Privacy Policy

Your privacy is critically important to us. ArcticBlue AI is committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice or our practices concerning your personal information, please contact us at privacy@arcticblue.ai.

This privacy notice describes how we might use your information if you:

  • Visit our website

  • Engage with us in other related ways, including any sales, marketing, or events

  • Provide feedback, input, or reactions during research

Please read this privacy notice carefully, as it will help you understand what we do with the information that we collect.

This privacy policy is aligned with ArcticBlue’s Information Classification and Handling Policy to ensure the confidentiality, integrity, and availability of all data, whether internal or customer-related.

Table of Contents

  1. What Information Do We Collect?

  2. How Do We Use Your Information?

  3. Will Your Information Be Shared With Anyone?

  4. Who Will Your Information Be Shared With?

  5. Do We Use Cookies and Other Tracking Technologies?

  6. How Long Do We Keep Your Information?

  7. How Do We Keep Your Information Safe?

  8. Do We Collect Information From Minors?

  9. What Are Your Privacy Rights?

  10. Controls for Do-Not-Track Features

  11. Breach Notifications

  12. Do California Residents Have Specific Privacy Rights?

  13. Policy Governance

What Information Do We Collect?

We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and services, when you participate in research activities, use our web products, or otherwise when you contact us.

The personal information that we collect depends on the context of your interactions with us and the website, the choices you make, and the products and features you use. The personal information we collect may include the following:

  • Names

  • Phone numbers

  • Email addresses

  • Mailing addresses

  • Job titles

  • Self-reported behavioral data

  • Contact or authentication data

  • and other Personal Information

All collected data is classified into Public, Internal, Confidential, or Regulated categories as defined in ArcticBlue’s Information Classification and Handling Policy.

How Do We Use Your Information?

We use personal information collected for a variety of business purposes described below, including but not limited to primary research on behalf of clients.

All personal information categorized as Confidential or Regulated is processed in compliance with our data handling policies.

Will Your Information Be Shared With Anyone?

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations. We may process or share your data based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose, for example as a participant in a research study.

  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.

  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.

  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

Who Will Your Information Be Shared With?

We only share and disclose your information with the following third parties. We have categorized each party so that you may easily understand the purpose of our data collection and processing practices:

  • Cloud Computing Services

  • Data Analytics Services

  • Payment Processors

  • User Account Authentication Services

  • Customers

Do We Use Cookies and Other Tracking Technologies?

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

How Long Do We Keep Your Information?

We will keep your personal data for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

Data retention policies are aligned with applicable laws, regulatory requirements (e.g., GDPR, CCPA), and our Information Classification and Handling Policy.

How Do We Keep Your Information Safe?

We aim to protect your personal information through a system of organizational and technical security measures. We employ a comprehensive security framework for all information assets. We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

Do We Collect Information From Minors?

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years old has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.

What Are Your Privacy Rights?

You have the right to request access, update, or delete the information we have on you. If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

Users have the right to request information about how their data is classified and handled under ArcticBlue’s internal policies. Requests can be directed to the Data Protection Officer (DPO) at privacy@arcticblue.ai.

Breach Notifications

In the unlikely event of a data breach involving Confidential or Regulated information, ArcticBlue will adhere to the incident response protocols outlined in its Information Classification and Handling Policy. Affected parties will be notified within the legally required timeframe.

Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.

Do California Residents Have Specific Privacy Rights?

Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information. California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar

Policy Governance

This privacy policy is governed by ArcticBlue’s broader security and compliance framework, including the Information Classification and Handling Policy, Business Resiliency Policy, and Secure Development Lifecycle. Responsibility for enforcing this policy lies with the Data Protection Officer (DPO) and the Security and Compliance Team.