Privacy Policy
Privacy Policy
Privacy Policy
Last updated: July 9, 2025
Your privacy is critically important to us. ArcticBlue AI is committed to protecting your personal information and your right to privacy.
If you have any questions or concerns about this privacy notice or our practices concerning your personal information, please contact us at privacy@arcticblue.ai.
This privacy notice describes how we might use your information if you:
Visit our website
Engage with us in other related ways, including any sales, marketing, or events
Participate in research or feedback sessions
Please read this privacy notice carefully, as it will help you understand what we do with the information that we collect.
This policy aligns with ArcticBlue’s Information Classification and Handling Policy to ensure the confidentiality, integrity, and availability of all data, whether internal or customer-related.
Table of Contents
What Information Do We Collect?
How Do We Use Your Information?
Research Data and Participant Privacy
Will Your Information Be Shared With Anyone?
Who Will Your Information Be Shared With?
Do We Use Cookies and Other Tracking Technologies?
How Long Do We Keep Your Information?
How Do We Keep Your Information Safe?
Do We Collect Information From Minors?
What Are Your Privacy Rights?
Breach Notifications
Controls for Do-Not-Track Features
Do California Residents Have Specific Privacy Rights?
Roles and Responsibilities: Controller and Processor
Sensitive Personal Data
Cross-Border Data Transfers
International and Regional Compliance (GDPR, CCPA, GCC)
Policy Updates
Contact Information
Policy Governance
1. What Information Do We Collect?
We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and services, participate in research activities, use our web products, or otherwise contact us.
The personal information that we collect depends on the context of your interactions with us and the website, the choices you make, and the products and features you use. It may include:
Names
Phone numbers
Email addresses
Mailing addresses
Job titles
Self-reported behavioral data
Contact or authentication data
Other personal information
All collected data is classified into Public, Internal, Confidential, or Regulated categories as defined in ArcticBlue’s Information Classification and Handling Policy.
Research-Specific Data
In connection with our product and market research activities, we may also collect:
Survey or interview responses, opinions, and feedback
Interaction data from usability or prototype testing
Audio, video, or screen recordings (only with consent)
Demographic or behavioral data for research segmentation
Research data is typically de-identified or pseudonymized before analysis and used only for the stated research purposes.
2. How Do We Use Your Information?
We use personal information for various business purposes, including but not limited to primary research on behalf of clients.
We may use data to:
Operate, maintain, and improve our website and services
Conduct research and analytics
Communicate with you about participation in research or updates
Comply with legal obligations
Protect against fraud or unauthorized activity
All personal information categorized as Confidential or Regulated is processed in compliance with our internal data-handling policies.
3. Research Data and Participant Privacy
ArcticBlue AI conducts product, usability, and market research to inform product development and support client projects.
Participation in research is always voluntary and based on informed consent. Research data may include opinions, preferences, or recorded interactions. Where possible, such data is anonymized or aggregated before analysis and reporting.
If research data contains personal information, it is processed according to the same safeguards described throughout this Privacy Policy.
Participants may withdraw consent or request deletion of their research data at any time by contacting privacy@arcticblue.ai.
4. Will Your Information Be Shared With Anyone?
We share information only with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.
Legal Bases:
Consent – for specific, voluntary purposes (e.g., research studies)
Legitimate Interests – when reasonably necessary for business operations
Performance of a Contract – to fulfill agreed services
Legal Obligations – when required by law or legal process
5. Who Will Your Information Be Shared With?
We only share and disclose your information with the following third parties:
Cloud Computing Services
Data Analytics Services
Payment Processors
User Account Authentication Services
Customers
6. Do We Use Cookies and Other Tracking Technologies?
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.
Specific details are provided in our Cookie Policy.
7. How Long Do We Keep Your Information?
We retain personal data for as long as necessary for the purposes outlined in this Privacy Policy, unless longer retention is required by law.
Research data is kept only as long as needed to fulfill research objectives and reporting obligations. Identifiable data is deleted or anonymized after project completion.
