Arbitra

Legal

Privacy Policy

How we collect, use, and protect information when you use Arbitra.

Last updated: December 19, 2025Contact form

Quick summary

  • Arbitra is invite-only. We provision accounts after screening and approval.
  • We process call metadata, recordings/links, transcripts, and scoring outputs to run the Service.
  • Customers control portal invites and what data is shared with invited users.
  • We do not sell Customer call recordings, transcripts, or scoring data.

Scope and roles

This Privacy Policy covers the Arbitra website and application (the Service). Arbitra is designed for business use. A Customer organization may invite internal teammates and external client users into a portal.

  • If you are invited to a Customer portal, the Customer controls your access and the content shared with you.
  • If you are a Customer admin, you control your workspace data, exports, and invited users.

Information we collect

We collect the information needed to operate the Service and support Customers.

Account and onboarding

  • Name, business email, company name, role.
  • Qualification info shared during screening (e.g., volume, stack, workflow needs).

Calls, transcripts, and scoring

  • Call metadata (timestamps, duration, identifiers, routing fields).
  • Recordings and/or recording links (depending on integrations).
  • Transcripts, timestamps, and diarization where available.
  • Scoring outputs (criteria results, billable status, outcomes, opportunity, evidence links).
  • Configuration (criteria, thresholds, weights, tiers, mappings).

Integrations, keys, and billing

  • Integration tokens/credentials (e.g., GoHighLevel, OpenPhone, RingCentral, and other providers) needed to sync data.
  • Provider keys/credentials if you choose to store them (e.g., OpenAI, Anthropic, AssemblyAI, AWS Bedrock).
  • Billing contacts and subscription metadata; payment details are handled by the payment processor.

Usage and security logs

  • Log data (IP address, device/browser, timestamps, actions) for security and troubleshooting.
  • Cookies for basic functionality and security.

How we use information

  • Operate the Service (ingestion, transcription, scoring, exports, and portals).
  • Provision accounts and enforce invite-only access controls.
  • Provide support and fulfill configuration/adaptation requests.
  • Maintain security, prevent abuse, and troubleshoot reliability issues.
  • Process billing and account administration.
  • Improve the Service using aggregated analytics.

How we share information

We share information only as needed to provide the Service.

  • Within your Customer organization: Customer admins can access workspace data, exports, and portal settings.
  • With subprocessors: Hosting, storage, logging, analytics, and support tooling providers.
  • With AI and transcription providers: If enabled, transcripts and related data may be sent to providers to produce transcriptions or criterion evaluations. If you bring your own keys, you pay those providers directly. Accuracy depends on the audio you provide; dual-channel/wideband recordings generally perform better than mono 8kHz telephony audio.
  • With payment processors: To process subscriptions and invoices.
  • Legal: If required by law or to protect rights, safety, and security.

Retention and security

We retain Customer data for as long as the account is active or as needed to provide the Service. Customers can request exports and deletion. We use safeguards designed to protect information, including encryption in transit (TLS).

Your choices

Depending on your location, you may have rights to access, correct, export, or delete personal information. Customers can also request a signed Data Processing Addendum (DPA) for their procurement or compliance needs.

Changes

We may update this policy from time to time. If changes are material, we will provide notice through the Service or by email to the Customer’s admin/billing contact.