What this site collects, and what it doesn't.

No forms. No fingerprinting. No session replay. No tracking pixels. Three things happen on a first visit, and none of them stores anything about you until you make a choice on the cookie banner:

• Country lookup.Our server checks your IP against an offline copy of MaxMind's GeoLite2-Country database to decide one thing — whether to show the consent banner as a forced-choice modal (EU, EEA, UK, Switzerland) or a dismissible strip (everywhere else). The lookup happens in memory; we never store your IP, the country, or the result.
• Consent banner. You see the banner, you make a choice, the choice is stored in a first-party cookie — see §6.
• Analytics — the rule depends on where you are. If you're in the EU, EEA, UK, or Switzerland, Google Analytics 4 never loads until you click Accept all (or accept Analytics in the Manage flow). Everywhere else, GA4 loads on first visit under a default-granted Consent Mode v2 signal and counts pageviews and outbound link clicks — clicking Rejectimmediately disables it via Google's documented kill switch and no further events are sent. Either way, your choice is remembered (see §6) and the banner only re-appears if you open it from the footer.

That's the entire inventory of what this site collects from you. Anything else — error tracking, A/B tests, heatmaps, chat widgets — would require a change to this page in the same pull request. See §5.

The site runs on a Linux VM we operate. Like any web host, the front-end web server records standard request metadata — IP address, user agent, the path you visited, response status, and timing — to an access log. We keep these logs on the host for operations and abuse prevention, rotated by the standard system log rotation. We do not export, aggregate, or analyse them. Nothing leaves the VM.

If you accepted Analytics on the banner, pageview and outbound-link events also go to Google's GA4 servers, attached to a randomly-generated client ID — not to you personally. We use anonymised IPs (anonymize_ip: true) and we don't link GA4 data to any other system we run. Google's own privacy terms apply to what Google does with that data once it's there.

The “Book a 30-minute call” button on /contactlinks out to a Cal.com scheduling page. Once you click it, you are on Cal.com's domain, and Cal.com's privacy terms apply. We receive the meeting details Cal.com sends us (your name, email, and a one-line note if you wrote one) so we can show up.

hello@arc10.iois a normal email address. Your mail provider and ours handle the message. If you email us, we have your message. We don't feed it into a CRM.

Used— only what's on this list:

• Google Analytics 4 (googletagmanager.com, google-analytics.com) — pageviews and outbound link clicks, gated on your consent. Loads only after you accept Analytics on the banner.
• Cal.com (cal.com) — only when you click the booking link on /contact. See §3.
• MaxMind GeoLite2-Country — country lookup, bundled with the application. No request goes to MaxMind at runtime. This product includes GeoLite2 data created by MaxMind, available from maxmind.com.
• Klaro— the consent banner UI, MIT-licensed, self-hosted in our app bundle. No request goes to Klaro's servers.

Not used — none of these are wired into this site:

• Plausible, Posthog, Fathom, or any other analytics tool besides GA4.
• Sentry, Bugsnag, or any error-reporting service.
• Hotjar, FullStory, or any session-replay tool.
• Intercom, Drift, or any chat widget.
• Social trackers (Facebook Pixel, LinkedIn Insight, X/Twitter Pixel, etc.).
• Google Fonts CDN — body fonts are self-hosted via next/font, and the open-graph image fonts are bundled with the site. No font CDN is contacted at runtime.
• Google Ads pixels yet. We're preparing to add them ahead of a planned campaign later this year — when that goes live, this page changes in the same pull request.

See /terms for the rest of how this site is used.

We set one first-party cookie always, and two more only if you accept Analytics:

• klaro — your consent banner choice. First-party, set by us, 365 days. We use it for one thing: not asking you again every visit.
• _ga— GA4 client ID. Google's standard analytics cookie. First-party, 2 years. Set only if you accepted Analytics.
• _ga_CTN2S0VD4Y— GA4 session state. First-party, 2 years. Set only if you accepted Analytics. The ID is our GA4 property; it's not personally identifying.

We do not read localStorage or sessionStoragein our own code. GA4 may write to them after consent is granted — that's Google's implementation, governed by Google's terms.

To revoke consent at any time, click Cookie preferencesin the footer. We implement Google's Consent Mode v2, so revoking immediately stops further GA4 events from being sent and sets the standard ga-disable flag.

This site is not directed to children under 13, and we do not knowingly collect data from children.

The “Last updated” line at the top of this page is the authoritative timestamp. If we make a material change — adding a new analytics tool, error tracking, a real contact form, anything that contacts a non-arc10.io domain at runtime — we update this page in the same change.

Privacy questions go to hello@arc10.io. Same address, same person reading it.