.svg){kind=small}
Sysarb AB (org. nr 556681-8828), Järntorget 12A, 732 30 Arboga, Sweden, is the data controller for the processing of personal data described in this policy.
This privacy policy explains how we collect, use, share, and protect personal data when you interact with us as a website visitor, prospect, customer, job applicant, or business contact. It covers our obligations under the EU General Data Protection Regulation (GDPR) and the EU AI Act (Regulation 2024/1689).
This policy does not cover the processing of customer employee data within the Sysarb platform, which is governed by separate Data Processing Agreements between Sysarb and each customer.
Data Protection Officer: Peter Wäfors
Email: dpo@sysarb.com
We collect different categories of personal data depending on how you interact with us:
• Device and browser information (IP address, browser type, operating system, screen resolution)
• Usage data (pages visited, time on site, referring URL, clicks)
• Cookie identifiers and similar tracking technologies (see Section 8)
• Contact information (name, work email, phone number, job title, company)
• Professional profile information (company size, industry, country)
• Communication history (emails, form submissions, meeting bookings)
• Engagement data (email opens, content downloads, webinar attendance)
• Account information (name, work email, role, company)
• Support interactions (chat conversations, support tickets, feedback surveys)
• Meeting recordings and transcripts (when enabled and with prior notice)
• Satisfaction survey responses
• Application data (name, email, phone, CV, cover letter)
• Interview notes and assessments
• References (when provided by the applicant)
• Background screening data (criminal record check, risk pattern analysis — conducted via Svensk Bakgrundsanalys for candidates progressing to the offer stage)
• Visitor name, company, host, and time of visit
3. Why We Process Your Data and Our Legal Basis
We process personal data for the following purposes, each supported by a legal basis under GDPR Article 6:
Sysarb uses AI-powered features in several of its internal tools and services. In compliance with the EU AI Act (Regulation 2024/1689), we are transparent about where AI is used and how it processes personal data.
None of our AI use cases are classified as high-risk under the AI Act. We classify all current AI uses as limited-risk or minimal-risk systems. We do not use AI for automated decision-making that produces legal effects on individuals. This classification is reviewed at least annually and whenever new AI use cases are introduced.
The following AI-powered features may process your personal data:
• Human oversight: All AI-generated content that is sent to external parties is reviewed by a Sysarb employee before sending.
• No training on your data: Our agreements with AI providers explicitly prohibit the use of your data to train AI models.
• Data minimisation: We configure AI integrations to process only the data necessary for the intended purpose.
• Transparency: We inform you when you are interacting with an AI system (e.g., Intercom Fin) or when a meeting is being recorded for AI transcription.
• Audio and video recordings are personal data but are NOT classified as sensitive data (special categories under GDPR Article 9), as they are not used for biometric identification purposes.
• Disclosure: Where AI is used to generate content that is sent to external parties (e.g., sales emails, support responses), the communication includes a notice that AI was used in its preparation, in compliance with the EU AI Act (Art. 50, proactively applied ahead of the August 2026 compliance date).
We share personal data with the following categories of service providers (sub-processors) who process data on our behalf under Data Processing Agreements. We do not sell your personal data.
Järntorget 12 A
732 30 Arboga
+46 589-501 60
