Explore docs
Ackaia OneCore DocumentsVersion 1.00.00Updated 2026-04-27

Ackaia One Privacy Policy#

Ackaia Corporation v1.00.00 April 27, 2026 1233 York Avenue, Apt. 301 New York, NY 10065 United States of America www.ackaia.com

Effective Date: April 27, 2026

Entity: Ackaia Corporation, 1233 York Avenue, New York, NY 10065, United States

(“Ackaia”, “Ackaia Corp.”, “we”, “our”, “us”)

Platform: Ackaia One (“the Platform”)

Revision History#

VersionChangesDate
1.00.00Initial Publication04/27/2026

1. Overview of this policy#

This Privacy Policy explains how Ackaia Corp. collects, uses, stores, protects, shares, and otherwise processes personal information in connection with Ackaia One, including Ackaia One Storage and any related websites, applications, interfaces, APIs, dashboards, account systems, sharing features, security systems, and services.

Ackaia One is designed around privacy, confidentiality, security, and transparency. We believe that a privacy-first service must explain not only what it does with personal information, but also what it does not do, what technical limitations exist, and what safety systems operate alongside encryption.

This Privacy Policy should be read together with the Ackaia One Terms of Service. Capitalized terms not defined here have the meaning given to them in the Terms of Service.

2. Who We Are#

Ackaia One is provided by Ackaia Corp.

For purposes of applicable privacy laws, Ackaia Corp. may act as a data controller, business, service provider, processor, or operator depending on the context, the user relationship, the nature of the data, and the applicable law.

Where Ackaia determines the purposes and means of processing personal information, Ackaia acts as the controller of that information. Where Ackaia processes information on behalf of an organization under a separate written agreement, Ackaia may act as a processor or service provider for that organization.

Contact: Ackaia Corporation 1233 York Avenue - New York, NY 10065 | United States of America privacy@ackaia.com security@ackaia.com www.ackaia.com

3. Scope of This Privacy Policy#

This Privacy Policy applies to personal information processed in connection with Ackaia One, including:

  • account registration and authentication;
  • use of Ackaia One Storage;
  • encrypted file upload, storage, download, and sharing;
  • subscription and billing features;
  • support and communications;
  • security, fraud prevention, abuse prevention, and legal compliance;
  • the Risk Assessment Engine;
  • source-available transparency pages, security documentation, and related public materials;
  • websites, dashboards, APIs, and interfaces connected to Ackaia One.

This Privacy Policy does not apply to third-party services, websites, payment processors, repositories, integrations, or platforms that are not controlled by Ackaia, even if they are linked from Ackaia One.

4. Our Privacy-First Commitments#

Ackaia One is built with the goal of reducing unnecessary access to user content. Our privacy-first commitments include:

  • using client-side encryption for supported storage features;
  • designing storage so that Ackaia does not ordinarily possess the keys required to decrypt encrypted stored file contents;
  • limiting access to operational information to what is necessary for service delivery, security, billing, compliance, abuse prevention, and support;
  • avoiding use of encrypted file contents for advertising;
  • explaining what metadata remains visible to Ackaia;
  • explaining when safety systems operate before encryption;
  • documenting important cryptographic behavior where appropriate;
  • maintaining controls intended to protect accounts, systems, and infrastructure.

These commitments are not absolute guarantees against every risk. They must be understood together with the limitations described in this Privacy Policy and the Terms of Service.

4. Information We Collect#

Ackaia collects different categories of information depending on how you use the Service.

4.1 Account Information#

When you create or use an Ackaia account (“Ackaia ID”), we may collect:

  • name or display name;
  • email address;
  • account identifier;
  • authentication information;
  • account type;
  • subscription status;
  • plan information;
  • organization or billing profile information;
  • security settings;
  • account creation date;
  • account status;
  • support or administrative notes.

We use this information to create and maintain your account, authenticate you, provide access to the Service, manage subscriptions, enforce security controls, and communicate with you.