All retention periods comply with applicable laws and our Information Classification and Handling Policy.
8. How Do We Keep Your Information Safe?
We protect your information through organizational and technical security measures, guided by a comprehensive security framework for all information assets.
Despite our safeguards, no electronic transmission or storage system is 100% secure. We therefore cannot guarantee absolute protection from unauthorized access or disclosure.
All data collected and processed in GCC jurisdictions is handled per local data-protection and cybersecurity regulations.
9. Do We Collect Information From Minors?
We do not knowingly solicit data from or market to children under 18 years of age.
If we learn that personal information from minors has been collected, we will delete it promptly.
10. What Are Your Privacy Rights?
You have the right to access, update, correct, or delete the information we hold about you.
You may also request restriction or object to processing where applicable.
Requests can be sent to privacy@arcticblue.ai and will be handled per applicable laws.
11. Breach Notifications
In the unlikely event of a data breach involving Confidential or Regulated information, ArcticBlue will follow its Information Classification and Handling Policy and notify affected parties within legally required timeframes.
12. Controls for Do-Not-Track Features
Currently, ArcticBlue does not respond to Do-Not-Track (DNT) signals due to the lack of an established standard.
If a recognized protocol emerges, we will update this notice accordingly.
13. Do California Residents Have Specific Privacy Rights?
Yes. California residents have rights under California Civil Code Section 1798.83 (“Shine the Light”) and the California Consumer Privacy Act (CCPA/CPRA), including rights to know, delete, correct, limit use, and opt out of sale/sharing of personal data.
14. Roles and Responsibilities: Controller and Processor
Depending on the context, ArcticBlue AI may act as:
A Data Controller when conducting independent research or managing its own services; or
A Data Processor when performing research or analytics under a client’s direction.
In both cases, we process personal data lawfully and securely.
15. Sensitive Personal Data
Sensitive personal data includes information about racial or ethnic origin, political opinions, religious beliefs, trade-union membership, genetic or biometric data, health information, or sexual orientation.
We do not intentionally collect such data unless required for research with explicit consent.
16. Cross-Border Data Transfers
Personal data may be transferred internationally where necessary for service delivery or research analysis.
We ensure:
Compliance with applicable authorization or approval requirements
Use of Standard Contractual Clauses (SCCs) or equivalent safeguards
Protection of individual rights regardless of data location
17. International and Regional Compliance (GDPR, CCPA, GCC)
European Economic Area (EEA) and United Kingdom
We comply with GDPR and UK GDPR, providing rights to access, rectification, erasure, portability, restriction, objection, and freedom from automated decision-making.
Supervisory authority contact details are available at
https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
United States (California)
We follow CCPA/CPRA obligations, ensuring transparency around categories of data collected, sources, and disclosure practices.
Gulf Cooperation Council (GCC)
We comply with privacy laws in the UAE, Saudi Arabia, Qatar, Bahrain, Kuwait, and Oman, including:
Reliance on consent as a primary basis for processing
Observance of data-localization or transfer restrictions
Respect for rights to access, correction, deletion, and withdrawal of consent
Availability of this policy in Arabic where required
18. Policy Updates
We may update this Privacy Policy from time to time.
When updates occur, the “last updated” date will be revised, and—where required by law—we will notify you by email or through our website.
19. Contact Information
Data Protection Officer (DPO)
ArcticBlue AI
Email: privacy@arcticblue.ai
Regional Data Protection Contact (GCC)
ArcticBlue AI — GCC Data Protection Office
Email: privacy@arcticblue.ai
Where required by law, this Privacy Policy is available in English and Arabic. In the event of inconsistency, the version most protective of the data subject prevails.
20. Policy Governance
This policy is governed by ArcticBlue’s broader security and compliance framework, including the Information Classification and Handling Policy, Business Resiliency Policy, and Secure Development Lifecycle.
Responsibility for enforcement lies with the Data Protection Officer (DPO) and the Security and Compliance Team.
