Privacy Policy

Last Updated: April 13, 2026

Team Lift LLC, the company behind ArterAI ("ArterAI," "Team Lift," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our applications, websites, and services (collectively, the "Services"). Please read this privacy policy carefully. By accessing or using the Services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with these terms, please do not access or use our Services.

We are based in California, United States. Our Services are primarily intended for U.S. residents. This policy is intended to comply with applicable U.S. privacy laws. For purposes of this Policy, "Services" means the ArterAI applications, websites, content, products, and services operated by Team Lift LLC.

1. What This Policy Covers & Scope

This Privacy Policy applies to information we collect when you use the ArterAI Services at arterai.app and any associated applications. It does not apply to information collected by:

  • Team Lift LLC through any other products, websites, or services it operates outside of ArterAI; or
  • Any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Services.

Disclaimer: Not an Electronic Health Record (EHR)
The information collected and managed through our Services, including any health or fitness data you provide, shall not be deemed an Electronic Health Record or Electronic Medical Record for any purpose. ArterAI is a Direct-to-Consumer wellness application; the personal use of our Services by individual consumers does not create any HIPAA-covered relationship. See our Terms of Service §16 (Health Data Regulatory Notice) for a full explanation of our regulatory status.

2. Information We Collect

We may collect various types of information, including:

a. Personal Information You Provide to Us:

  • Registration Information: When you create an account, we collect your name, email address, password, and other information you provide (e.g., username, date of birth, gender).
  • Profile Information: Information you add to your profile, such as a profile picture, biography, location, height, weight.
  • Health and Fitness Data: Information you voluntarily input or track through our Services, such as cholesterol lipid panel results, VO2 max data, exercise logs, dietary preferences, self-reported symptoms or feelings, goals, and other related metrics. This information may be considered Sensitive Personal Information under applicable laws, and we treat it with enhanced care.
  • Payment Information: If you make purchases, our third-party payment processors will collect payment information (e.g., credit card details). Team Lift does not directly store your full payment card information but may receive transaction identifiers and summary information.
  • Communications: Information you provide when you contact us for support, provide feedback, or participate in surveys or promotions.
  • User Content: Any other information or content you voluntarily submit or post through the Services.

b. Information We Collect Automatically (Derivative/Usage Data):

When you use our Services, we automatically collect certain information, including:

  • Log Information: IP address, browser type, operating system, access times, pages viewed, links clicked, and the referring webpage.
  • Device Information: Information about the computer or mobile device you use, such as hardware model, operating system and version, unique device identifiers, mobile network information, and device location (if you grant permission).
  • Information Collected by Cookies and Similar Tracking Technologies: We and our service providers use various technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience. Web beacons are electronic images that may be used in our Services or emails and help deliver cookies, count visits, and understand usage and campaign effectiveness. For more information, see Section 6 ("Tracking Technologies & Cookies").

c. Information We Collect From Other Sources:

We may obtain information from other sources, such as social media platforms if you connect your Team Lift account with them, or third-party services you authorize to share information with us (e.g., data from fitness trackers, lab partners if you direct them to share results with us).

3. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Services to:

  • Create and manage your account.
  • Provide, operate, and maintain our Services.
  • Personalize and improve your experience with the Services, including using your data in aggregated or de-identified form to train, validate, and improve our AI models. You may opt out of AI model training as described in Section 11.
  • Provide you with tailored health and fitness insights, recommendations, and coaching. We use artificial intelligence and machine learning tools to analyze meal photographs and provide nutritional estimates. These AI-generated results are informational approximations and should not be treated as precise measurements. No automated decisions regarding your account eligibility, access to services, or account termination are made without human review.
  • Process your transactions and send you related information, including purchase confirmations and invoices.
  • Communicate with you, including responding to your comments, questions, and requests; providing customer service and support; and sending you technical notices, updates, security alerts, and administrative messages.
  • Send you promotional communications, where permitted. You may opt-out of receiving promotional emails from us by following the instructions in those emails. We will not use your sensitive Health and Fitness Data for direct marketing purposes without your explicit prior consent.
  • Monitor and analyze trends, usage, and activities in connection with our Services (often using aggregated or de-identified data for this purpose).
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities and protect the rights and property of Team Lift and others.
  • Comply with legal and regulatory requirements.
  • For any other purpose disclosed to you at the time we collect your information or with your consent.