4.2 Authentication and Security Information#

Ackaia may process information related to authentication and account security, including:

  • login timestamps;
  • session identifiers;
  • IP addresses;
  • approximate location inferred from IP address;
  • device and browser information;
  • user agent strings;
  • failed login attempts;
  • security challenge records;
  • session revocation records;
  • suspicious activity signals;
  • audit logs;
  • account recovery events.

We use this information to secure accounts, detect unauthorized access, prevent abuse, troubleshoot login problems, enforce rate limits, and comply with security obligations.

4.3 Subscription, Payment, and Billing Information#

If you subscribe to a paid plan, we may process billing-related information, including:

  • selected plan;
  • billing cycle;
  • subscription status;
  • payment status;
  • invoice identifiers;
  • transaction identifiers;
  • tax information where required;
  • billing name and billing contact information;
  • payment method metadata, such as brand, last digits, expiration month/year, or processor token, where made available by our payment provider.

Ackaia does not intend to store full payment-card numbers where payment processing is handled by a third-party payment processor. Payment processors may process payment information according to their own terms and privacy policies.

4.4 Storage Metadata#

Ackaia One Storage may process metadata required to operate encrypted storage. This may include:

  • storage object identifiers;
  • file or folder type;
  • encrypted file size;
  • storage size;
  • MIME category or generalized file category;
  • upload timestamp;
  • update timestamp;
  • deletion or trash timestamp;
  • parent folder relationship;
  • sharing status;
  • public-link status;
  • storage quota usage;
  • transfer quota usage;
  • object status, such as active, deleted, processing, failed, or blocked;
  • encrypted filenames or encrypted metadata values;
  • encrypted file-key material;
  • cryptographic protocol version and non-secret cryptographic parameters, such as nonces or IV-related metadata where required for decryption.

Some of this information is not file content, but it may still reveal patterns about usage. For example, file sizes, upload times, folder structures, and sharing status may reveal information even when file contents are encrypted.

4.5 Encrypted File Content#

When you upload files using supported encrypted storage features, file contents may be encrypted in your browser or client environment before being transmitted to Ackaia.

Ackaia stores encrypted file blobs and related encrypted key material. Under normal operation, after client-side encryption is complete, Ackaia does not possess the cryptographic keys required to decrypt your stored file contents.

Because of this design, Ackaia may be unable to recover your encrypted files if you lose your required keys, passphrases, device keys, local key material, or recovery information.

4.6 Local Key Storage Information#

For usability, Ackaia One may store local key material, wrapped keys, cryptographic state, or device-trust information in your browser or device, including through mechanisms such as IndexedDB, local storage, session storage, browser storage APIs, or equivalent client-side storage.

This local storage helps reduce the need to repeatedly enter a vault passphrase or PIN. However, it means that the security of your encrypted content also depends on your device, browser, operating system, extensions, and local environment.

Ackaia does not control all risks associated with local devices. Malware, malicious extensions, unauthorized local access, compromised browsers, stolen sessions, or insecure devices may compromise local key material.

4.7 Public Sharing Information#

When you create or access a public share link, Ackaia may process information such as:

  • shared object identifier;
  • link creation time;
  • sharing status;
  • link access timestamps;
  • IP addresses associated with link access;
  • transfer usage;
  • public download limits;
  • abuse-prevention signals;
  • link revocation status;
  • associated account or owner identifier.

Public links may include or rely on cryptographic material, URL fragments, identifiers, or access tokens. Anyone who possesses the required link and key material may be able to access the shared content.

4.8 Transfer Usage and Quota Information#

To enforce plan limits, bandwidth limits, public-link limits, and fair-use rules, Ackaia may process:

  • uploaded bytes;
  • downloaded bytes;
  • total transfer usage;
  • public transfer usage;
  • private transfer usage;
  • daily reset records;
  • quota counters;
  • exceeded-limit events;
  • throttling or rate-limit records.

This information is necessary to operate plans, prevent abuse, and maintain service reliability.

4.9 Risk Assessment Engine Information#

Ackaia may operate a Risk Assessment Engine to detect, prevent, block, or respond to illegal, abusive, exploitative, or severely harmful content.