Privacy Policy
Last updated: July 9, 2025
Your privacy is critically important to us. ArcticBlue AI is committed to protecting your personal information and your right to privacy.
If you have any questions or concerns about this privacy notice or our practices concerning your personal information, please contact us at privacy@arcticblue.ai.
This privacy notice describes how we might use your information if you:
Visit our website
Engage with us in other related ways, including any sales, marketing, or events
Participate in research or feedback sessions
Please read this privacy notice carefully, as it will help you understand what we do with the information that we collect.
This policy aligns with ArcticBlue’s Information Classification and Handling Policy to ensure the confidentiality, integrity, and availability of all data, whether internal or customer-related.
Table of Contents
What Information Do We Collect?
How Do We Use Your Information?
Research Data and Participant Privacy
Will Your Information Be Shared With Anyone?
Who Will Your Information Be Shared With?
Do We Use Cookies and Other Tracking Technologies?
How Long Do We Keep Your Information?
How Do We Keep Your Information Safe?
Do We Collect Information From Minors?
What Are Your Privacy Rights?
Breach Notifications
Controls for Do-Not-Track Features
Do California Residents Have Specific Privacy Rights?
Roles and Responsibilities: Controller and Processor
Sensitive Personal Data
Cross-Border Data Transfers
International and Regional Compliance (GDPR, CCPA, GCC)
Policy Updates
Contact Information
Policy Governance
1. What Information Do We Collect?
We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and services, participate in research activities, use our web products, or otherwise contact us.
The personal information that we collect depends on the context of your interactions with us and the website, the choices you make, and the products and features you use. It may include:
Names
Phone numbers
Email addresses
Mailing addresses
Job titles
Self-reported behavioral data
Contact or authentication data
Other personal information
All collected data is classified into Public, Internal, Confidential, or Regulated categories as defined in ArcticBlue’s Information Classification and Handling Policy.
Research-Specific Data
In connection with our product and market research activities, we may also collect:
Survey or interview responses, opinions, and feedback
Interaction data from usability or prototype testing
Audio, video, or screen recordings (only with consent)
Demographic or behavioral data for research segmentation
Research data is typically de-identified or pseudonymized before analysis and used only for the stated research purposes.
2. How Do We Use Your Information?
We use personal information for various business purposes, including but not limited to primary research on behalf of clients.
We may use data to:
Operate, maintain, and improve our website and services
Conduct research and analytics
Communicate with you about participation in research or updates
Comply with legal obligations
Protect against fraud or unauthorized activity
All personal information categorized as Confidential or Regulated is processed in compliance with our internal data-handling policies.
3. Research Data and Participant Privacy
ArcticBlue AI conducts product, usability, and market research to inform product development and support client projects.
Participation in research is always voluntary and based on informed consent. Research data may include opinions, preferences, or recorded interactions. Where possible, such data is anonymized or aggregated before analysis and reporting.
If research data contains personal information, it is processed according to the same safeguards described throughout this Privacy Policy.
Participants may withdraw consent or request deletion of their research data at any time by contacting privacy@arcticblue.ai.
4. Will Your Information Be Shared With Anyone?
We share information only with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.
Legal Bases:
Consent – for specific, voluntary purposes (e.g., research studies)
Legitimate Interests – when reasonably necessary for business operations
Performance of a Contract – to fulfill agreed services
Legal Obligations – when required by law or legal process
5. Who Will Your Information Be Shared With?
We only share and disclose your information with the following third parties:
Cloud Computing Services
Data Analytics Services
Payment Processors
User Account Authentication Services
Customers
6. Do We Use Cookies and Other Tracking Technologies?
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.
Specific details are provided in our Cookie Policy.
7. How Long Do We Keep Your Information?
We retain personal data for as long as necessary for the purposes outlined in this Privacy Policy, unless longer retention is required by law.
Research data is kept only as long as needed to fulfill research objectives and reporting obligations. Identifiable data is deleted or anonymized after project completion.
