Aristotle API Privacy Policy

Last Updated: October 15, 2025

This Privacy Policy explains how Concordance Inc. dba Harmonic ("Harmonic," "we," "us," or "our") collects, uses, and discloses personal information in connection with the Aristotle API, its developer portal, and pages that link to this Privacy Policy (collectively, the "Services").

By using the Services, you agree to this Privacy Policy and our Terms of Use Agreement ("Terms"). Capitalized terms not defined in this Privacy Policy have the meanings in the Terms.

We respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you. Please remember to do the same. As provided in the Terms of Use, you are not permitted to include personal information or personal data in API inputs or outputs or otherwise include it in Customer Data.

1) Scope and Role

This Policy applies to personal information or personal data as it is identified in some jurisdictions) ("Personal Information") we collect from you directly when you sign up for an account or request an API key.

Harmonic acts as the business/controller for that information.

Important: The Services are for uploading Lean4 files as Customer Data (defined in the Terms).

2) Personal Information We Collect

We collect only the following personal information when you sign up or request access:

• Account Information: When you create an account with us, we will collect Personal Information associated with your account, including your name, email account and related account credentials.
• Communication Information: If you communicate with us, such as via email or our pages on social media sites, we may collect Personal Information like your name, contact information, and the contents of the messages you send.
• User Content: We collect information that you provide in the input to our Services, including your prompts and other content you upload.

We do not require any sensitive Personal Information, payment card data, or device/behavioral tracking for use the Services. Users should avoid providing such information.

We do not collect Personal Information from third parties.

Personal Information We Receive from Your Use of the Services: When you visit, use, or interact with the Services, we receive the following information about your visit, use, or interactions ("Technical Information"):

• Log Data: We collect information that your browser or device automatically sends when you use our Services. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.
• Usage Data: We collect information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, and your computer connection.
• Device Information: We collect information about the device you use to access the Services, such as the name of the device, operating system, device identifiers, and browser you are using. Information collected may depend on the type of device you use and its settings.
• Location Information: We may determine the general area from which your device accesses our Services based on information like its IP address for security reasons and to make your product experience better, for example to protect your account by detecting unusual login activity or to provide more accurate responses. In addition, some of our Services allow you to choose to provide more precise location information from your device, such as location information from your device's GPS.

Information We Receive from Other Sources: We receive information from our trusted partners, such as security partners, to protect against fraud, abuse, and other security threats to our Services. We also collect information from other sources, like information that is publicly available on the internet, to develop the models that power our Services.

3) How We Use Personal Information

We use your name and email address to:

• Create and manage your account and authenticate access to the Services.
• Communicate with you about your account or the Services (for example, onboarding, key issuance/rotation, rate‑limit or policy updates, security or compliance notices, and material changes).
• Send information about Aristotle and other Harmonic products or services that may be relevant to you (you can opt out at any time).
• Prevent fraud, illegal activity, or misuses of our Services.
• Protect the security of our systems and Services.
• Protect the rights, privacy, safety, or property of Harmonic, our users, or third parties.
• Comply with legal obligations and valid court orders.

We do not use your personal information for profiling, automated decision‑making that produces legal or similarly significant effects, or targeted advertising.

We may also aggregate or de-identify Personal Information so that it no longer identifies you and use this information to analyze the way our Services are being used, to improve and add features to them, and to conduct research. Once de-identified, we will not re-identify the information or otherwise attempt to recreate Personal Information, except to comply with legal obligations and valid court orders.

4) No Sales; No Sharing for Ads; No Commercial Disclosure

• Basic Protection of Personal Information: We do not sell Personal Information and we do not share Personal Information except as provided in this Privacy Policy. This means we do not share information with any trusted vendors or partners. We do not share personal information for cross‑context behavioral or targeted advertising. And we do not disclose personal information to third parties for their own commercial purposes.

5) How We Disclose Personal Information

We disclose personal information only as follows:

• Business Operations: Notwithstanding the forgoing, in meeting business operations needs and to perform certain services and functions, we may disclose Personal Information to vendors and service providers, including providers of hosting services, customer service vendors, cloud services, content delivery services, support and safety monitoring services, email communication software, web analytics services, payment and transaction processors, and other information technology providers. Pursuant to our instructions, these parties will access, process, or store Personal Information only in the course of performing their duties to us.
• Business Transfers: If we are involved in strategic transactions, reorganization, bankruptcy, receivership, or transition of service to another provider (collectively, a "Transaction"), your Personal Information may be disclosed in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets.
• Government Authorities or Other Third Parties: We may share your Personal Information, including information about your interaction with our Services, with government authorities or authorized third parties in compliance with the law (i) if required to do so to comply with a legal obligation, or in the good faith belief that such action is necessary to comply with a legal obligation, (ii) to protect and defend our rights or property, (iii) if we determine, in our sole discretion, that there is a violation of our terms, policies, or the law; (iv) to detect or prevent fraud or other illegal activity; (v) to protect the safety, security, and integrity of our products, employees, users, or the public, or (vi) to protect against legal liability.
• Affiliates: We may disclose Personal Information to an entity that controls, is controlled by, or is under common control with Harmonic. Our affiliates may use this Personal Information in a manner consistent with this Privacy Policy.
• Your Business Organization. If you create an account using an email address belonging to your employer or another organization that has rights to access that account, we may share the fact that you have an account and certain account information, such as your email address, with your employer or organization to, for example, enable you to be added to their business account, or to acknowledge the employer or organization's rights in the account.

We do not otherwise disclose personal information.

