Arboair Privacy Notice

Introduction

Arboair (“Arboair,” “we” or “us”) offers a platform for forest cloud and image analysis. We also own and operate several websites (e.g. arboair.com, arboair.se and subdomains) (individually, “Website” and collectively the “Websites”). This privacy notice aims to inform you about how we collect, use, disclose and store information that may identify you as an individual (“Personal Information”), when you:

• interact or use our Websites, including downloading materials from our resources page or requesting a demo,
• register and/or attend any of our events, webinars, or the conferences we attend (collectively “Events”), and
• if you use any of our products, services or applications (including any trial) (collectively the “Services”) in any manner.

What information does Arboair collect?

Information You Provide to Us:

From Websites or Events: We may collect identifiers that you choose to send to us or provide to us, for example, on our “Contact us” (or similar) online form or if you register for a Arboair webinar. If you contact us through the Websites, we will keep a record of our correspondence.

From the Services: We receive and store information you provide directly to us. For example, when setting up new users, we collect identifiers, such as name, e-mail address, postal addresses, phone numbers, job titles, etc.; we collect also commercial information, such as records of the services purchased or demos requests. We may also collect media, documents or other information you provide to us.

Information We Automatically Collect:

When you use the Websites: When you visit the Websites, we collect Internet or other electronic network activity information, such as your device’s IP address, referring website, what pages your device visited, and the time that your device visited our Website. We may also rely on analytics, as further specified in our “Cookie Notice”.

When you use the Services:

Internet or other electronic network activity information may also be collected when you use the Service:

• Usage information – we keep track of user activity in relation to the types of Services our customers and their users use, the configuration of their computers, and performance metrics related to their use of the Services.
• Log information – we log information about our customers and their users when you use one of the Services including Internet Protocol (“IP”) address.
• Information collected by cookies and other similar technologies – we use various technologies to collect information which may include saving cookies to users’ computers.
• Customer Feedback – While using the Services, you may be asked to provide feedback (e.g. in the software directly or after receiving help from our support team). Providing this feedback is entirely optional.

For further information, please read the section below headed “Cookies and other Tracking Technologies”.

How and on what grounds do we use the information?

Websites or Events:

We will use the information we collect via our Websites:

• To administer our Website, our events and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes;
• To improve our Website to ensure that content is presented in the most effective manner for you and for your computer;
• For trend monitoring, marketing and advertising;
• For purposes made clear to you at the time you submit your information – for example, to fulfill your request for a demo, to provide you with access to one of our webinar’s or whitepaper’s or to provide you with information you have requested about our Services; and
• As part of our efforts to keep our Website secure.

Our use of your Personal Information may be based on our legitimate interest to ensure network, information security and business performance improvement.

Our direct marketing purposes are based on your consent (for example. when you request a demo, contact us directly, provide us your business card, agree to receiving communications after an event and so on). We may also rely on our legitimate interest to improve business and marketing practices, or contact you to offer similar products and services that you might have bought from us or negotiated for with us.

Services:

We may use the information we collect from our customers and their users in connection with the Services we provide for a range of reasons, including to:

• Set up a user account,
• Provide, operate and maintain the Services;
• Process and complete transactions, and send related information, including transaction confirmations and invoices;
• Manage our customers’ use of the Services, respond to enquiries and comments, and provide customer service and support;
• Send customers technical alerts, updates, security notifications, and administrative communications;
• Investigate and prevent fraudulent activities, unauthorized access to the Services, and other illegal activities; and
• For any other purposes about which we notify customers and users.

We use your Personal Information in this context based on the contract that we have in place with you or our legitimate interest for security purposes and business practice improvement (e.g., the prevention and investigation of fraudulent activities). Personal Information will be deleted based on the terms of the contract. You can exercise your rights regarding your personal information by contacting us here.

Provision of personal information in this instances might be necessary to enter the contract. Failure to provide such personal information might cause some services to become unavailable.

How do we share and disclose information to third parties?

We share and disclose information (including Personal Information) about our customers in the following limited circumstances:

Vendors, consultants and other service providers:

We may share your information with third party vendors, consultants and other service providers who we employ to perform tasks on our behalf.  These companies include (for example) our payment processing providers, website analytics companies (e.g., Google Analytics), product feedback or help desk software providers (e.g. HelpScout), CRM service providers (e.g., Pipedrive), email service providers (e.g., Pipedrive) and others.

If Arboair receives your Personal Information in the United States and subsequently transfers that information to a third party agent or service provider for processing, Arboair remains responsible for ensuring that such third party agent or service provider processes your Personal Information to the standard required by the applicable privacy laws, including the GDPR (see the sections below headed “Additional Information for Users in the European Economic Area (“EEA”) or in the United Kingdom (“UK”)” and “International Data Transfers”).

These transfers will be typically based on our legitimate interest or agreed upon in the contract.

Event Sponsors:

When you attend an event or webinar organized by Arboair we ask your preferences on sharing your contact details with the event sponsor. Based on your choice, we may share your contact details (such as your name, email address, company name and phone number) with the event sponsor. If you’d like to opt-out of sharing of your details with sponsors, you can always do so either at the time of registration, or by submitting a request.

Business Transfers:

We may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions and based on our legitimate interest. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.

Arboair Group Companies:

We may also share your personal data with our children companies, subsidiaries and/or affiliates for purposes consistent with this Privacy Notice and based on our legitimate interest.

