Privacy Policy

ArkSight takes your privacy seriously. The purpose of this document is to describe how we gather, handle, share, and secure your personal information. This policy applies in compliance with the General Data Protection Regulation (GDPR) and all other relevant data protection legislation.

Data Controller

The data controller responsible for your personal data is:

For any questions, concerns, or requests related to your personal data or this policy, please reach out to us at contact@arksight.io.

How We Gather Your Personal Information

We obtain personal data through a range of digital and offline methods. This may include details such as your name, email address, telephone number, professional title, employer name, and business address. The specific information gathered depends on the context of our interaction with you.

We may receive your information when you:

• Reach out to us by email, through social media, or by exchanging business cards.
• Use the scheduling tool available on our website.
• Fill in any form hosted on our website.
• Register for one of our newsletters or webinars.
• Participate in an in-person event that we host or co-host.

Automated Data Collection

When you visit our website, we may gather certain technical information using tools such as cookies, URL-embedded tokens, server logs, tracking pixels, and similar technologies. Cookies are small data files placed on your device by websites to remember your preferences or identify your browser.

Before placing any non-essential cookies or similar tracking technologies on your device, we will ask for your explicit consent through our cookie consent tool. You may withdraw your consent or adjust your preferences at any time through the same tool. Strictly necessary cookies, which are required for the basic operation of our website, do not require consent.

URL-embedded tokens are encoded identifiers used to track interactions such as email link clicks and to generate temporary password reset links. These tokens work independently of cookies and active sessions.

If you need help with our offerings, you are welcome to get in touch via our support portal. You can submit questions, share feedback, or flag any issues — providing relevant details will help us assist you more effectively.

How We Use Your Information

The personal data you provide is used for the following purposes:

• Granting you optimal access to our products and services.
• Addressing your enquiries and maintaining communication with you.
• Running surveys and collecting feedback.
• Sending you updates about ArkSight, our offerings, and relevant events.
• Evaluating any job application you may submit.
• Getting in touch with you for other matters connected to delivering our products and services.

We process your data either on the basis of a contractual relationship with you or where we have a legitimate business interest in providing high-quality service and developing our operations.

Data Retention

Your personal data is kept only for as long as necessary to serve the purposes described in this policy. Our approach to retention is guided by the following principles:

• We store personal data in line with applicable legal obligations, including the Swedish Bookkeeping Act (Bokföringslagen).
• Information relating to clients, vendors, and other business contacts is held for the duration of our active relationship or ongoing dialogue. In certain situations, we may extend storage to satisfy requirements such as statutory limitation periods or complaint handling.
• Where you have given consent — for instance, to receive marketing emails — we keep your data until you revoke that consent by unsubscribing.
• Data submitted as part of a recruitment process is retained for up to six months following the conclusion of that process (unless you join our team). We may, with your agreement, extend this period.

Sharing of Personal Data

We provide personal data to selected service providers, such as IT infrastructure and accounting firms. Formal data processing agreements are in place with these providers, ensuring they handle your data solely for the purpose of delivering their services to us.

Within our organisation, personal data may be shared across internal entities where this is required for administrative operations.

Beyond this, we may disclose personal data to parties such as parent companies, subsidiaries, commercial partners, and suppliers to the extent needed for the purposes set out in this policy. We will not otherwise share your data unless we are legally compelled to do so or have obtained your explicit permission.

Protecting Your Data

We apply recognised security standards to guard your personal data against unauthorised access, modification, disclosure, or loss.

Your data is held on protected servers, and we deploy appropriate technical and organisational safeguards in line with GDPR requirements. We periodically review and update these measures to remain aligned with current legislation and best practices.

Your Rights

Under the GDPR and other applicable data protection regulations, you are entitled to:

• Request access to the personal data we hold about you.
• Have inaccurate personal data corrected.
• Request deletion of your personal data.
• Ask us to limit how we process your personal data.
• Receive your personal data in a portable format.
• Object to certain types of processing of your personal data.
• Withdraw any consent you have previously given.
• Lodge a complaint with a supervisory authority. If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY). You can reach IMY at imy.se or by post at Box 8114, 104 20 Stockholm, Sweden.

Changes to This Policy

We may revise this Privacy Policy periodically to account for changes in our operations or to meet legal requirements. Any updated version will be published on our website along with the revised effective date.