ARMR Privacy Policy
Effective date: June 5, 2026
This Privacy Policy describes how Dark Horse Political, LLC ("Dark Horse Political," "we," "us," or "our") collects, uses, discloses, and protects information in connection with ARMR — Adversarial Response & Media Readiness (the "Service"), available at getarmr.ai. ARMR is an invite-only adversarial media-training platform for political candidates, campaigns, and consultants/firms.
Dark Horse Political, LLC is a Wyoming limited liability company headquartered in Sheridan, Wyoming. We are the controller of the personal information described in this Policy.
Because ARMR handles unusually sensitive material — including self-disclosed vulnerabilities, opposition research, strategic information, and voice and video recordings — confidentiality and data protection are central to how we operate. This Policy explains the safeguards we apply.
1. Who This Policy Covers
This Policy applies to:
- Applicants who apply for access to the invite-only Service.
- Account holders and authorized users — candidates, campaign staff, and consultants/firms who use the Service.
- Visitors to getarmr.ai.
The Service is intended solely for adults (18 and older) acting in a professional political capacity. It is not directed to children. See Section 11.
2. Information We Collect
2.1 Information you provide directly
- Application information. When you apply for access, we collect your name, email address, role (candidate, staff, consultant), organization or campaign affiliation, and the information you submit in your application.
- Account and billing information. Account credentials, contact details, subscription tier, and billing information. Payment card details are collected and processed by our payment processor (Stripe); we do not store full payment card numbers.
- Candidate Intelligence Profile (CIP) and Operator Profile. To deliver adversarial training, the Service collects highly sensitive, self-disclosed information you choose to provide, which may include personal and professional vulnerabilities, opposition research, past controversies, strategic positioning, and related materials. You control what you submit. We treat this material as strictly confidential (see Sections 5–7).
- Communications. Information you provide when you contact support, respond to surveys, or otherwise communicate with us.
2.2 Voice and video information
- Voice recordings. Training sessions are voice-based. We collect audio recordings of your responses and process them via a speech-to-text provider to generate transcripts used for training and evaluation.
- Camera / video (optional). You may optionally enable your camera so the Service can analyze on-camera behavioral "tells" (for example, body language and delivery cues). Camera use is optional and off by default; you may decline it and still use the Service.
Depending on your jurisdiction, voice and facial/behavioral data may be treated as biometric or otherwise sensitive information. We collect and process this data only with your consent and only to provide the training Service. See Sections 4, 6, and 8.
2.3 Information collected automatically
- Usage and device data. Log data, IP address, browser and device type, pages and features used, session timestamps, and similar diagnostic information.
- Cookies and similar technologies. We use cookies and similar technologies that are necessary to operate the Service, keep you signed in, and understand usage. We do not use the Service to sell personal information or to serve cross-context behavioral advertising.
3. How We Use Information
We use the information we collect to:
- Evaluate applications and administer the invite-only admission process.
- Provide, operate, personalize, and improve the Service, including generating training scenarios, transcribing voice responses, analyzing optional on-camera tells, and producing performance evaluations.
- Process subscriptions, trials, and billing, and manage the free evaluation week.
- Communicate with you, including transactional, lifecycle, and (where permitted) engagement or marketing email (see Section 9).
- Maintain the security, integrity, and reliability of the Service and prevent fraud and abuse.
- Comply with legal obligations and enforce our Terms of Service.
Purpose limitation. We use CIP, Operator Profile, voice, and video data only to deliver and improve the training Service for you. We do not sell this information, and we do not use it for advertising or share it with third parties except the limited sub-processors described in Section 5 or as required by law.
4. Legal Bases for Processing
Where the GDPR or similar laws apply, we rely on the following legal bases:
- Contract — to provide the Service you have requested and signed up for.
- Consent — for voice recording, optional camera/video analysis, processing of biometric or sensitive data, and marketing email. You may withdraw consent at any time (which may limit features that depend on it).
- Legitimate interests — to secure, maintain, and improve the Service, and to prevent fraud, where those interests are not overridden by your rights.
- Legal obligation — to comply with applicable law.
5. How We Share Information; Sub-Processors
We do not sell personal information. We share information only as follows:
- Sub-processors. We use trusted third-party service providers ("sub-processors") to operate the Service. They are bound by contract to process data only on our instructions and to protect it. A representative list:
| Sub-processor |
Function |
Notes |
| Stripe |
Payment processing |
We do not store full card numbers. |
| Resend |
Transactional and lifecycle email delivery |
|
| Supabase |
Database and file/storage hosting |
Stores account data, profiles, transcripts, and recordings. |
| Speech-to-text provider |
Transcription of voice recordings for training |
|
| AI / LLM provider(s) |
Generating training scenarios and evaluations |
Processes profile and session content to produce feedback. |
(The specific identities of sub-processors may change. A current list is available on request to the contact in Section 13.)
