1. Introduction and Scope
Arka HR, Inc. (“Arka HR,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and protect information in connection with our SMS Text Messaging Service, which is provided as part of our comprehensive human resources and professional services offerings.
This Privacy Policy applies specifically to information collected through our SMS Text Messaging Service and should be read in conjunction with our general Privacy Policy and Terms and Conditions for SMS service. This policy covers all text message communications sent to and received from Arka HR through our 10DLC-registered phone numbers, including two-factor authentication messages, training reminders, project updates, and other business-related communications.
Arka HR, Inc. is a Massachusetts corporation with its principal place of business at 867 Boylston Street, 5th Floor #2229, Boston, MA 02116. We operate in the human resources and professional services industry, providing comprehensive HR consulting, compliance support, and workforce management solutions to businesses across various sectors.
Our SMS service is designed to enhance communication efficiency and security within our business operations while maintaining the highest standards of privacy protection and regulatory compliance. We recognize that text messaging involves the transmission of personal information, and we are committed to handling such information responsibly and in accordance with applicable privacy laws and telecommunications regulations. This Privacy Policy is designed to provide transparency about our data practices and to help you understand your rights and choices regarding your personal information. We encourage you to read this policy carefully and to contact us if you have any questions about our privacy practices or your rights under applicable privacy laws.
2. SMS/Text Messaging Data and Consent
To meet carrier requirements and ensure full transparency, this section explicitly details our handling of SMS data and consent.
• Explicit Consent: All SMS communications are sent only after you have provided explicit, written consent to receive messages from us. Your consent is not a condition of any purchase or service.
• Marketing Prohibition: We do not sell, rent, or share your mobile information with third parties for marketing or promotional purposes. All information collected through our SMS service is used exclusively for the transactional and business-related purposes described in this policy.
• Opt-Out Mechanism: You may opt out of our SMS service at any time by texting “STOP” to any message you receive from us. You will receive a final confirmation message, and thereafter, you will no longer receive SMS messages from us. For help, text “HELP”.
• Message and Data Rates: Message and data rates may apply to any messages sent to you from us and to us from you. Message frequency varies based on your interactions with our services.
3. Information We Collect Through SMS Service
Through our SMS Text Messaging Service, we collect various types of information necessary to provide effective communication services and ensure the security and reliability of our systems. The information we collect is limited to what is necessary for legitimate business purposes and is handled in accordance with applicable privacy laws and industry best practices.
• Mobile Phone Numbers: We collect and store the mobile phone numbers of individuals who opt in to receive text messages from us. This information is essential for delivering SMS communications and is obtained only with your explicit consent. We maintain records of phone numbers along with associated consent information, including the date and method of opt-in, to ensure compliance with telecommunications regulations.
• Message Content and Communications: We collect and temporarily store the content of text messages sent to and from our SMS service. This includes messages you send to us in response to our communications, help requests, opt-out messages, and any other text-based communications. Message content is retained only as long as necessary for business purposes and regulatory compliance, and is then securely deleted from our systems.
• Delivery and Technical Information: Our SMS service automatically collects technical information related to message delivery, including delivery confirmations, read receipts when available, timestamp information, carrier routing data, and system interaction logs. This technical information helps us ensure reliable message delivery, troubleshoot technical issues, and maintain service quality.
• Device and Carrier Information: We may collect limited information about your mobile device and wireless carrier to ensure compatibility and optimize message delivery. This may include device type, operating system version, carrier network information, and geographic location data when relevant for message routing purposes.
• Authentication and Security Data: When our SMS service is used for two-factor authentication purposes, we collect and process verification codes, authentication timestamps, security event logs, and related security information. This data is essential for maintaining the security of our systems and protecting against unauthorized access.
• Usage and Interaction Data: We collect information about how you interact with our SMS service, including response rates, engagement patterns, opt-out requests, help requests, and service usage statistics. This information helps us improve our communication effectiveness and ensure compliance with messaging regulations.
