This Privacy Policy was last modified on May 13, 2025.
Peeridea, Inc and its parent company, Toptal, LLC, ("us", "we", or "our") operate arc.dev ("Arc") and www.codementor.io ("Codementor"), (collectively the "Sites" or the "Platforms"). This page informs you of our policies regarding the collection, use, and disclosure of personal information we receive from users of the Site.
Additional definitions:
Clients ("Users"): users who request the help of experts on the Site.
Mentors: experts who provide services to Clients or otherwise make content available on the Site.
By using the Site, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible at arc.dev/terms.
This is information you give us while taking certain actions on our Site, such as creating an account, filling out your profile, and completing payment events.
While using our Site, you may provide us with certain pieces of personal data. Personal data ("Personal Information" or “Personal Data”) may include, but is not limited to:
In addition to information provided by you, we also collect information when you use the Platform, including usage information and log data.
Usage Information
When you use the Site, we collect information about your interactions with the Platform, such as requests posted, session history, freelance jobs, pages viewed, posts liked and followed, and payment history.
Log Data and Device Information
Like many site operators, we collect information that your browser sends whenever you visit our Site ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, and other statistics.
Cookies
Cookies are files with small amounts of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer's hard drive. Like many sites, we use cookies and other similar technologies to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site. See our entire cookie policy here.
Recorded Calls
We may monitor, record, and transcribe audio or video calls with you during your interactions with us. Consenting is voluntary, and you may withdraw it at any time. These actions allow multiple of our team members to review your requests or for internal quality assurance and training purposes.
If you link, connect, or log in to your Arc account with a third-party service (e.g. Google, Twitter, GitHub), the third-party service may send us information, such as: your email and profile information from that service. This information varies and is controlled by that service or as authorized by you, via your privacy settings at that service.
We may also collect additional information about you and your company from publicly available or third-party databases or services that provide information about business contacts and companies (including individuals’ names, job titles, business contact information, and company information).
We may use your Personal Data for our legitimate business interests under applicable law.
To send emails and other communications. We may use your email, name, and other information to send you notification emails and important Site and Account reminders.
As required by applicable law, legal process or regulation. We may use your personal information if required by law. An example of this is the collection and use of tax information for mentors.
To provide, improve, maintain, and develop the Site and Services. For example, we use information collected from mentors’ expertise and clients’ requests to recommend mentors for jobs.
For billing, account management, and other administrative matters. We use payment information you provide us to charge you for charges incurred on the Site. We may also access your Personal Data in order to help resolve disputes and answer your questions about your account.
To investigate and help prevent security issues, fraud, and/or abuse of our Site or Services.
To maintain and display your public profile. Every user and mentor has a public profile on Arc and Codementor. We display both information you provide us (e.g. biography and expertise) and information we collect (e.g. mentor ratings, reviews, and session or job count). If you don’t want your profile to be public or indexed by search engines, please reach out to our support team.
For marketing and promotional purposes. We may display targeted marketing and promotional messaging to promote our Services or Site. This includes, but is not limited to, emails, in-app notifications, web and browser notifications, and displays.
For data analysis purposes. We may use aggregated client and mentor data to view trends across time to aid our product development.
For testimonials and success stories. We may reveal your personal information as part of our testimonials and success stories. We will only ever do this with your explicit permission.
With your consent. We may also ask for your consent to use your Personal Data for a purpose that is not listed on this Privacy Policy, and we will use your Personal Data for that purpose to the extent that you freely provide your informed consent.
Third-Party Service Providers, Agents, or Consultants. We may disclose your Personal Data to third-party service providers who act as our service providers or advertising partners. These third parties include website analytics companies, digital advertising service providers, hosting and cloud computing service providers, customer relationship management software providers, marketing and sales software solutions, billing and payments providers, and background check service providers.
When we engage another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function. These parties may access, process, or store Personal Data only to perform the services we hired them to provide.
If you enter financial information into one of the Sites to process a payment, Stripe, our payment processor, will receive the information you enter and process the payment in accordance with Stripe’s Privacy Policy.