- Professional services (Professional tier). The Professional tier includes a Dark Horse Political Senior Consultant. Authorized personnel supporting your engagement may access your information as needed to provide those services, subject to confidentiality obligations.
- Legal and safety. We may disclose information if required by law, subpoena, or legal process, or to protect the rights, safety, and property of Dark Horse Political, our users, or others.
- Business transfers. If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred subject to this Policy and applicable law.
We do not disclose your CIP, Operator Profile, voice, or video data to other clients, campaigns, candidates, or unrelated third parties.
6. Confidentiality of Sensitive Campaign Information
Given the nature of our clientele, we treat your strategic and sensitive information — including the CIP, Operator Profile, opposition research, and recordings — as strictly confidential. We apply internal access controls so that this material is accessible only to personnel and sub-processors with a need to access it to deliver the Service. We do not use one client's information for the benefit of another, and we do not disclose the existence or content of your engagement except as permitted in this Policy or required by law.
7. Data Retention and Deletion
We retain information for as long as needed to provide the Service and for legitimate business and legal purposes, after which we delete or de-identify it.
- Account and billing records are retained for the life of the account and for a reasonable period afterward to meet legal, tax, and accounting obligations.
- CIP, Operator Profile, transcripts, and recordings are retained while your account is active to support your ongoing training, and are deleted or de-identified within a defined period after account closure or upon a valid deletion request, subject to limited exceptions (for example, where retention is required by law or to resolve disputes).
- Voice and video recordings are retained only as long as necessary for the training purpose. You may request deletion of specific recordings or your profile data.
To request deletion, contact us using Section 13.
8. Security
We implement administrative, technical, and physical safeguards designed to protect information, including encryption in transit, access controls, authentication, and reliance on reputable infrastructure providers. We require our sub-processors to maintain appropriate security. No method of transmission or storage is completely secure, and we cannot guarantee absolute security; you use the Service at your own risk and are responsible for safeguarding your account credentials.
9. Email and Communications (CAN-SPAM)
We send two categories of email:
- Transactional and service email — account, billing, security, trial-status, and Service-operational messages. These are necessary to provide the Service and are not subject to marketing opt-out.
- Marketing and engagement email — newsletters, tips, product updates, and promotional content. You may opt out of these at any time using the unsubscribe link in the message or by contacting us. We honor opt-out requests promptly. Our marketing email identifies us, includes a valid physical postal address, and does not use deceptive subject lines, consistent with the CAN-SPAM Act.
10. Your Privacy Rights
Because our users may be located anywhere, we extend the following rights as a baseline, subject to verification and applicable law.
10.1 Rights for all users (GDPR baseline)
Subject to applicable law, you may have the right to: access your personal information; correct inaccurate information; request deletion; restrict or object to certain processing; request portability; and withdraw consent (including for voice/video and marketing). Where the GDPR applies, you also have the right to lodge a complaint with your supervisory authority.
10.2 California rights (CCPA/CPRA)
If you are a California resident, you may have the right to: know the categories and specific pieces of personal information we collect, use, and disclose; correct inaccurate information; delete personal information; and limit the use and disclosure of sensitive personal information. We do not sell or share personal information for cross-context behavioral advertising. We will not discriminate against you for exercising your rights. You may use an authorized agent to submit requests.
10.3 How to exercise your rights
Submit requests to the privacy contact in Section 13. We will verify your identity before fulfilling a request and respond within the timeframes required by applicable law. If you are an authorized user under a campaign or firm account, certain requests may be directed through that account's administrator.
11. Children's Privacy
The Service is intended only for adults 18 and older acting in a professional political capacity. It is not directed to children, and we do not knowingly collect personal information from anyone under 18. If we learn that we have collected such information, we will delete it.
12. International Users and Data Transfers
We operate from the United States, and our sub-processors may process information in the United States and other countries. If you access the Service from outside the United States, you understand that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your jurisdiction. Where required, we implement appropriate safeguards for international transfers.
13. Changes to This Policy
We may update this Policy from time to time. We will post the updated version with a new effective date and, where appropriate or required, provide additional notice. Your continued use of the Service after an update constitutes acceptance of the revised Policy.
14. Contact Us
- Privacy requests and applications: cpg@darkhorsepolitical.com
- General support: support@getarmr.ai
- Mailing address: Dark Horse Political, LLC, Sheridan, Wyoming, USA