All information collection through our SMS service is conducted in accordance with the principle of data minimization, meaning we collect only the information that is necessary for the specific purposes outlined in this Privacy Policy. We do not collect sensitive personal information such as financial data, health information, or other sensitive categories of personal data through our SMS service unless specifically required for legitimate business purposes and with appropriate additional protections.
4. How We Use Your Information
Arka HR uses information collected through our SMS Text Messaging Service exclusively for legitimate business purposes related to our human resources and professional services operations. Our use of your information is guided by the principles of necessity, proportionality, and transparency, ensuring that we process your data only for the specific purposes for which it was collected and with appropriate safeguards in place.
• Service Delivery and Communication: The primary purpose for which we use your information is to deliver SMS communications that support our business relationship with you. This includes sending two-factor authentication codes to verify your identity when accessing secure systems, delivering training reminders and educational content related to HR compliance and professional development, providing project updates and deadline notifications for active client engagements, and transmitting time-sensitive administrative information that requires immediate attention.
• Security and Authentication: We use your mobile phone number and related authentication data to enhance the security of our systems and protect against unauthorized access. This includes generating and delivering verification codes for multi-factor authentication, monitoring for suspicious login attempts or security breaches, maintaining audit logs of authentication events for compliance purposes, and implementing additional security measures when unusual activity is detected.
• Customer Support and Service Improvement: Information collected through our SMS service is used to provide customer support and continuously improve our communication services. This includes responding to help requests and technical support inquiries, analyzing message delivery patterns to identify and resolve technical issues, evaluating user engagement and satisfaction to enhance service quality, and developing new features and capabilities that better serve our users’ needs.
• Regulatory Compliance and Record Keeping: We use collected information to ensure compliance with applicable telecommunications regulations and maintain required business records. This includes maintaining opt-in and opt-out records as required by the Telephone Consumer Protection Act (TCPA), documenting consent and communication preferences for regulatory audits, preserving message logs and delivery records for the periods required by law, and generating compliance reports for internal and external review purposes.
• Business Operations and Analytics: We analyze aggregated and anonymized information from our SMS service to support broader business operations and strategic planning. This includes evaluating communication effectiveness and user engagement trends, identifying opportunities to improve our HR services and client support, conducting internal research to enhance our professional services offerings, and supporting business continuity and disaster recovery planning.
As stated in Section 2, we do not use information collected through our SMS service for any marketing or promotional purposes. Any use of your information beyond the purposes described in this Privacy Policy requires your explicit consent or is otherwise permitted by applicable law.
5. Information Sharing and Disclosure
Arka HR is committed to protecting your privacy and limiting the sharing of your personal information to circumstances that are necessary for providing our SMS service or required by law.
We do not sell, rent, or trade your personal information, including your mobile phone number, to third parties for their own marketing or commercial purposes.
Any sharing of your information is conducted with appropriate safeguards and contractual protections to ensure your privacy rights are maintained.
• Service Providers and Business Partners: We may share your information with trusted third-party service providers who assist us in delivering our SMS Text Messaging Service. These service providers include telecommunications carriers and messaging platform providers who facilitate message delivery, cloud computing and data storage providers who host our systems and data, technical support vendors who help maintain and improve our service capabilities, and security service providers who assist with authentication and fraud prevention measures. All third-party service providers who have access to your personal information are contractually obligated to protect your information and use it only for the specific purposes of providing services to us.
• Legal and Regulatory Requirements: We may disclose your information when required by law or when we believe in good faith that such disclosure is necessary to comply with legal obligations. This includes responding to valid legal process such as subpoenas, court orders, or government investigations, cooperating with law enforcement agencies in accordance with applicable legal procedures, complying with regulatory requirements imposed by telecommunications authorities, and protecting our legal rights and interests in legal proceedings.