Business Transfers. As we develop our business, we might acquire businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
Legal Requirements. We may disclose your Personal Data if required to do so by law, for example, as part of our compliance with sanctions about specific regions and specifically designated individuals, or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Toptal, (iii) act in urgent circumstances to protect the personal safety of users of the Site or the public, or (iv) protect against legal liability.
Your Personal Data is password protected, and our main servers are locked and hosted by leading third-party vendors, such as Heroku and Amazon. Access to the host environment is secure. We maintain two types of logs: server logs and event logs. By using our Services or Site, you authorize us to transfer, store, and use your information in the United States and any other country where we operate.
To determine the retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data, whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances, we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.
We may retain Personal Data under circumstances even after receiving a verified data deletion request, including, but not limited to:
We take the security of your personal information very seriously, but no method of transmission over the Internet or of electronic storage is 100 percent secure. While we strive to protect your personal information, we cannot guarantee its absolute security.
You may be able to exercise certain rights and access certain information depending on your location. Please review the following sections for more details. You can reach out to support@arc.dev with questions about your information.
This section applies solely to individuals in the United Kingdom and European Union, provided however that reference to the EU also includes certain non-EU countries including, where applicable, Switzerland and the European Economic Area countries of Iceland, Liechtenstein, and Norway. Our Privacy Policy describes why and how Toptal collects, uses, and stores your Personal Data, the lawful basis on which your Personal Data is processed, and what your rights and our obligations are in relation to such processing (please see “Your Rights” section below).
We are the data controller for processing your Personal Data. The data controller is responsible for deciding how Personal Data about you is used. Please contact us with any questions at support@arc.dev or at the address provided in the Contacting Us section below, which also provides the contact details of our representative in the EU and the UK for purposes of the General Data Protection Regulation and the United Kingdom's Data Protection Act 2018.
Subject to applicable EU and UK law and where possible, you have the following rights in relation to your Personal Data:
Right of access. You may ask us to confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. This may include the purposes of the processing, the categories of Personal Data, the recipients of the Personal Data, the right to lodge a complaint, and available information on the source of the Personal Data. If you require additional copies, we may charge a reasonable fee.
Right to rectification. If your Personal Data is inaccurate or incomplete, you may ask that we erase, amend, or rectify it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, we will also tell you with whom we shared your Personal Data so you can contact them directly.
Right to erasure. You may ask us to delete or remove your Personal Data in certain circumstances, such as where our processing is based on your consent. We may retain certain information consistent with applicable law, such as to prevent fraud, or where we have a compelling legitimate ground to do so. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
Right to restrict processing. You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances. We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, we will also tell you with whom we shared your Personal Data so you can contact them directly.
Right to data portability. You may ask to obtain the Personal Data that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your Personal Data in a structured, commonly used, and machine-readable format.
Right to object. You may ask us at any time to stop processing your Personal Data, and we will do so unless we have a compelling legitimate ground for the processing. We will comply with requests to stop processing your Personal Data as your requests apply to direct marketing.
Rights in relation to automated decision-making and profiling. You have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, which produce a significant legal effect on you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us, or with your explicit consent. We use automated decision-making to ensure that we comply with various laws and regulations restricting what regions, individuals, and entities we are able to work with. We also use automated decision-making to ensure applications from freelancers meet our minimum necessary requirements. You may contact us at support@arc.dev to obtain an explanation of the decision or for a personal review, if possible.
Right to withdraw consent. If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time, but this will not affect any data that we already processed.
Right to lodge a complaint with the data protection authority. If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns.
You may exercise your rights by contacting us as indicated under the “Contacting Us” section below.
“Legitimate interests” means our interests in conducting and managing our organization and delivering the best services to you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you outweighs our interests unless we have your consent or those activities are otherwise required or permitted by law. You have the right to object to processing that is based on our legitimate interests.
When you use the Sites or Services, your Personal Data will be transmitted to servers in the United States as necessary to provide you with the services that you requested, administer our contract with you or to respond to your requests as described in this Privacy Policy, and your Personal Data may be transmitted to our service providers supporting our business operations (described above). The United States may have data protection laws less stringent than or otherwise different from the laws in effect in the country in which you are located. Where we transfer your Personal Data across the border of the European Economic Area or United Kingdom, we will take steps to ensure that your Personal Data receives an adequate level of protection where it is processed and your rights continue to be protected.