6) Your Choices and Rights

You have the following statutory rights in relation to your Personal Information:

• Access your Personal Information and information relating to how it is processed.
• Delete your Personal Information from our records.
• Rectify or update your Personal Information.
• Transfer your Personal Information to a third party (right to data portability).
• Restrict how we process your Personal Information.
• Withdraw your consent-where we rely on consent as the legal basis for processing at any time.
• Lodge a complaint with your local data protection authority (see below).

You have the following rights to object:

• Object to our processing of your Personal Information for direct marketing at any time.
• Object to how we process your Personal Information when our processing is based on legitimate interests.

You can exercise some of these rights through your account. If you are unable to exercise your rights through your account, please submit your request by emailing legal@harmonic.fun.

• Marketing Opt‑Out. You can opt out of promotional emails at any time via the unsubscribe link. We may still send transactional/service emails (e.g., account, security, or legal notices).
• We do not sell or share personal information for targeted advertising, so opt‑out rights for those uses are not applicable to this Service.

7) Security

We use commercially reasonable administrative, technical, and physical safeguards designed to protect Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. To further protect the transmission of data, the Services are accessible over HTTPS/TLS only. No Internet or email transmission, however, is ever fully secure or error free. You should take special care in deciding what information you provide to the Services. You transmit all information at your own risk. We are not responsible for circumvention of any privacy settings or security measures.

8) Legal Basis for Processing

For each of the appropriate bases for processing Personal Information, we have identified the primary basis for the use of such data. Personal Information may be processed for more than one use.

Contract: To provide, analyze, and maintain our Services. Processing is necessary to deliver a contractual or requested service to a person.

• Account Information
• User Content
• Communication Information
• Other Information You Provide
• Log Data
• Usage Data
• Device Information
• Location Information
• Cookies and Similar Technologies

Legal obligation: Processing is necessary for compliance with a legal obligation to which we are subject. Where we are not under a specific legal obligation, where necessary for our legitimate interests and those of third parties, including in protecting our Services from abuse, fraud, or security risks, such as processing data from security partners to protect against fraud, abuse and security threats in our Services.

• Account Information
• User Content
• Communication Information
• Social Media Information
• Other Information You Provide
• Log Data
• Usage Data
• Device Information
• Cookies and Similar Technologies

Legitimate interests: To improve and develop our Services and conduct research.

Processing is necessary for a legitimate interest pursued by us or a third party.

Account Information

• User Content
• Communication Information
• Other Information You Provide
• Data We Receive From Other Sources
• Log Data
• Usage Data
• Device Information
• Cookies and Similar Technologies

Consent: For data subjects governed by the GDPR, consent occurs only when subject has freely given specific, informed and unambiguous consent to process the data for one or more specific purposes. Those purposes include the ability to provide our Services, to analyze and maintain our systems, and to comply with all our legal and contractual obligations. These apply to:

• Account Information
• User Content
• Communication Information
• Other Information You Provide
• Log Data
• Usage Data
• Device Information
• Location Information
• Cookies and Similar Technologies

For US residents and others not subject to GDPR, your consent is hereby given for all uses of data collected and described in this Privacy Policy.

9) Children's Privacy

The Services are intended for use by individuals 18 years and older. We do not knowingly collect Personal Information from children under 18. If you believe a child has provided Personal Information, contact legal@harmonic.fun and we will investigate any notification and, if appropriate, delete the Personal Information from our systems. Users under 18 must have permission from their parent or guardian to use our Services.

10) Data transfers

We processes your Personal Information on servers located outside of the European Economic Area, Switzerland and the UK for the purposes described in this Privacy Policy. This includes processing and storing your Personal Information in our facilities and servers in the United States. While data protection law varies by country and these countries may not offer the same level of data protection as your home country, we apply the protections described in this policy to your Personal Information regardless of where it is processed. When transferring Personal Information outside of the European Economic Area, Switzerland or the UK, we rely on the following transfer mechanisms to comply with applicable data protection law:

• We rely on the European Commission's adequacy decisions pursuant to Article 45(1) GDPR when transferring your Personal Information to any country that has been considered to provide an adequate level of protection.
• For other jurisdictions, we rely on the Standard Contractual Clauses ("SCCs") as approved by the European Commission pursuant to Article 46(2)(c) GDPR and on the UK Data Transfer Addendum.

For more information or to obtain a copy of the appropriate safeguards we have in place when transferring Personal Information, please contact us at legal@harmonic.fun.

11) Length of Data Retention

The Personal Information you provide to us for your account is retained throughout the time you have an account with us. Closed account information is retained for an additional period of two year, unless sooner deleted upon your request. Deidentified data and training data may be retained as needed, consistent with the need to update and maintain training and operational processing on an ongoing basis.

12) Third‑Party Sites and Services

The Services may link to third‑party sites or services. Their privacy practices are governed by their own policies; we are not responsible for those practices. You are responsible for reviewing the policies and determining whether to use other services and sharing Personal Information with those third parties.

13) Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated Privacy Policy with a new "Last Updated" date and, where required, provide additional notice in a form required by the law of each jurisdiction. Your continued use of the Services after an update signifies your acceptance of the updated Privacy Policy.

14) Contact Us

Questions, requests, or complaints may be sent to: Email: legal@harmonic.fun Postal: Legal Department, Concordance Inc. dba Harmonic, 925 Alma St. Palo Alto, CA 94301.

You can contact our Data Protection Officer through legal@harmonic.fun in matters related to Personal Information processing. Please include "Attention Data Protection Officer" in the body of the email.

Top of Form