The Risk Assessment Engine may run before client-side encryption is completed. It may generate, process, compare, transmit, or store technical safety signals, including:

  • cryptographic hashes;
  • perceptual hashes;
  • media fingerprints;
  • file signatures;
  • similarity signals;
  • known-content match indicators;
  • CSAM detection indicators;
  • upload risk scores;
  • file-processing status;
  • account, session, IP, timestamp, and object identifiers associated with a risk event;
  • records of blocked, flagged, or rejected uploads.

The Risk Assessment Engine is intended for safety, legal compliance, abuse prevention, child protection, and protection of the Service. It is not intended for advertising, behavioral profiling, or commercial exploitation of file contents.

Hash-matching systems are widely used to detect known illegal or harmful content. Microsoft describes PhotoDNA as technology that creates a hash or digital signature of an image to compare against known child exploitation material, and Microsoft states that these hashes are not used as facial recognition and are not reversible to recreate the original image.

4.10 Communications and Support Information#

If you contact Ackaia, request support, report a bug, submit a security issue, send feedback, or communicate with us, we may process:

  • your name;
  • email address;
  • account identifier;
  • message content;
  • attachments you choose to provide;
  • support history;
  • diagnostic information;
  • logs or screenshots you provide;
  • information necessary to respond to your request.

You should avoid sending sensitive file contents, passwords, secret keys, recovery phrases, or private cryptographic material to support unless specifically instructed through a secure process.

4.11 Website and Analytics Information#

When you visit Ackaia websites or dashboards, we may process limited technical information such as:

  • IP address;
  • browser type;
  • device type;
  • operating system;
  • pages visited;
  • referring pages;
  • timestamps;
  • approximate region;
  • cookie or similar identifiers;
  • performance and error telemetry.

Ackaia intends to use analytics in a privacy-conscious manner. We do not intend to use encrypted file contents for advertising or behavioral targeting.

4.12 Cookies and Similar Technologies#

Ackaia may use cookies, local storage, session storage, browser storage, and similar technologies for:

  • authentication;
  • session management;
  • security;
  • remembering preferences;
  • preventing fraud;
  • maintaining logged-in state;
  • storing local encryption-related state;
  • measuring performance;
  • understanding basic service usage.

You can control cookies through your browser settings, but disabling certain technologies may prevent the Service from working properly.

5. Information We Do Not Intend to Collect or Use#

Ackaia One is designed to avoid unnecessary exposure of encrypted file contents.

Subject to the Risk Assessment Engine, legal obligations, user-provided support materials, and other limitations described in this Policy, Ackaia does not intend to:

  • read your encrypted stored file contents;
  • use encrypted file contents for advertising;
  • sell your encrypted file contents;
  • train advertising models on encrypted file contents;
  • manually review encrypted file contents stored in zero-knowledge storage under normal operation;
  • possess the keys required to decrypt stored encrypted file contents under normal operation.

However, this does not mean Ackaia collects no information. Metadata, account information, billing information, security logs, transfer records, risk signals, and other operational data may still be processed.

6. How We Use Information#

6.1 To Provide the Service#

We use information to:

  • create and maintain accounts;
  • authenticate users;
  • enable uploads and downloads;
  • store encrypted files;
  • manage folders and storage objects;
  • generate public links;
  • enforce storage and transfer limits;
  • maintain account dashboards;
  • process subscriptions;
  • provide user settings;
  • operate APIs and interfaces.

6.2 To Protect Security#

We use information to:

  • detect unauthorized access;
  • prevent account takeover;
  • enforce rate limits;
  • detect suspicious activity;
  • investigate security events;
  • prevent abuse of public links;
  • protect infrastructure;
  • maintain audit logs;
  • respond to vulnerabilities;
  • secure cryptographic workflows.

6.3 To Operate the Risk Assessment Engine#

We use technical safety signals to:

  • detect known or suspected CSAM;
  • block prohibited uploads;
  • compare hashes or fingerprints with trusted databases;
  • prevent use of the Service for severe abuse;
  • preserve records related to serious violations;
  • report suspected illegal activity when required or appropriate;
  • protect children, victims, users, and the public.