4. International and California Users

Our Services are operated and hosted in the United States. If you are located outside the United States, your information may be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using our Services, you acknowledge this transfer. Our Services are primarily intended for users in the United States; we do not actively target or direct our Services at users in the European Union, United Kingdom, or other non-U.S. jurisdictions. If you are a user in such a region, you use our Services at your own volition and are responsible for compliance with your local laws. We do not sell your personal information to third parties. Regardless of your location, you may contact us at support@arterai.com to request access to, correction of, or deletion of your personal information, and we will respond in accordance with applicable law.

5. How We Share Your Information

We do not sell your personal information. We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

  • By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
  • Third-Party Service Providers: We may share your information with third parties that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. These providers are contractually bound to safeguard your information and only use it for the purposes for which it was disclosed.
  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
  • Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
  • With Your Explicit Consent or at Your Direction: We may disclose your personal information for any other purpose with your explicit consent (e.g., if you ask us to share a report with your healthcare provider).
  • Aggregated or De-Identified Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for research, industry analysis, or other legitimate business purposes.

6. Tracking Technologies & Cookies

We use cookies and similar tracking technologies (like web beacons and pixels) to collect information about your browsing activities over time and across different websites following your use of our Services.

  • Purpose: These technologies help us operate our Services, remember your preferences (like login status), understand how users interact with our Services, personalize content, and measure the effectiveness of our communications.
  • Types of Cookies: We may use session cookies (which expire when you close your browser) and persistent cookies (which stay on your device until you delete them or they expire). We use first-party cookies (set by us) and may allow third-party cookies (set by our analytics or service providers).
  • Your Choices: Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject browser cookies through your browser settings. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services. For more information on how to manage cookies, check your browser or device's settings.
  • Analytics: We use Google Analytics and similar third-party analytics services to help us understand how users interact with our Services. These analytics services are configured with advertising features disabled; we do not permit them to use data collected through our Services for cross-context behavioral advertising or to combine that data with personal data from other sources for advertising purposes.
  • Do Not Track: Our Services do not respond to Do Not Track (DNT) browser signals, which have no uniform technical standard or legal effect. This is distinct from Global Privacy Control (GPC) signals, which we do honor as a California opt-out right as described below. Third-party services integrated with our Services may have their own DNT policies.
  • Global Privacy Control: We honor Global Privacy Control (GPC) signals as opt-out requests for the sale or sharing of personal information, consistent with California law. If you send a GPC signal through your browser, we will treat it as a request to opt out of the sale and sharing of your personal information. We do not currently sell or share personal information for cross-context behavioral advertising; our analytics tools are configured accordingly. We regularly review our third-party service configurations to maintain consistency with this commitment.

You can learn more about choices for individuals regarding how their information is collected and used by visiting the Digital Advertising Alliance (www.aboutads.info/choices), the Network Advertising Initiative (www.networkadvertising.org/managing/opt_out.asp), or for users in Europe, the European Digital Advertising Alliance (www.youronlinechoices.eu).

7. Data Security & Breach Notification

We implement reasonable administrative, technical, and physical security measures designed to protect your information from unauthorized access, use, alteration, and disclosure. These measures include, for example, encryption, access controls, and secure software development practices. However, no internet transmission or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. You are also responsible for maintaining the secrecy of your unique password and account information.

Breach Notification: As a vendor of a personal health record product and related service that draws personal health information from multiple sources, we are subject to the FTC Health Breach Notification Rule (16 CFR Part 318), as amended effective April 2024. In the event of a breach of unsecured personally identifiable health information, we will notify affected individuals without unreasonable delay and in no case later than 60 calendar days after discovery of the breach. For breaches affecting 500 or more individuals in total, we will simultaneously notify the Federal Trade Commission (within the same 60-day window) and, if required, notify prominent media outlets serving any state in which 500 or more residents are affected. For breaches affecting fewer than 500 individuals, we will report such breaches to the FTC in an annual log submitted within 60 calendar days after the end of each calendar year (by March 1 of the following year), as required by 16 CFR §318.5(b). If a breach originates with or involves a service provider (vendor), that service provider is contractually required to notify us promptly upon their discovery. Our obligation to notify affected individuals and, where applicable, the FTC begins upon our discovery of the breach, whether discovered by us directly or reported to us by a service provider. Where required by applicable state law, we will also notify relevant state authorities. Notice to individuals will be provided via email to the address associated with your account and will include: a description of the information involved, recommended steps to protect yourself, a description of our response, and contact information for questions.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as for tax, accounting, or other legal requirements). Generally, this means we will keep your personal information as long as your account is active or as needed to provide you Services.

