Arboair Privacy Notice

Last updated: 22 April 2026

Introduction

Arboair ("Arboair," "we" or "us") offers a platform for forest cloud and image analysis. We also own and operate several websites (e.g. arboair.com, arboair.se and subdomains) (individually, "Website" and collectively the "Websites"). This Privacy Notice aims to inform you about how we collect, use, disclose, and store information that may identify you as an individual ("Personal Information") when you:

  • Interact with or use our Websites (including downloading materials from our resources page or requesting a demo);
  • Register for and/or attend any of our events, webinars, or conferences we attend (collectively "Events");
  • Receive, open, or interact with emails we send to you; and
  • Use any of our products, services, or applications (including any trial) (collectively the "Services") in any manner.

1. What Information Does Arboair Collect?

1.1. Information You Provide to Us

From Websites or Events:

  • We may collect identifiers that you choose to send or provide (for example, via our "Contact us" online form or when you register for an Arboair webinar).
  • If you contact us through the Websites, we will keep a record of our correspondence.

From the Services:

  • We receive and store information you provide directly to us. For example, when setting up new users, we collect identifiers (such as name, e-mail address, postal address, phone number, job title, etc.).
  • We also collect commercial information, such as records of services purchased or demo requests.
  • In addition, we may collect media, documents, or other information you provide.

1.2. Information We Automatically Collect

When You Use the Websites:

  • When you visit the Websites, we collect Internet or electronic network activity information, including your device's IP address, the referring website, pages visited, and the time of your visit.
  • We use cookies and similar tracking technologies on our Websites to collect this information. For a full description of the cookies we use and how you can manage them, please see the Cookie Policy and Notice at the end of this document.

When You Use the Services:

  • Usage Information: We track user activity related to the Services used, computer configuration, and performance metrics.
  • Log Information: We log information about customers and their users (including Internet Protocol ("IP") addresses) when you use a Service.
  • Cookies and Similar Technologies: We use various technologies to collect information, which may include storing cookies on your device.
  • Customer Feedback: You may be invited to provide feedback while using the Services (for example, directly in the software or after receiving support). Providing feedback is entirely optional.

When You Receive or Interact with Our Emails:

When we send you marketing, transactional, or other communications by email, we use industry-standard email analytics tools (including tracking pixels and tracked links) to collect information about how you interact with those emails. Specifically, we may collect:

  • Whether and when you opened the email;
  • Which links in the email you clicked, and when;
  • Your approximate location (derived from IP address) at the time of interaction;
  • Device and email client information (e.g. browser type, operating system, mobile vs. desktop); and
  • Delivery status (delivered, bounced, unsubscribed).

This information helps us measure engagement, improve the relevance of our communications, and follow up on legitimate business enquiries. You can opt out of email tracking at any time — see Section 6.3 below.

For further information about our use of cookies and similar technologies, please see the Cookie Policy and Notice at the end of this document.

2. How and On What Grounds Do We Use the Information?

2.1. For Websites or Events

We use the information collected via our Websites for purposes including:

  • Administering our Website, events, and internal operations (e.g. troubleshooting, data analysis, testing, statistical and survey purposes);
  • Improving our Website to ensure content is presented effectively for you;
  • Trend monitoring, marketing, and advertising;
  • Fulfilling your requests (e.g. providing a demo, access to webinars or whitepapers, or information about our Services);
  • Securing our Website.

Our use of your Personal Information in this context is based on our legitimate interest in ensuring network and information security, as well as improving business performance. Direct marketing is based on your consent (for example, when you request a demo, contact us, or agree to receive communications) or on our legitimate interest to enhance our business and marketing practices.

2.2. For Email Communications

We use the information collected from email interactions to:

  • Measure the effectiveness and reach of our marketing campaigns and communications;
  • Understand which topics and content are most relevant to our recipients;
  • Tailor future communications and follow-ups based on demonstrated interest;
  • Confirm deliverability and troubleshoot email delivery issues; and
  • Verify receipt of important transactional or service-related messages.

The legal basis for processing email-tracking data is:

  • Consent (Article 6(1)(a) GDPR) where we send marketing emails to individuals based on a prior opt-in; and
  • Legitimate interest (Article 6(1)(f) GDPR) for transactional emails, service notifications, and B2B outreach where such tracking is proportionate and expected.

You have the right to withdraw your consent, or object to processing based on legitimate interest, at any time (see Section 6).

2.3. For Services

We may use the information collected in connection with the Services to:

  • Set up a user account;
  • Provide, operate, and maintain the Services;
  • Process and complete transactions (including sending transaction confirmations and invoices);
  • Manage customer use of the Services, respond to enquiries, and provide customer service and support;
  • Send technical alerts, updates, security notifications, and administrative communications;
  • Investigate and prevent fraudulent activities, unauthorized access, and other illegal activities; and
  • For any other purposes about which we notify customers and users.