6.4 To Process Payments and Manage Subscriptions#

We use billing information to:

  • process payments;
  • manage subscriptions;
  • issue invoices;
  • prevent payment fraud;
  • enforce plan limits;
  • manage cancellations and renewals;
  • comply with tax and accounting obligations.

6.5 To Communicate With You#

We use contact information to:

  • send account notices;
  • send security alerts;
  • respond to support requests;
  • notify you about important service changes;
  • provide billing notices;
  • send legal or policy updates;
  • provide optional product communications where permitted.

6.6 To Improve and Maintain the Service#

We may use operational information to:

  • debug errors;
  • measure reliability;
  • improve performance;
  • understand feature usage;
  • plan capacity;
  • prevent outages;
  • develop new features;
  • improve security architecture.

We may use and disclose information to:

  • comply with applicable laws;
  • respond to lawful requests;
  • preserve evidence;
  • enforce legal rights;
  • cooperate with authorities where required;
  • report suspected CSAM or serious illegal activity;
  • comply with accounting, tax, consumer-protection, and data-protection obligations.

Where applicable law requires a legal basis for processing personal information, Ackaia may rely on one or more of the following bases.

7.1 Performance of a Contract#

We process information where necessary to provide Ackaia One, maintain your account, store encrypted content, process subscriptions, enforce plan limits, provide support, and perform our obligations under the Terms of Service.

7.2 Legitimate Interests#

We may process information where necessary for legitimate interests, including security, fraud prevention, abuse prevention, service improvement, infrastructure protection, legal claims, product development, and prevention of illegal content, provided those interests are not overridden by applicable rights and freedoms.

We may process information where required to comply with law, legal process, tax obligations, accounting obligations, reporting obligations, child-safety obligations, consumer-protection requirements, or data-protection obligations.

We may rely on consent where required, such as for certain optional communications, optional cookies, or features that require permission. Where processing is based on consent, you may withdraw consent where permitted by law.

7.5 Vital Interests and Public Interest#

In limited circumstances, we may process or disclose information to protect vital interests, protect children or victims, prevent serious harm, respond to emergencies, or support important public-interest safety objectives.

8. How We Share Information#

Ackaia does not sell encrypted file contents. We may share personal information or related data only as described below.

8.1 Service Providers#

We may share information with vendors and service providers that help us operate the Service, including:

  • hosting providers;
  • storage infrastructure providers;
  • payment processors;
  • email providers;
  • security providers;
  • analytics or telemetry providers;
  • customer-support tools;
  • abuse-prevention providers;
  • child-safety technology providers;
  • logging and monitoring systems.

These providers may process information only as necessary to provide services to Ackaia and subject to appropriate contractual or technical safeguards where required.

8.2 Payment Processors#

Payment information may be processed by third-party payment processors. Ackaia may receive payment metadata, transaction status, subscription status, and limited payment-method information, but generally does not store full card numbers when payment processing is handled by a third-party processor.

8.3 Safety, Abuse Prevention, and Child Protection#

Ackaia may share risk signals, hashes, account information, Metadata, logs, or other relevant information with child-protection organizations, safety databases, law-enforcement agencies, reporting bodies, or trusted safety partners where required or appropriate to detect, prevent, report, or respond to CSAM, exploitation, severe abuse, or serious illegal activity.

We may disclose information when we believe disclosure is necessary to:

  • comply with law;
  • respond to lawful requests;
  • enforce our Terms;
  • protect Ackaia’s rights;
  • protect users or third parties;
  • prevent fraud or abuse;
  • investigate security incidents;
  • prevent serious harm;
  • comply with court orders, subpoenas, warrants, or regulatory requests.

8.5 Business Transfers#

If Ackaia is involved in a merger, acquisition, financing, restructuring, bankruptcy, sale of assets, or similar transaction, information may be transferred as part of that transaction, subject to applicable law and appropriate safeguards.

