Privacy Policy

Effective Date: January 9, 2026

Arch Training ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website archtraining.com and use our services.

1. Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Register for an account
• Purchase course seats or enrollments
• Subscribe to our newsletter
• Contact us through our contact form
• Complete course assignments or assessments

This information may include your name, email address, company name, and payment information.

Automatically Collected Information

When you access our website, we may automatically collect certain information, including:

• Device information (browser type, operating system)
• IP address
• Pages visited and time spent on pages
• Referring website addresses

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Process transactions and send related information
• Send administrative information, updates, and security alerts
• Respond to your comments, questions, and requests
• Monitor and analyze usage trends to improve our services
• Detect, prevent, and address technical issues or fraud
• Comply with legal obligations

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. Cookies are small data files placed on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

We use cookies for:

• Essential cookies: Required for the website to function properly
• Analytics cookies: Help us understand how visitors interact with our website
• Preference cookies: Remember your settings and preferences

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following situations:

• Service Providers: With third-party vendors who perform services on our behalf (payment processing, email delivery, hosting)
• Employers: If you are enrolled as a trainee, your employer may have access to your course progress and completion status
• Legal Requirements: If required by law or in response to valid requests by public authorities
• Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Course completion records may be retained indefinitely to provide proof of training completion.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access and receive a copy of your personal information
• Correct inaccurate or incomplete information
• Request deletion of your personal information
• Object to or restrict processing of your information
• Data portability
• Withdraw consent at any time

To exercise these rights, please contact us using the information provided below.

8. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. You are advised to review this Privacy Policy periodically for any changes.

11. HIPAA & Protected Health Information

Arch Training is built for medical-practice compliance training. Training records, quiz attempts, and certificates generated through the platform may reference Protected Health Information (PHI) or other regulated data when employers use the platform to satisfy HIPAA, OSHA, or state-board training obligations on behalf of their staff.

Business Associate Agreement (BAA). For employers whose use of the platform constitutes a Business Associate relationship under HIPAA, a BAA is available on request — contact privacy@leovistatech.com before processing PHI through the platform.

Retention. Training-completion records, certificates, and audit-binder artifacts are retained for the longer of the duration of your subscription and the retention period required by applicable law (HIPAA requires training documentation to be kept for at least six years from the date of creation or last effective use). Retention applies regardless of subscription status so audit-binder downloads remain possible for the regulatory window.

Breach notification. In the event of a breach of unsecured PHI, we notify affected employers without unreasonable delay and in any case within the timeframe required by the HIPAA Breach Notification Rule. Employers are responsible for downstream notification to individuals and regulators as required.

12. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at: