Privacy Policy
Last updated July 16, 2026
This policy explains what data ArcBilling (part of Revenue Arc) collects, how we use it, and who we share it with. It’s written in plain language for an early-access product and will evolve; it is not legal advice.
1. Who this covers
This policy describes how ArcBilling handles data for two groups: the agencieswho use ArcBilling to bill their clients, and those agencies’ clientswho receive and pay invoices. Agencies are responsible for their own clients’ data; ArcBilling processes that data on the agency’s behalf.
2. What we collect
From agencies: your name and email (via Google Sign-In), your agency and brand details, your team members, and the invoices, clients, campaigns, and recurring plans you create.
From your clients: the contact details you enter (name, email) and the invoices addressed to them. When a client pays, their card details go directly to Stripe — ArcBilling never sees or stores card numbers. We keep only the transaction references (e.g. a Stripe payment identifier and amount) needed to mark invoices paid and reconcile funding.
Automatically: standard technical data such as IP address and browser type, used for security, rate-limiting, and debugging.
3. How we use it
To provide the service: authenticating you, rendering your dashboard and branded pay pages, generating and sending invoices and reminders, recording payments, and keeping the platform secure. We do not sell your data or your clients’ data, and we do not use it for advertising.
4. Who we share it with
We share data only with the service providers that run ArcBilling:
- Stripe— payment processing and Connect account management (your clients’ card data lives here, not with us).
- Google Firebase — sign-in / authentication.
- Neon — the database hosting your account data.
- Twilio SendGrid — sending transactional email (invoices, reminders, invites).
- Vercel — application hosting.
Each processes data under its own terms and security commitments. We may also disclose data if required by law or to protect the service.
5. Data retention
We keep your account and invoice data for as long as your account is active and as needed to provide the service and meet legal and accounting obligations. You can ask us to delete your account data; some records tied to completed payments may be retained where required for compliance.
6. Security
Data is transmitted over HTTPS and stored with our infrastructure providers’ encryption at rest. Access is authenticated and scoped so each agency sees only its own data. Card data is handled entirely by Stripe, a PCI-DSS Level 1 provider. No system is perfectly secure, but we take reasonable measures to protect the information we hold.
7. Your choices and rights
You can view and edit most of your data directly in the dashboard. Depending on where you live, you may have rights to access, correct, export, or delete your personal data. To exercise them, or if a client asks an agency to remove their data, contact us and we’ll help. Agencies remain responsible for responding to their own clients’ requests.
8. International data
ArcBilling and its providers operate primarily in the United States. If you use the service from elsewhere, your data may be processed in the U.S. and other countries where our providers operate.
9. Changes to this policy
We may update this policy as the product evolves. Material changes will be reflected in the “last updated” date above. Continued use after an update means you accept the revised policy.
Questions? Email hello@revenuearc.com.