8.6 With Your Direction#

We may share information when you direct us to do so, such as when you create a public link, connect an integration, export data, invite another user, or request support involving a third party.

9. Public Links and Shared Content#

When you create a public share link, you are choosing to make certain content accessible to anyone who receives the required link and access material.

Depending on the sharing model, a link may include or rely on cryptographic material, URL fragments, access tokens, object identifiers, or other access mechanisms. Ackaia may not be able to control what recipients do after accessing shared content.

If a recipient downloads, copies, forwards, screenshots, re-uploads, or redistributes content, Ackaia may not be able to retrieve or erase those copies.

Ackaia may collect access logs, transfer records, IP addresses, timestamps, and abuse signals associated with public links to operate the sharing feature, enforce limits, detect abuse, and protect the Service.

10. Retention of Information#

Ackaia retains information for as long as reasonably necessary to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, prevent abuse, operate billing, support users, and preserve evidence where required or appropriate.

Retention periods may vary depending on the type of information.

10.1 Account Information#

Account information may be retained while your account is active and for a reasonable period after closure, unless longer retention is required or permitted by law, dispute resolution, fraud prevention, abuse prevention, accounting, or security needs.

10.2 Billing Information#

Billing records, invoices, payment metadata, and tax-related records may be retained for periods required by accounting, tax, financial, and legal obligations.

10.3 Storage Metadata#

Storage Metadata may be retained while files, folders, or storage objects remain active, in trash, in backups, in incomplete upload states, or otherwise subject to retention policies.

10.4 Encrypted File Blobs#

Encrypted file blobs may be retained while you maintain them in the Service, while they remain in trash or backup systems, or during retention periods associated with deletion, account suspension, dispute, abuse investigation, or legal obligation.

10.5 Security Logs#

Security logs may be retained for a reasonable period to detect abuse, investigate incidents, protect accounts, and maintain service integrity.

10.6 Risk Assessment Records#

Risk signals, hash matches, blocked-upload records, CSAM-related indicators, enforcement records, and related logs may be retained for longer periods where necessary for child safety, legal compliance, evidence preservation, abuse prevention, enforcement, or cooperation with appropriate authorities.

10.7 Backups#

Information may remain in encrypted backups, disaster-recovery systems, or archival systems for a limited period after deletion from active systems. Backup deletion may occur on a delayed lifecycle schedule.

11. Security Measures#

Ackaia uses technical, organizational, and administrative measures designed to protect information, including encryption, access controls, logging, infrastructure security, authentication systems, rate limiting, monitoring, and internal restrictions.

For encrypted storage features, Ackaia One is designed so that files are encrypted before storage and Ackaia does not ordinarily possess the keys required to decrypt stored encrypted file contents.

However, no security system is perfect. Risks may arise from compromised devices, weak passwords, phishing, malware, malicious browser extensions, exposed share links, lost keys, software vulnerabilities, third-party service failures, or user error.

You are responsible for securing your account, devices, browsers, local key material, recovery information, and public links.

12. International Data Transfers#

Ackaia may process and store information in countries other than the country where you live. Infrastructure providers, storage providers, payment processors, support systems, and other service providers may operate globally.

Where required by applicable law, Ackaia will use appropriate safeguards for international transfers, such as contractual protections, adequacy mechanisms, technical safeguards, or other lawful transfer mechanisms.

By using the Service, you understand that information may be processed in jurisdictions with data-protection laws that differ from those in your location.

13. Your Privacy Rights#

Depending on your location and applicable law, you may have rights regarding your personal information.

These rights may include:

  • the right to confirm whether we process your personal information;
  • the right to access personal information;
  • the right to correct inaccurate information;
  • the right to delete certain information;
  • the right to restrict or object to certain processing;
  • the right to data portability;
  • the right to withdraw consent where processing is based on consent;
  • the right to appeal certain decisions where applicable;
  • the right to receive information about sharing or disclosure;
  • the right not to be discriminated against for exercising privacy rights.