The use of your Personal Information in this context is based on our contractual relationship with you or our legitimate interest in ensuring security and improving business practices. Personal Information will be deleted according to the terms of the contract. Provision of personal information may be necessary to enter into the contract; failure to provide it may render some services unavailable.

3. How Do We Share and Disclose Information to Third Parties?

3.1. Vendors, Consultants, and Other Service Providers

  • We may share your information with third-party vendors, consultants, and service providers (e.g., payment processing providers, website analytics companies like Google Analytics, email marketing and analytics providers, help desk software providers, CRM services, etc.) who perform tasks on our behalf.
  • If your Personal Information is received in the United States and then transferred for processing by a third party, Arboair remains responsible for ensuring that such processing meets applicable privacy laws (including the GDPR). These transfers are typically based on our legitimate interest or contractual agreements.

3.2. Event Sponsors

  • When you attend an Arboair-organized event or webinar, we ask your preference regarding sharing your contact details with the event sponsor.
  • Based on your choice, we may share details (such as your name, email address, company name, and phone number) with the event sponsor.
  • You may opt out of sharing your details either at registration or by submitting a request.

3.3. Business Transfers

  • In connection with the evaluation or execution of business transactions (e.g., asset sales or acquisitions), we may share or transfer customer information based on our legitimate interest.
  • If Arboair (or its assets) is acquired, goes out of business, enters bankruptcy, or undergoes a change of control, Personal Information may be among the transferred assets.

3.4. Arboair Group Companies

We may share your Personal Information with our group companies, subsidiaries, and affiliates for purposes consistent with this Privacy Notice and based on our legitimate interest.

3.5. Protection of Arboair and Others

We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court orders; to enforce our agreements; or to protect the rights, property, or safety of Arboair, its employees, users, or others.

3.6. Disclosures for National Security or Law Enforcement

Under certain circumstances, we may disclose your Personal Information in response to valid requests from public authorities, including for national security or law enforcement purposes, based on our legitimate interest or legal obligations.

4. How Long Do We Store Your Personal Information?

We store your Personal Information for different periods depending on its category:

  • Some information (e.g., marketing data and email engagement metrics) may be deleted automatically based on specific schedules, typically no longer than 24 months from the last interaction.
  • Other data (e.g., account information) may be retained for longer periods as defined by our contractual obligations.
  • In addition, we may retain information for business purposes (e.g., network improvement, fraud prevention, record-keeping, or enforcing our legal rights) based on our legitimate interest or legal obligations.

Where we are required by law to retain certain information (e.g., for accounting or tax purposes), we do so for the statutory retention period and delete it thereafter.

5. Security and Certifications

We employ appropriate technical, organizational, and administrative security measures to protect the information in our records from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

Please note that while we strive to ensure the security of your Personal Information, no system is completely secure. For example, your account is protected by a password. You are responsible for:

  • Protecting your password;
  • Limiting access to your computer or device; and
  • Signing off after you have finished accessing your account.

6. Your Privacy Rights

6.1. What Choices Do I Have?

You may choose not to disclose information to us; however, certain information may be required to register or access certain features.

6.2. Cookies

  • You can accept or reject cookies for our Websites through our Cookie Preference Center (accessible via the "cookie settings" button on the applicable Website) or by adjusting your browser settings.
  • For more information on our use of cookies, please refer to the Cookie Policy and Notice at the end of this document.

6.3. Marketing Communications and Email Tracking

  • You can opt out of receiving promotional or marketing communications from us at any time by using the unsubscribe link in our emails or by contacting us at privacy@arboair.com.
  • To opt out of email tracking specifically (e.g., open and click tracking), you can: 
    • Disable automatic image loading in your email client, which prevents tracking pixels from loading; and/or
    • Contact us at privacy@arboair.com to request that your email address be excluded from tracked campaigns.
  • If you have an account with our Services, we may still send you non-promotional communications (such as service-related emails), which may contain limited tracking for deliverability purposes.

6.4. Your GDPR Rights

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under applicable data protection law:

  • Right of access — to obtain confirmation of whether we are processing your Personal Information and a copy of that information.
  • Right to rectification — to have inaccurate or incomplete Personal Information corrected.
  • Right to erasure ("right to be forgotten") — to have your Personal Information deleted where certain conditions apply.
  • Right to restriction of processing — to request that we limit how we use your Personal Information in certain circumstances.
  • Right to data portability — to receive a copy of your Personal Information in a structured, commonly used, machine-readable format, and to transmit it to another controller.
  • Right to object — to object to processing based on legitimate interest (including direct marketing and profiling).
  • Right to withdraw consent — where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
  • Right not to be subject to automated decision-making — including profiling, that produces legal or similarly significant effects on you.

