Unfortunately, no system is 100 % secure; please keep your credentials confidential.
10. Your privacy rights
EU & UK (GDPR / UK GDPR)
- Access, rectify, erase, restrict, data portability, object, withdraw consent
- Lodge a complaint with a supervisory authority (e.g., ICO in the UK)
United States – State laws (effective 2025)
Residents of CA, CO, CT, DE, MT, OR, TX, UT, VA and other states with omnibus privacy laws may:
- Know, access, correct, delete, and obtain a copy of personal data
- Opt-out of targeted advertising, sale, or sharing of personal data
- Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects (available in CA, CO, CT, VA)
- Limit the use or disclosure of sensitive personal data (CA CPRA)
Requests can be made in-app or via privacy@aryna.ai. We will respond within the timeframe required by your jurisdiction (30–45 days).
11. Children’s privacy
Aryna is not directed to children under 13 (U.S.) / 16 (EU/UK), and we do not knowingly collect their personal data. If you believe a child has provided personal data to us, contact privacy@aryna.ai and we will delete it promptly.
12. AI-specific transparency
Under the forthcoming EU AI Act we provide:
- A description of the AI techniques used (large-language models, diffusion models).
- Documentation of training data provenance (publicly available and licensed datasets).
- Opt-out mechanism if you do not want your prompts/content used to improve models (requires disabling “Model-training” toggle in Settings).
- High-risk use cases (e.g., automated candidate screening) are currently not offered by Aryna.
13. Third-party services & links
Our Services may contain links to third-party sites or integrations whose privacy practices differ. We encourage you to read their policies.
14. Changes to this Policy
We will post any changes here and, if they are material, notify you via email or in-product banner at least 30 days before they take effect. Historical versions will be archived.
15. Contact us
| Controller | Aryna Ltd., 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom |
|---|---|
| Data Protection Officer (DPO) | dpo@aryna.ai |
| EU Representative (GDPR Art 27) | Aryna GmbH, Unter den Linden 10, 10117 Berlin, Germany |
| U.S. Privacy Questions | privacy@aryna.ai |