The CCPA grants California consumers privacy rights such as the right to know, delete, correct, and opt out of certain sale or sharing of personal information. LGPD and GDPR also provide data-subject rights that may include access, correction, deletion, portability, and information about processing, subject to legal limitations.

To exercise rights, contact us at:

privacy@ackaia.com

We may need to verify your identity before fulfilling a request. Some requests may be denied or limited where necessary for security, legal compliance, abuse prevention, child safety, billing, dispute resolution, protection of others, or because Ackaia cannot decrypt zero-knowledge encrypted content.

14. Limits on Privacy Rights Requests#

Certain information may be exempt from deletion, access, correction, or portability requests where allowed by law.

For example, Ackaia may retain or restrict access to information where necessary to:

  • comply with legal obligations;
  • detect or prevent fraud;
  • protect security;
  • investigate abuse;
  • preserve evidence;
  • report or investigate CSAM;
  • resolve disputes;
  • enforce agreements;
  • maintain billing records;
  • protect rights of others;
  • maintain encrypted backups for a limited period;
  • prevent harm to children, victims, users, Ackaia, or the public.

Because of Ackaia One’s encryption design, Ackaia may not be able to provide readable copies of encrypted file contents if Ackaia does not possess the keys required to decrypt them. You may need to export decrypted files yourself while you still have access to your keys.

15. Children’s Privacy#

Ackaia One is not intended for use by children below the age required to consent to digital services under applicable law. Users must meet the eligibility requirements described in the Terms of Service.

Ackaia does not knowingly permit children to create accounts where prohibited by law or by our eligibility rules.

Ackaia maintains a zero-tolerance policy for CSAM and child exploitation. The Risk Assessment Engine and related safety processes may be used to detect, block, report, and respond to suspected child exploitation material.

If you believe that a child has provided personal information to Ackaia in violation of this Policy, or if you need to report child-safety concerns, contact us immediately at:

contact@ackaia.com

16. Automated Processing and Risk Signals#

Ackaia may use automated systems to detect security risks, account abuse, public-link abuse, suspicious activity, quota abuse, payment fraud, CSAM indicators, malware indicators, or other prohibited uses.

Automated systems may produce risk scores, flags, matches, alerts, upload blocks, rate limits, or enforcement recommendations.

Where appropriate and feasible, Ackaia may include human review, escalation, appeal mechanisms, or additional verification. However, in serious safety cases, Ackaia may act quickly and without prior notice.

You may not attempt to bypass, disable, overload, evade, manipulate, or deceive automated safety or security systems.

17. Do Not Sell or Share Personal Information#

Ackaia does not intend to sell your encrypted file contents or use them for cross-context behavioral advertising.

If applicable law defines certain advertising, analytics, or tracking activities as “selling” or “sharing” personal information, Ackaia will provide required notices and choices where applicable.

California privacy law gives consumers rights related to the sale or sharing of personal information and requires businesses subject to the law to provide certain disclosures and choices.

Ackaia’s current privacy-first position is that encrypted stored file contents should not be used for advertising, behavioral profiling, or sale to third parties.

18. Sensitive Information#

Ackaia One may be used to store sensitive information. However, because files may be encrypted client-side, Ackaia may not know what categories of sensitive information are contained in encrypted stored files.

Ackaia may process certain sensitive information in limited contexts, such as:

  • payment-related information;
  • account security information;
  • risk signals associated with CSAM or illegal content;
  • government or legal information you voluntarily provide in support requests;
  • information inferred from your use of professional or organizational accounts;
  • information contained in communications you send to Ackaia.

Ackaia does not intend to use sensitive information for advertising or commercial profiling.

19. Professional Confidentiality and Privileged Information#

Ackaia One may be used by professionals such as lawyers, physicians, consultants, executives, and others who handle confidential information.

However, use of Ackaia One does not automatically create attorney-client privilege, doctor-patient privilege, fiduciary duties, regulated hosting status, medical-record compliance, evidentiary compliance, or any specialized professional obligation unless Ackaia expressly agrees in a separate written contract.

