Arsy

Privacy Policy

This privacy policy describes how Anders Daniel Sjöberg and its subsidiaries ("we," "us," "our") collect, use, and share information in connection with your use of our websites (including www.arsy.se), services, and applications (together, the "Services"). This policy does not apply to information that our customers manage themselves when using our services.

We may collect information about users of our Services ("you," "your") from multiple sources, including:

  1. Information you provide through your user account in the Services ("Account") upon registration.
  2. Your use of the Services.
  3. Third-party websites, services, and partners.

We recommend that you read this policy in full to understand how we handle your data. If you have questions, contact us at privacy@arsy.se.

When we process customer data where the customer is the data controller, Anders Daniel Sjöberg acts as a data processor.

What Information We Collect

Information You Provide

  • Account and registration: When you register an account, we may ask for contact details such as name, company name, address, email, and phone number. If you refer someone else to our services, we may also collect their email address to send an invitation or promotional code.
  • Payment information: If you provide payment information, these details are sent directly to our third-party payment provider. We do not store your financial details ourselves, but may retain subscriber information through the third-party payment provider.
  • Communication: If you contact us directly, we may receive additional information such as name, email, phone number, the content of your message, and any attachments. We may also receive confirmation when you open our emails.

We always explain why we request your information at the time we collect it.

Information We Collect Automatically

  • Cookies and tracking technologies: We automatically collect information about your usage, such as IP address, browser type, operating system, date/time, navigation, and browsing history. We use cookies to recognize you and save your preferences. We may also collect information about how often you use the Services and which features you use.
  • Error reporting and performance: We collect technical information for error reporting, performance monitoring, and improvement of the Services, including system data, error messages, and usage statistics.
  • Use of the Services: We may collect technical information such as processor usage, memory, storage capacity, and system data to operate, improve, and maintain the Services, as well as for analysis and business development.

Information from Third Parties

  • Third-party accounts: If you connect the Services to a third-party account, we receive information about this, e.g. authentication tokens.
  • Partners: We may receive publicly available information about you from partners and combine it with the information we already have.

How We Use Information

We use the information to, among other things:

  • Provide, operate, and maintain the Services
  • Improve and customize the Services
  • Understand how the Services are used
  • Develop new features and services
  • Communicate with you (e.g. customer service, updates, marketing)
  • Process payments and transactions
  • Send messages and notifications
  • Prevent fraud and ensure the security of the Services
  • Comply with laws and our terms

We may also use anonymized data for statistics and development of the Services.

How We Share Information

We may share information with:

  • Vendors and service providers: Who help us operate and improve the Services, including:
    • Cloud storage and file management
    • Email delivery and communication
    • Error reporting and performance monitoring
    • Maps and geocoding
    • Customer support and feedback systems
    • Marketing and customer service
    • The provider may use and collect data and insights about the customer's use of the provider's service, including the customer's behavior within the service, such as clicks, scrolling, mouse movements, keyboard inputs, page updates, and other information about the user session, to operate, improve, and support the provider's service as well as for other lawful business purposes.
  • ERP integrations: When you connect external business systems, relevant business data may be shared with those systems to provide service functionality.
  • Aggregated information: We may share anonymized or aggregated information that cannot be linked to an individual.
  • Partners and third parties: To access additional publicly available information or collaborate around the Services.
  • Upon referral: If you register through a referral, we may inform the person who referred you.
  • Business transactions: Information may be shared in the event of a company sale, merger, or bankruptcy.
  • As required by law: To comply with legal requirements or protect our rights and users.
  • With your consent: We may share information if you have approved this.

All third-party providers are bound by data processing agreements and appropriate security measures for international transfers.

Legal Basis for Processing

We process your personal data based on:

  • Contract: To provide and operate the Services in accordance with our terms of use
  • Legitimate interest: For error reporting, performance monitoring, security, and improvement of the Services (as long as it does not infringe upon your rights)
  • Legal requirement: To comply with accounting and other legal requirements
  • Your consent: For non-essential features such as session recording and marketing

Third-Party Services

You may access third-party services through our Services (e.g. by clicking external links). We are not responsible for their privacy policies or practices and encourage you to read their terms.

International Transfers

Some of our service providers may be located outside the EU/EEA. When we transfer personal data to third countries, we ensure appropriate safeguards in accordance with GDPR, including standard contractual clauses (SCCs) and data processing agreements.

Security

We use technical and organizational security measures to protect your data, including:

  • Encryption of data in transit and at rest
  • Access controls and role-based permissions
  • Secure authentication and two-factor authentication
  • Private cloud storage with signed URLs
  • Regular security updates and monitoring

Please note that the internet can never be guaranteed to be 100% secure.

Data Retention

We retain your personal data for as long as we have a legitimate need:

  • Account data: For as long as your account is active plus 12 months after closure
  • Business data: In accordance with the Accounting Act (7 years for invoicing and bookkeeping)
  • Error reports and performance data: 90 days
  • Session recordings: 14 days (if enabled)
  • Support and feedback: 12 months
  • Email logs: 6 months

When the need ceases, the data is deleted or anonymized.

Access and Corrections

You can log in or contact us at privacy@arsy.se to view and correct your data. We may need to verify your identity before updating or deleting information.

We protect Customer information in the Service and do not share it for marketing purposes without a legal basis or your consent.

Your GDPR Rights

If you are located within the EEA, you have the right to:

  • Request access, correction, or deletion of your data
  • Restrict processing or request data portability
  • Withdraw consent at any time
  • Object to marketing
  • Lodge a complaint with a supervisory authority

Contact us at privacy@arsy.se to exercise these rights.

Cookies and Storage

We use the following types of cookies and storage:

  • Necessary cookies: For authentication and security (e.g. CSRF protection)
  • Functional cookies: To save your preferences and language selection
  • Performance and error reporting: To improve the Services (may include session recording with your consent)

You can manage cookies through your browser settings, but this may affect certain features of the Services.

Your Choices

You can:

  • Unsubscribe from marketing emails at any time
  • Request that session recording be disabled
  • Manage cookies through your browser
  • Contact us to exercise your GDPR rights

Changes to the Privacy Policy

The policy may be updated from time to time. We publish changes on our website. For significant changes, we will notify you via the Services or email.

Contact

Questions about this policy should be sent to privacy@arsy.se.

The data controller is Anders Daniel Sjöberg.

Validity

This policy applies from 1 October 2025 until further notice.