legal

Arkus privacy policy

Arkus AI AB (“Arkus,” “we,” “us,” or “our”) provides an AI platform that enables organizations to design, deploy, and operate AI agents and intelligent workflows, particularly for digital health, healthcare technology, and life sciences applications.

We are committed to protecting the privacy and security of personal data and complying with applicable privacy laws, including:

  • EU General Data Protection Regulation (GDPR)
  • UK GDPR
  • Swiss Federal Act on Data Protection
  • Other applicable international privacy laws.

This Privacy Policy explains how Arkus collects, uses, processes, and protects personal information when you access or use our:

  • website arkus.ai
  • Arkus AI Agent Builder platform
  • related services, APIs, and integrations

(collectively referred to as the “Services”).

By using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Personal Data

For the purposes of this Privacy Policy, personal data means any information relating to an identified or identifiable natural person.

Examples may include:

  • name
  • business email address
  • phone number
  • account username
  • IP address
  • device identifiers
  • usage logs
  • authentication tokens
  • technical telemetry

Personal data does not include anonymized or aggregated information that cannot reasonably be linked to an individual.

Arkus does not intentionally collect special category personal data, such as:

  • health records
  • genetic data
  • biometric identifiers
  • precise geolocation

Customers are instructed not to upload such data unless they have appropriate legal authority and safeguards in place.

2. Information We Collect

Information You Provide

When you interact with our Services, you may provide personal data such as:

  • account registration details
  • business contact information
  • support requests or communications
  • subscription and billing details

Payments are processed through secure third-party providers (for example Stripe). Arkus does not store full payment card details.

Information Collected Automatically

When you use the Services, we automatically collect technical information including:

  • IP address
  • browser type and device information
  • operating system
  • timestamps of activity
  • platform interactions
  • error logs and debugging data

This information helps us maintain platform security and performance.

Usage and Analytics Data

We collect information about how users interact with the platform, such as:

  • prompts submitted to AI agents
  • agent executions
  • deployment events
  • feature usage
  • system performance metrics

Where possible, analytics data is aggregated or anonymized.

Customer Data

When using the Arkus platform, users may upload or generate Customer Data, such as:

  • code
  • prompts
  • workflow configurations
  • application data
  • outputs generated by AI models

Arkus processes Customer Data only to provide and improve the Services, in accordance with applicable agreements.

3. Data Handling in AI Services

Arkus may transmit data to third-party AI providers when users request AI processing.

Examples may include providers such as:

  • OpenAI
  • Google AI services
  • other AI model providers integrated through Arkus

When you submit prompts or inputs to these models:

  • your data may be transmitted to the provider
  • the provider processes the request and returns an output

Arkus does not control the privacy practices of third-party AI providers.

Users should review the privacy policies of any integrated providers they use.

4. Legal Bases for Processing

Arkus processes personal data only where a lawful basis exists.

Under GDPR, these may include:

Contract Performance

Processing necessary to provide the Services you requested.

Legitimate Interests

Processing necessary for:

  • platform security
  • fraud detection
  • system monitoring
  • product improvement

Consent

Processing based on your consent, including:

  • marketing communications
  • non-essential cookies

You may withdraw consent at any time.

Legal Obligations

Processing required to comply with applicable laws and regulations.

5. How We Use Personal Data

We process personal data to:

  • provide and maintain the Services
  • operate AI agents and platform features
  • manage user accounts and subscriptions
  • process payments and billing
  • improve system performance and reliability
  • detect fraud or abuse
  • respond to support requests
  • communicate product updates
  • comply with legal obligations

Where possible, Arkus uses aggregated or anonymized data for analytics and platform improvement.

6. Healthcare and Sensitive Data

Arkus primarily serves digital health and healthcare technology companies.

However, the platform itself is not intended to store protected health information unless appropriate safeguards and agreements are in place.

Users are responsible for ensuring compliance with applicable healthcare regulations, including:

  • GDPR
  • national healthcare privacy laws
  • applicable medical device regulations

Where healthcare data is processed, customers must ensure appropriate legal basis and safeguards.

7. Data Sharing and Sub-Processors

Arkus may share data with trusted third-party providers that help us operate the platform.

These may include providers for:

  • cloud infrastructure and hosting
  • analytics services
  • customer support tools
  • payment processing
  • AI model providers

All sub-processors are subject to contractual obligations to protect personal data.

8. International Data Transfers

Arkus may transfer personal data to countries outside the European Economic Area.

When this occurs, we implement safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • approved international transfer mechanisms under GDPR.

These safeguards ensure that personal data receives an adequate level of protection.

9. Cookies and Tracking Technologies

Arkus uses cookies and similar technologies to operate and improve our Services.

These may include:

Necessary Cookies

Required for authentication and platform functionality.

Analytics Cookies

Used to understand platform usage and performance.

Functional Cookies

Used to remember user preferences.

Marketing Cookies

Used to measure marketing effectiveness (where consent is provided).

Users can manage cookie preferences through browser settings or our cookie banner.

10. Data Security

Arkus implements industry-standard security practices to protect personal data.

Security measures include:

  • encryption of data in transit
  • encrypted storage where applicable
  • role-based access controls
  • multi-factor authentication
  • continuous system monitoring
  • security audits and risk assessments

While we take strong security measures, no system can guarantee absolute security.

11. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy.

Retention may depend on:

  • contractual obligations
  • legal requirements
  • security needs
  • dispute resolution

When data is no longer needed, it will be deleted or anonymized.

Users may request deletion of their personal data by contacting us.

12. Your Privacy Rights

Depending on your location, you may have rights under applicable privacy laws.

These may include the right to:

  • access your personal data
  • correct inaccurate data
  • request deletion
  • restrict processing
  • object to certain uses of data
  • withdraw consent
  • request data portability

Requests can be submitted using the contact details below.

13. Children’s Privacy

The Services are not intended for individuals under the age of 18.

We do not knowingly collect personal data from minors.

If we discover that personal data has been collected from a minor, it will be deleted promptly.

14. Third-Party Services

Our Services may integrate with third-party platforms such as:

  • development tools
  • cloud infrastructure providers
  • payment providers
  • AI model providers

These services operate under their own privacy policies.

Arkus is not responsible for the privacy practices of third-party services.

15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in:

  • legal requirements
  • platform features
  • data processing practices

When material changes occur, we will provide notice through:

  • our website
  • email notifications
  • in-platform announcements

16. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact:

Arkus AI AB

Website: https://arkus.ai
Email: hello@arkus.ai

You may also contact your local data protection authority if you believe your data rights have been violated.