You are responsible for determining whether Ackaia One is appropriate for your professional, legal, medical, regulatory, or confidentiality obligations.

20. Data Portability and Export#

Ackaia may provide tools for downloading, exporting, or transferring your files and account information.

Because Ackaia One uses encryption, you may need your own keys, passphrase, browser session, device, or local cryptographic material to export readable file contents.

Ackaia may not be able to export decrypted file contents on your behalf if it does not possess the keys required to decrypt them.

You are responsible for maintaining backups of important files and exporting data before cancelling your account, losing access, deleting local keys, or terminating your subscription.

21. Deletion and Account Closure#

You may be able to delete files, clear trash, revoke public links, cancel subscriptions, or close your account through available Service controls.

Deletion may not be immediate in all systems. Information may remain for a limited period in backups, logs, fraud-prevention systems, security records, billing records, legal records, or abuse-prevention systems.

Ackaia may retain information where necessary for legal compliance, child safety, fraud prevention, dispute resolution, enforcement, accounting, tax, security, or legitimate business purposes.

Deleting an account does not necessarily delete information already shared with others, downloaded by recipients, copied through public links, preserved for legal reasons, or stored by third parties.

22. Security Incidents#

If Ackaia becomes aware of a security incident affecting personal information, Ackaia will investigate and respond according to applicable law and the nature of the incident.

Where legally required, Ackaia will notify affected users, regulators, or other parties.

Because Ackaia One uses encryption, the impact of a storage-system incident may depend on whether encrypted blobs, keys, local key material, account credentials, Metadata, or other data were affected.

Users should promptly notify Ackaia of suspected unauthorized access, compromised accounts, exposed public links, lost devices, or suspected key compromise.

Ackaia One may link to third-party websites, repositories, payment processors, documentation platforms, support systems, or integrations.

This Privacy Policy does not govern third-party services. Third parties may collect and process information according to their own privacy policies.

You should review third-party privacy policies before using those services.

24. Changes to This Privacy Policy#

Ackaia may update this Privacy Policy from time to time to reflect changes in law, technology, product features, security practices, risk controls, business operations, or data-processing practices.

When changes are material, Ackaia will provide notice where appropriate, such as through the Service, email, dashboard notice, website notice, or other reasonable means.

Your continued use of the Service after the updated Privacy Policy becomes effective means that you acknowledge the updated Policy.

25. Region-Specific Notices#

25.1 Brazil#

If Brazilian data-protection law applies, you may have rights under the Lei Geral de Proteção de Dados Pessoais (LGPD), including rights related to confirmation of processing, access, correction, anonymization, blocking, deletion, portability, information about sharing, and review of certain automated decisions, subject to legal limitations.

Ackaia may process personal data based on contractual necessity, legitimate interests, legal obligations, consent, protection of life or physical safety, fraud prevention, regular exercise of rights, or other legal bases recognized by applicable law.

25.2 European Economic Area, United Kingdom, and Switzerland#

If GDPR, UK GDPR, or similar laws apply, you may have rights to access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and lodging a complaint with a supervisory authority.

Ackaia may process personal data based on performance of contract, legitimate interests, legal obligations, consent, vital interests, or public-interest-related safety purposes, depending on the context.

25.3 California and Certain U.S. States#

If California or similar U.S. state privacy laws apply, you may have rights to know, access, delete, correct, opt out of certain sales or sharing, limit certain use of sensitive personal information, and not be discriminated against for exercising privacy rights.

Ackaia does not intend to sell encrypted file contents or use encrypted stored file contents for cross-context behavioral advertising.

26. Contact Us#

For privacy questions, requests, or concerns, contact:

Ackaia Corporation Privacy Contact: privacy@ackaia.com

Legal Contact: legal@ackaia.com

Security Contact: security@ackaia.com

Website: www.ackaia.com Address: 1233 York Avenue, New York NY 10065 USA

For security vulnerabilities, please use Ackaia’s responsible disclosure process.

For child-safety, abuse, or CSAM-related reports, contact:

contact@ackaia.com

End of Policy