All retention periods comply with applicable laws and our Information Classification and Handling Policy.
8. How Do We Keep Your Information Safe?
We protect your information through organizational and technical security measures, guided by a comprehensive security framework for all information assets.
Despite our safeguards, no electronic transmission or storage system is 100% secure. We therefore cannot guarantee absolute protection from unauthorized access or disclosure.
All data collected and processed in GCC jurisdictions is handled per local data-protection and cybersecurity regulations.
9. Do We Collect Information From Minors?
We do not knowingly solicit data from or market to children under 18 years of age.
If we learn that personal information from minors has been collected, we will delete it promptly.
10. What Are Your Privacy Rights?
You have the right to access, update, correct, or delete the information we hold about you.
You may also request restriction or object to processing where applicable.
Requests can be sent to privacy@arcticblue.ai and will be handled per applicable laws.
11. Breach Notifications
In the unlikely event of a data breach involving Confidential or Regulated information, ArcticBlue will follow its Information Classification and Handling Policy and notify affected parties within legally required timeframes.
12. Controls for Do-Not-Track Features
Currently, ArcticBlue does not respond to Do-Not-Track (DNT) signals due to the lack of an established standard.
If a recognized protocol emerges, we will update this notice accordingly.
13. Do California Residents Have Specific Privacy Rights?
Yes. California residents have rights under California Civil Code Section 1798.83 (“Shine the Light”) and the California Consumer Privacy Act (CCPA/CPRA), including rights to know, delete, correct, limit use, and opt out of sale/sharing of personal data.
14. Roles and Responsibilities: Controller and Processor
Depending on the context, ArcticBlue AI may act as:
A Data Controller when conducting independent research or managing its own services; or
A Data Processor when performing research or analytics under a client’s direction.
In both cases, we process personal data lawfully and securely.
15. Sensitive Personal Data
Sensitive personal data includes information about racial or ethnic origin, political opinions, religious beliefs, trade-union membership, genetic or biometric data, health information, or sexual orientation.
We do not intentionally collect such data unless required for research with explicit consent.
16. Cross-Border Data Transfers
Personal data may be transferred internationally where necessary for service delivery or research analysis.
We ensure:
Compliance with applicable authorization or approval requirements
Use of Standard Contractual Clauses (SCCs) or equivalent safeguards
Protection of individual rights regardless of data location
17. International and Regional Compliance (GDPR, CCPA, GCC)
European Economic Area (EEA) and United Kingdom
We comply with GDPR and UK GDPR, providing rights to access, rectification, erasure, portability, restriction, objection, and freedom from automated decision-making.
Supervisory authority contact details are available at
https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
United States (California)
We follow CCPA/CPRA obligations, ensuring transparency around categories of data collected, sources, and disclosure practices.
Gulf Cooperation Council (GCC)
We comply with privacy laws in the UAE, Saudi Arabia, Qatar, Bahrain, Kuwait, and Oman, including:
Reliance on consent as a primary basis for processing
Observance of data-localization or transfer restrictions
Respect for rights to access, correction, deletion, and withdrawal of consent
Availability of this policy in Arabic where required
18. Policy Updates
We may update this Privacy Policy from time to time.
When updates occur, the “last updated” date will be revised, and—where required by law—we will notify you by email or through our website.
19. Contact Information
Data Protection Officer (DPO)
ArcticBlue AI
Email: privacy@arcticblue.ai
Regional Data Protection Contact (GCC)
ArcticBlue AI — GCC Data Protection Office
Email: privacy@arcticblue.ai
Where required by law, this Privacy Policy is available in English and Arabic. In the event of inconsistency, the version most protective of the data subject prevails.
20. Policy Governance
This policy is governed by ArcticBlue’s broader security and compliance framework, including the Information Classification and Handling Policy, Business Resiliency Policy, and Secure Development Lifecycle.
Responsibility for enforcement lies with the Data Protection Officer (DPO) and the Security and Compliance Team.