Protection of Arboair and Others: We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court order; enforce or apply our agreements with you and other agreements; or protect the rights, property, or safety of Arboair, our employees, our users, or others.

Disclosures for National Security or Law Enforcement:

Under certain circumstances, we may be required to disclose your Personal Information in response to valid requests by public authorities, including to meet national security or law enforcement requirements, based on our legitimate interest or legal obligations.

For how long do we store your personal information?

We store your personal information for different periods of time depending on the category of personal information.

Some information might be deleted automatically based on specific schedules, such as marketing information. Other data, for example account information, might be retained for longer period of time based on the contract you have with us. Finally, we might further retain information for business practices based on our legitimate interest or legal purposes, such as network improvement, fraud prevention, record-keeping or enforcing our legal rights.

Security and Certifications

We use appropriate technical, organizational, and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction.

Unfortunately, no company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. Among other practices, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

Your Privacy Rights

What choices do I have?

You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.

Cookies

You can accept or reject cookies for our Websites through our Cookie Preference Center, accessible by clicking the “cookie settings” button in the applicable Website Cookie Notice. You can also do so by adjusting your web browser controls. Please consult the Website Cookie Notice for more information about our use of cookies on the Website and how to accept and reject them.

Marketing Communications

You can opt-out of receiving certain promotional or marketing communications from us at any time, by using the unsubscribe link in the emails communications we send by contacting us.

If you have any account for our Services, we will still send you non-promotional communications, like service related emails.

How Can I Exercise My Data Subject Rights?

If you would like to access, review, update, rectify, and delete any Personal Information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation (GDPR),  you can contact us. Our privacy team will examine your request and respond to you as quickly as possible.

Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

We remind you that you are also entitled to lodge a complaint with a supervisory authority. For more information, you can visit the Information Commissioner’s Officer website at www.ico.org.uk

International Data Transfers

Personal Information you submit on the Websites or through the Services may be sent to the United States and processed by us there or in other countries, on our service providers’ cloud servers. We will always protect your information in accordance with this Privacy Notice wherever it is processed. The CookiePro Service is hosted in Microsoft Azure’s data centers in Germany. Other Arboair Services are hosted in the E.U. region.

Information for users in the European Economic Area (“EEA”) or in the United Kingdom (“UK”)

Arboair AB may transfer Personal Information from the EEA or the UK to the United States, including Personal Information we receive from individuals residing in the EEA or the UK who visit our Websites and/or who may use of our Services or otherwise interact with us. Please note that for individuals located in the EEA or the UK, the term Personal Information used in this notice is equivalent to the term “personal data” under applicable European and UK data protection laws.

When Arboair AB engages in such transfers of personal information, it relies on i) Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR), or ii) Standard Contractual Clauses issued by the European Commission. The European Commission has determined that the Standard Contractual Clauses provide sufficient safeguards to protect the personal data transferred outside the EU or EEA. For more information, please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en. Arboair AB also continually monitors the circumstances surrounding such transfers in order to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the GDPR.

Following the Court of Justice of the European Union’s invalidation of the EU-US Privacy Shield Framework in Case C-311/18, Arboair AB will no longer rely on the EU-US Privacy Shield as a mechanism of international data transfer until further notice.

Arboair AB will however remain committed to maintaining its self-certification under the EU-US Privacy Shield Principles and respect its principles, as an additional measure of protection of its users’ privacy, until further notice.

Following the opinion of the Swiss Federal Data Protection and Information Commissioner (FDPIC) of 8 September 2020, Arboair AB will no longer rely on the Swiss-U.S. Privacy Shield as a mechanism of international data transfer until further notice.

Children

We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not attempt to register for the Services or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Information, please contact us at privacy@arboair.com

Linked Websites

For your convenience, hyperlinks may be posted on the Websites that link to other websites (the “Linked Sites”). We are not responsible for, and this Privacy Notice does not apply to, the privacy practices of any Linked Sites or of any companies that we do not own or control. Linked Sites may collect information in addition to that which we collect on the Websites. We do not endorse any of these Linked Sites, the services or products described or offered on such Linked Sites, or any of the content contained on the Linked Sites. We encourage you to seek out and read the privacy notice of each Linked Site that you visit to understand how the information that is collected about you is used and protected.

Changes to the Privacy Notice

We’re constantly trying to improve our Websites and Services, so we may need to change this Privacy Notice from time to time as well. We will alert you to material changes by, for example, placing a notice on our Websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. You can see when this Privacy Notice was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy Notice.

Contact Us

For Customers: Please contact the Arboair entity identified in your order form.

Controller Details

Arboair AB

Teknikringen 7

58330 Linköping

Sweden

Data Protection Officer:

Jacob Hjalmarsson

Email: privacy@arboair.com. 

If you have questions, requests or concerns regarding your privacy and rights, please let us know how we can help.

Cookie Policy and Notice

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first party cookies. We also use third party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts.

More specifically, we use cookies and other tracking technologies for the following purposes:

• Assisting you in navigation;
• Assisting in registration to our events, login, and your ability to provide feedback;
• Analyzing your use of our products, services or applications;
• Assisting with our promotional and marketing efforts. (including behavioral advertising)

Below is a detailed list of the cookies we use on our Website. Our Website is scanned with our cookie scanning tool regularly to maintain a list as accurate as possible. We classify cookies in the following categories:

• Strictly Necessary Cookies
• Performance Cookies
• Functional Cookies
• Targeting Cookies