Introduction

Artifact ("Artifact," "we," "our," or "us") is committed to protecting your privacy and the security of your data. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you access or use the Artifact platform and any related services, APIs, data feeds, and tools (collectively, the "Service").

Artifact operates as a professional-grade financial intelligence platform serving institutional investors, asset managers, analysts, and financial professionals. Given the sensitive nature of financial data and professional workflows, we take our obligations around data privacy seriously.

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please discontinue use of the Service immediately.

Information We Collect

Account and Identity Information

When you create an account or subscribe to Artifact, we collect:

• Full name, professional title, and employer/organization
• Email address and business contact information
• Billing information, including payment card details (processed securely through third-party payment processors)
• Regulatory identifiers where required (e.g., CRD numbers for registered investment advisors)

Usage and Interaction Data

We automatically collect data about how you interact with our Service, including:

• IP addresses, device identifiers, browser type, and operating system
• Pages viewed, features accessed, search queries entered, and data feeds consumed
• Session duration, click patterns, and navigation paths within the platform
• API access logs, including request frequency, endpoints called, and data retrieved

User-Generated Content

Any data, notes, watchlists, models, alerts, dashboards, or other content you create or upload while using the Service constitutes User Content. We collect and store this content in order to provide the Service to you.

Communications

If you contact us for support or otherwise communicate with Artifact, we retain records of those communications, including email correspondence and chat logs, for service improvement and compliance purposes.

How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, operate, and improve the Artifact platform.
• Personalization: To tailor the Service to your professional preferences, including saving custom watchlists, layouts, alerts, and workflow configurations.
• Billing and Payments: To process subscription fees, manage your account, and communicate billing-related matters.
• Security and Fraud Prevention: To monitor for unauthorized access and maintain the integrity of the platform.
• Analytics and Product Development: To analyze aggregate usage patterns and improve the performance and user experience of the Service.
• Communications: To send account notifications, product updates, and security alerts.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

We do not sell your personal information to third parties, nor do we use your personal information to serve third-party advertising.

Information Sharing and Disclosure

Artifact does not sell, rent, or trade your personal information. We may share information only in the following limited circumstances:

Service Providers

We engage trusted third-party vendors to support our operations, including cloud infrastructure providers, payment processors, analytics services, and customer support platforms. These vendors are contractually bound to protect your data.

Third-Party Data Providers

The Artifact platform integrates data from licensed third-party providers. Your use of such data is subject to the applicable data provider agreements.

Legal Requirements

We may disclose your information if required to do so by law, subpoena, regulatory inquiry, or other legal process, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Artifact, our users, or the public.

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of all or substantially all of our assets, your information may be transferred to the acquiring entity, subject to the same privacy protections described in this Policy.

With Your Consent

We may share your information for any other purpose with your explicit prior consent.

Data Retention and Security

Retention

We retain personal information and User Content for as long as your account is active or as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements.

Security

Artifact implements commercially reasonable technical, physical, and administrative safeguards to protect your information, including:

• Encryption of data in transit (TLS) and at rest
• Role-based access controls and authentication requirements
• Regular security assessments and vulnerability testing
• Employee training on data handling and privacy obligations

No method of data transmission or storage is entirely secure. While we take significant measures to protect your information, we cannot guarantee absolute security.

Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information. These may include:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information, subject to legal or contractual retention obligations.
• Portability: Request a machine-readable copy of your personal data.
• Restriction or Objection: Object to or request restriction of certain processing activities.
• Opt-Out of Marketing: Unsubscribe from marketing communications at any time.

To exercise any of these rights, please contact us using the information in the "Contact Us" section below.

Supplemental Notice for California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act of 2018 (CCPA) grants you additional rights regarding your personal information. In the past 12 months, Artifact may have collected: identifiers (name, email, IP address); professional or employment-related information; commercial information (subscription records, usage history); internet or electronic network activity; and geolocation data derived from IP addresses.

Note: Artifact does not sell personal information as defined by CCPA.

Supplemental Notice for Nevada Residents

Artifact does not sell personal information as defined under Nevada law. If you have questions, please contact us as described below.

International Data Transfers

Artifact is headquartered in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate. Where required, we implement appropriate safeguards (such as standard contractual clauses) for international data transfers.

Children's Privacy

The Service is designed for professional and institutional use and is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors.

Links to Third-Party Services

The Service may contain links to third-party websites, platforms, or data sources. Artifact does not control and is not responsible for the privacy practices of such third parties.

Changes to This Privacy Policy

Artifact may update this Privacy Policy from time to time. When we make material changes, we will post the revised Policy with an updated effective date and, where appropriate, notify you by email or in-platform notification.

Contact Us

If you have questions, concerns, or requests related to this Privacy Policy, please contact us:

Artifact
Attn: Privacy Team
Email: [email protected]
Website: www.artifactinsights.com