For sensitive health and fitness data, we will retain this data as long as your account is active to provide you with historical insights and personalized features. When you close your account, we will delete or de-identify this information according to the process described in Section 10 ("Your Privacy Rights & Choices" under "Account Closure and Data Deletion"). Automated backup systems may retain copies of your data for a maximum of 90 days following deletion from active systems, after which backups are purged. De-identified or aggregated data derived from your information may be retained indefinitely as it cannot reasonably be used to identify you.

9. International Data Transfers

Our Services are operated from the United States. If you access our Services from outside the United States, your information may be transferred to and stored in the United States. We take reasonable steps to protect your personal information in accordance with this Privacy Policy and applicable law.

10. Your Privacy Rights & Choices

You may have certain rights regarding your personal information depending on where you live. To exercise any of these rights, please contact us at support@arterai.com. We will respond to your request in accordance with applicable law and may need to verify your identity. These rights may include:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate personal information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Opt-Out of Marketing: Opt out of promotional emails by clicking "unsubscribe" or contacting us. We may still send non-promotional communications about your account.
  • Opt-Out of AI Training: Opt out of the use of your data for AI model training as described in Section 11.
  • Withdrawal of Consent: Withdraw any consent you previously gave at any time, without affecting the lawfulness of processing prior to withdrawal.

Account Closure and Data Deletion: You may request account closure and deletion of your personal information by contacting us at support@arterai.com. We will delete your personal information from our active systems in accordance with applicable law. Automated backup systems may retain copies for up to 90 days before purging. De-identified or aggregated data may be retained indefinitely. We will inform you if we cannot fully fulfill your request due to legal or contractual obligations.

11. AI Training Opt-Out & California Shine the Light

AI Training Opt-Out: You may opt out of the use of your data — including in de-identified or aggregated form — for AI model training by contacting support@arterai.com. We will confirm your opt-out within 45 days and cease including your data in AI model training from that date forward. Note that data already incorporated into trained models cannot be extracted from those models. Opting out will not affect your access to the Services.

California Shine the Light (Civil Code §1798.83): We do not disclose personal information to third parties for their own direct marketing purposes. California residents may request information about any such disclosures by contacting us at support@arterai.com, though no such disclosures have occurred.

12. Children's Privacy

Our Services are not directed to individuals under the age of 18 and we do not offer any service that permits users under 18. We do not knowingly collect personal information from children under 18. Age is self-certified at account registration; users must affirmatively confirm they are 18 or older. If we discover that an account is held by a user under 18, we will terminate the account and delete the associated personal information within 14 days of discovery. If you are a parent or guardian and believe we have any information from or about a child under 18, please contact us immediately at support@arterai.com.

13. Links to Other Websites

Our Services may contain links to third-party websites or services. This Privacy Policy does not apply to the practices of those third parties. We encourage you to review the privacy policies of any third-party sites or services you interact with.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this Privacy Policy indicates when it was last revised. A change is "material" if it affects how we collect, use, share, or protect your personal information, including changes to your rights, our data retention practices, our security practices, or how your sensitive health data is processed. For material changes, we will provide at least 30 days' advance notice via email to your registered email address before the change takes effect. We will also post the updated policy in the Services. If you do not accept a material change, you may close your account before the effective date. Your continued use of our Services after the effective date of a material change constitutes your acceptance of the revised Policy.

15. Contact Us

If you have questions, comments, or concerns about this Privacy Policy, our privacy practices, or if you wish to exercise your privacy rights, please contact us at:
Privacy Office - Team Lift LLC
2108 N ST #6543
Sacramento, CA 95816
support@arterai.com
Data Protection Officer: Not applicable at this time.