• Business Transfers and Corporate Transactions: In the event of a merger, acquisition, sale of assets, or other corporate transaction involving Arka HR, your information may be transferred to the acquiring entity or successor organization. In such circumstances, we will provide notice of the transfer and ensure that the receiving party agrees to protect your information in accordance with this Privacy Policy or provide you with the opportunity to opt out of the transfer.
• Emergency Situations and Safety: We may disclose your information when we believe it is necessary to protect the safety and security of individuals or to prevent serious harm. This includes situations involving threats to physical safety, security breaches that may affect user safety, emergency situations requiring immediate communication with authorities, and circumstances where disclosure is necessary to prevent fraud or other illegal activities.
• Consent-Based Sharing: We may share your information with third parties when you have provided explicit consent for such sharing. This might include sharing information with your employer or organization when you have authorized such disclosure, providing information to other service providers at your request, or sharing information for purposes that you have specifically approved.
We maintain strict controls over information sharing and regularly audit our disclosure practices to ensure compliance with this Privacy Policy and applicable laws. We document all information sharing activities and maintain records of the legal basis for each disclosure. When possible, we provide notice to affected individuals about information sharing, unless such notice is prohibited by law or would compromise the purpose of the disclosure.
6. Data Retention and Storage
Arka HR maintains comprehensive data retention and storage policies designed to balance business needs, regulatory requirements, and privacy protection. Our approach to data retention is guided by the principles of necessity and proportionality, ensuring that we retain information only as long as needed for legitimate business purposes and in compliance with applicable legal requirements.
• Retention Periods and Criteria: We retain different types of information for varying periods based on the nature of the data and the purposes for which it was collected. Mobile phone numbers and consent records are retained for the duration of your participation in our SMS service plus an additional period as required by telecommunications regulations, typically three to seven years after opt-out.
Message content and communication records are generally retained for shorter periods, typically 90 days to two years, depending on the nature of the communication and business requirements.
• Secure Storage Infrastructure: All information collected through our SMS service is stored using industry-standard security measures designed to protect against unauthorized access, alteration, or disclosure. Our storage infrastructure includes encrypted data storage systems that protect information both at rest and in transit, access controls and authentication systems that limit data access to authorized personnel only, regular security monitoring and intrusion detection systems, and backup and disaster recovery systems to ensure data availability and integrity.
• Data Minimization and Anonymization: As part of our data retention practices, we regularly review stored information to identify opportunities for data minimization and anonymization.
• Secure Deletion and Disposal: When information reaches the end of its retention period or when you request deletion of your data, we employ secure deletion methods to ensure that the information cannot be recovered or reconstructed.
• Geographic Storage and Data Localization: Our SMS service data is primarily stored within the United States. When data is stored or processed outside the United States, we ensure that appropriate safeguards are in place to protect your information and comply with applicable privacy laws.
7. Security Measures and Data Protection
Arka HR implements comprehensive security measures to protect the confidentiality, integrity, and availability of information collected through our SMS Text Messaging Service. Our security program is designed to address the unique risks associated with text messaging communications while maintaining compliance with applicable security standards and regulatory requirements.
• Technical Security Controls: Our SMS service infrastructure incorporates multiple layers of technical security controls, including end-to-end encryption, secure authentication systems, network security measures, and regular security updates.
• Administrative Security Measures: We maintain strict administrative controls, including employee background checks, security training programs, role-based access controls, and incident response procedures.
• Physical Security Protections: Our data centers and facilities are protected by comprehensive physical security measures, including restricted access controls, 24/7 monitoring, and environmental controls.
• Monitoring and Incident Response: We maintain continuous monitoring systems to detect and respond to potential security threats and incidents. In the event of a security incident that may affect your personal information, we have established procedures for prompt investigation, containment, and notification in accordance with applicable legal requirements.
• Vendor and Third-Party Security: We require all third-party service providers who have access to your information to maintain appropriate security measures and comply with our security standards.
8. Your Privacy Rights and Choices
Arka HR respects your privacy rights and provides you with various options for controlling how your personal information is collected, used, and shared through our SMS Text Messaging Service.