Our Privacy Policy describes above why and how we collect, use, and store your Personal Data, the lawful basis on which your Personal Data is processed, and what your rights and our obligations are in relation to such processing.
If you are a California resident, you, or a person verifiably authorized to act on your behalf, have certain rights under the California Consumer Privacy Act and its successor legislation, the California Privacy Rights Act, collectively the “CCPA.” For the purpose of this section, certain words, including “sale,” “share,” “business purpose,” and “personal information” have the meanings defined in the CCPA. For the purpose of this Privacy Policy, we use “Personal Data” to cover “personal information” as defined in the CCPA.
We update our Privacy Policy based on our current practices. As required by the CCPA, the information in this section is relevant for the last twelve-month time period. During that time, we collected the categories of Personal Data listed in the relevant section above (i.e., Freelancers, Clients, Job Applicants, or Site Visitors) from the sources listed in those sections (i.e., from you, third parties, or automatically). During the last twelve-month period, we have not sold Personal Data.
During the last twelve-month period, we disclosed for business purposes the following categories of Personal Data:
For information about who we may share or disclose your Personal Data to, please review the relevant information in the above Freelancers, Clients, Job Applicants, or Site Visitors sections.
Your rights under the CCPA include the following, which you may execute by contacting us at support@arc.dev where possible and allowed by law:
Right to request deletion of your Personal Data. You may ask us to delete or remove your Personal Data. If we shared your Personal Data with others, we will tell them about the deletion where possible. If you ask us, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
Right to request that we correct inaccurate Personal Data. If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, we will also tell you with whom we shared your Personal Data so you can contact them directly.
Right to know what Personal Data is sold or shared and with whom. We are not in the business of selling your Personal Data. You may ask us to clarify what Personal Data, if any, is shared and with whom we share it, along with certain additional details.
Right to opt out of sale or sharing of Personal Data for behavioral advertising and right to not be retaliated against for opting out. If you would like to opt out of us sharing your Personal Data with third parties for cross-context behavioral advertising, you have the right to do so. To opt out:
Email your request to support@arc.dev; and
Disable the use of analytics/advertising cookies as we describe in our Cookie Policy. You must complete this step on each of our websites from each browser and on each device that you use.
If you block cookies, we may be unable to comply with your opt out request with respect to device data that we automatically collect and disclose to third parties online using cookies, pixels, and other tracking technologies. If you clear your cookies, you may need to disable the use of all advertising cookies again.
Right to access your Personal Data. If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may charge a reasonable fee.
Shine the Light Requests. You may also request that we provide you with a list of the categories of Personal Data, if any, that we disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year and the identity of those third parties.
Right to Non-Discrimination. We will not discriminate against you if you exercise any of your rights under the CCPA.
If you would like to exercise your rights or have questions about your rights or information, please contact us at support@arc.dev or at the post addresses included in the Contacting Toptal section below.
We do not knowingly collect Personal Data from children under the age of 16. If you are under the age of 16, please do not submit any Personal Data through the Sites. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on these Sites without their permission. If you have reason to believe that a child under the age of 16 provided Personal Data to Toptal through these Sites, please contact us, and we will endeavor to delete that information from our databases.
The Site and Services may change from time to time. As a result, it may be necessary to make changes to this Privacy Policy. We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice, unless otherwise required by the applicable law. Please review this policy periodically, and especially before you provide any Personal Data. Your continued use of the Site after any changes or revisions to this Privacy Policy will indicate your agreement with the terms of such revised Privacy Policy, without prejudice to your rights under the applicable law.
If you have any questions about this Privacy Policy, please contact our support team by email at support@arc.dev or by mail at:
Peeridea, Inc.
2810 N. Church St
#36879
Wilmington, DE
19802-4447
If you are an individual in the EU or UK, you can also contact VeraSafe, who we appointed as Toptal’s representative in the EU and UK for data protection matters, pursuant to Article 27 of the EU General Data Protection Regulation and the UK General Data Protection Regulation. You may contact VeraSafe directly about the processing of your Personal Data by using their contact form. Alternatively, you can contact VeraSafe at:
EU
VeraSafe Ireland Ltd
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland
UK
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom