Skip to main content

Privacy policy

Effective date: March 2026

1. Who we are

This privacy policy describes how Scantr LLC, doing business as Elevarq ("Elevarq," "we," "us," or "our"), collects, uses, and protects information when you use our website (elevarq.com), customer portal, and related services.

2. Information we collect

Account information

When you create an account, we collect your email address and authentication credentials. Passwords are hashed and managed by our authentication provider (AWS Cognito) — we do not store plaintext passwords.

Contact information

If you contact us through the website, we collect the information you provide, including your name, email address, and message content.

Billing and payment information

If you purchase services, we collect billing details such as organization name and billing email. Payment card information is processed by third-party payment processors and is not stored on our servers.

Technical and usage data

We may collect technical information when you use the service, including IP address, browser type, pages visited, and timestamps. This data is used to maintain service reliability and security.

Database connection metadata

When you use Arq analysis services, we process connection parameters and database performance metadata necessary to provide the service. Query text and result data are processed according to the deployment model — on-premise analysis does not transmit query content to Elevarq infrastructure.

For customer data processed through Arq, Elevarq acts as a data processor on behalf of the customer (the data controller).

3. How we use information

  • To provide, maintain, and improve the service
  • To authenticate your identity and manage your account
  • To process transactions and send billing notifications
  • To respond to inquiries and provide support
  • To detect and prevent security issues, fraud, or abuse
  • To comply with legal obligations

We process personal information on the basis of contract performance (providing the service you requested), legitimate interests (maintaining security and improving the service), and legal obligations (where required by law).

We do not sell personal data or use it for advertising or tracking.

4. Service providers

We use third-party service providers to operate the service. These providers process data on our behalf and are contractually obligated to protect it. Current providers include:

  • Amazon Web Services (AWS) — hosting, authentication (Cognito), database (RDS), DNS (Route 53)
  • GitHub — source code hosting and CI/CD
  • Airwallex — payment processing

5. Data location and transfers

Data is processed and stored in the United States. If you access the service from outside the United States, your information may be transferred across borders. We use appropriate safeguards, including encryption and contractual protections with service providers, to protect transferred data.

6. Data retention

We retain account information for as long as your account is active or as needed to provide services. If you request account deletion, we will remove your personal information within a reasonable timeframe, subject to legal retention requirements.

Data that is no longer required for any of the purposes described in this policy is deleted or anonymized.

7. Security

We implement technical and organizational measures to protect your information, including encryption at rest and in transit, access controls, and audit logging. Authentication tokens are stored in HTTP-only secure cookies and are not accessible to client-side scripts.

No system is completely secure. We cannot guarantee absolute security, but we take reasonable steps to protect the information we process.

In the event of a data breach affecting your personal information, we will notify affected users as required by applicable law.

8. Cookies and sessions

We use HTTP-only session cookies for authentication. These cookies are essential for the service to function and cannot be disabled while using authenticated features. We do not use third-party tracking cookies or advertising cookies.

9. Children's data

The service is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

10. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal information. To exercise these rights, contact us at the address below.

California residents may have additional rights under the California Consumer Privacy Act (CCPA). We will respond to verifiable consumer requests in accordance with applicable law.

11. Changes to this policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

12. Contact

Questions about this privacy policy may be directed to: privacy@elevarq.com

Scantr LLC, doing business as Elevarq.