To exercise any of these rights, please contact us at privacy@arboair.com. Our privacy team will review your request and respond as promptly as possible, and in any event within one month as required by Article 12(3) GDPR.

Please note that we may continue to use aggregated and de-identified information that does not identify you, and may retain your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

6.5. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your Personal Information infringes applicable data protection law. In Sweden, the relevant authority is:

Integritetsskyddsmyndigheten (IMY) Box 8114, 104 20 Stockholm Phone: +46 (0)8-657 61 00 Email: imy@imy.se Website: www.imy.se

If you reside in another EEA country, you may lodge your complaint with the supervisory authority in your country of residence.

7. International Data Transfers

Personal Information you provide on our Websites or through the Services may be transferred to and processed in the United States or other countries on our service providers' cloud servers.

We will protect your information in accordance with this Privacy Notice wherever it is processed. Our primary services are hosted within the EU region.

8. Information for Users in the EEA or UK

Arboair AB may transfer Personal Information from the European Economic Area (EEA) or the United Kingdom (UK) to third countries, including the United States. For users in the EEA or UK, "Personal Information" is equivalent to "personal data" under applicable European and UK data protection laws.

When transferring Personal Information outside the EEA/UK, Arboair AB relies on one of the following legal mechanisms:

  1. Adequacy decisions adopted by the European Commission (or, for UK transfers, by the UK Government) under Article 45 of Regulation (EU) 2016/679 (GDPR); or
  2. Standard Contractual Clauses issued by the European Commission (Decision (EU) 2021/914) — or, for UK transfers, the UK International Data Transfer Agreement or the UK Addendum to the EU SCCs — supplemented where necessary by additional technical, organizational, or contractual safeguards.

For more information, please visit: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en

We continually monitor such transfers to ensure they provide a level of protection essentially equivalent to that guaranteed by the GDPR, in line with the principles set out by the Court of Justice of the European Union in Schrems II (Case C-311/18).

9. Children

We do not knowingly collect or solicit Personal Information from individuals under the age of 18. If you are under 18, please do not attempt to register for our Services or submit any Personal Information about yourself. If we learn that we have collected Personal Information from a child under the age of 18, we will promptly delete such information.

If you believe that a child under 18 may have provided Personal Information to us, please contact us at privacy@arboair.com.

10. Linked Websites

Our Websites may contain hyperlinks to other websites ("Linked Sites"). This Privacy Notice does not apply to the privacy practices of any Linked Sites or companies that we do not own or control.

Linked Sites may collect information beyond what we collect on our Websites. We do not endorse any Linked Sites, their services, products, or content. We encourage you to review the privacy notice of each Linked Site you visit.

11. Changes to the Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by, for example, placing a notice on our Websites and/or sending you an email (if you have provided your email address) when required by law.

The date at the top of this Privacy Notice indicates the last update. You are responsible for periodically reviewing this Privacy Notice.

12. Contact Us

For Customers: Please contact the Arboair entity identified in your order form.

Controller Details: Arboair AB Teknikringen 7 583 30 Linköping Sweden

Data Protection Officer: Jacob Hjalmarsson Email: privacy@arboair.com

If you have any questions, requests, or concerns regarding your privacy or your rights, please contact us.

Cookie Policy and Notice

A cookie is a small piece of data (text file) that a website asks your browser to store on your device when you visit, to remember information about you (such as your language preference or login information).

  • First-Party Cookies: These are set by us.
  • Third-Party Cookies: These are set by domains other than the one you are visiting and are used for advertising and marketing efforts.

We Use Cookies and Similar Tracking Technologies for the Following Purposes:

  • Assisting you with navigation.
  • Facilitating registration for our events, login, and your ability to provide feedback.
  • Analyzing your use of our products, services, or applications.
  • Measuring the performance of our email communications (via tracking pixels in emails, which function similarly to cookies).
  • Supporting our promotional and marketing efforts (including behavioral advertising).

Below is a detailed list of the cookies used on our Website. Our Website is regularly scanned with our cookie scanning tool to maintain an accurate list. We classify cookies into the following categories:

  • Strictly Necessary Cookies — required for basic site functionality; these are always active.
  • Performance Cookies — help us understand how visitors use our Website (e.g., analytics).
  • Functional Cookies — enable enhanced functionality and personalization.
  • Targeting Cookies — used to deliver relevant advertising and measure campaign performance.

You can manage your cookie preferences at any time via our Cookie Preference Center, accessible via the "cookie settings" button on each Website.