• Right to Access and Information: You have the right to request information about the personal data we have collected about you through our SMS service.
• Right to Correction and Update: You have the right to request correction or updating of any inaccurate or incomplete personal information.
• Right to Deletion and Erasure: You may request deletion of your personal information from our SMS service, subject to certain limitations and exceptions.
• Right to Opt-Out and Withdraw Consent: You have the right to opt out of our SMS service at any time by following the procedures described in our Terms and Conditions.
• Right to Data Portability: Where technically feasible and legally required, you may request that we provide your personal information in a structured, commonly used, and machine-readable format.
• Right to Object and Restrict Processing: You may object to certain types of processing of your personal information or request that we restrict processing in specific circumstances.
• Exercising Your Rights: To exercise any of these rights, you may contact us using the information provided in the Contact section of this Privacy Policy.
9. Children’s Privacy Protection
Arka HR is committed to protecting the privacy of children. Our SMS Text Messaging Service is designed for business communications and is not intended for use by children under the age of 13, or under the age of 16 in jurisdictions where higher age thresholds apply. We do not knowingly collect personal information from children through our SMS service. If we become aware that we have inadvertently collected such information, we will take immediate steps to delete it.
10. International Data Transfers and Cross-Border Processing
While Arka HR primarily operates within the United States, we recognize that some data processing activities may involve international data transfers. We are committed to ensuring that any cross-border transfers of personal information are conducted with appropriate safeguards and in compliance with applicable privacy laws, such as Standard Contractual Clauses or other legally recognized transfer mechanisms.
11. Updates and Changes to Privacy Policy
Arka HR reserves the right to update or modify this Privacy Policy from time to time. When we make material changes, we will provide appropriate notice, which may include sending notifications through our SMS service or posting prominent notices on our website. Your continued participation in our SMS service after the effective date of any updates constitutes your acceptance of the revised policy.
12. Compliance with Privacy Laws and Regulations
Arka HR is committed to complying with all applicable privacy laws and regulations that govern our SMS Text Messaging Service, including the Telephone Consumer Protection Act (TCPA) and applicable state privacy laws like the California Consumer Privacy Act (CCPA). We regularly review and update our practices to ensure ongoing compliance.
13. Contact Information and Privacy Inquiries
Arka HR is committed to addressing your privacy questions, concerns, and requests in a timely and professional manner. For questions about this Privacy Policy or to exercise your privacy rights, please contact our designated privacy officer:
Andreina Viera Silva
Privacy and Compliance Officer
Arka HR, Inc.
867 Boylston Street, 5th Floor #2229
Boston, MA 02116
Email: aviera@arkahr.com
Phone: 978-984-2249
14. Relationship to Other Policies and Terms
This Privacy Policy for SMS Text Messaging Service is part of Arka HR’s comprehensive privacy and data protection framework. It should be read in conjunction with our other privacy policies and terms of service.
• Integration with General Privacy Policy: This SMS-specific Privacy Policy supplements our general Privacy Policy. Where there are conflicts, the terms of this SMS-specific policy will govern for matters related to our text messaging service.
• Terms and Conditions Relationship: This Privacy Policy works in conjunction with our Terms and Conditions for SMS Text Messaging Service.
• Employment and Client Agreements: This Privacy Policy supplements but does not replace privacy provisions in employment agreements, client contracts, or other applicable agreements.
Effective Date: This Privacy Policy becomes effective on 06/18/2025 and remains in effect until superseded by an updated version.
Document Version: Version 1.1
Contact Information:
Arka HR, Inc.
867 Boylston Street, 5th Floor #2229
Boston, MA 02116
Privacy Officer: Andreina Viera Silva
Email: aviera@arkahr.com
Phone: 978-984-2249
For SMS Service Questions: Text “HELP” to any message from us.
To Opt Out of SMS Service: Text “STOP” to any message from us.
