Explore

Who we are

What we do

Resources

Career

Global Search

Search across SysArt

AI transformationon-prem AIsystems thinkingleadership
AI Consulting

Clarify enterprise AI strategy, architecture, and governance decisions.

 Consulting

AI transformation, private AI architecture, and organization design.

 Insights

Systems thinking, agility, AI, and transformation writing.

 Contact

Reach the Stockholm office and consulting team directly.

SysArt

Privacy Policy

How SysArt Consulting collects, uses, stores, and protects personal data through this website.

Last updated: 12 April 2026

This Privacy Policy explains how SysArt Consulting (“SysArt”, “we”, “us”, or “our”) handles personal data collected through the website at sysart.consulting and its related contact channels.

We aim to collect the minimum amount of information reasonably necessary to operate the site, respond to inquiries, protect the service, and maintain our business communications responsibly. If you engage SysArt for consulting or delivery services, separate contractual terms, project documentation, and data processing arrangements may apply in addition to this website policy.

1. Data controller

The data controller for personal data collected through this website is:

2. Scope of this policy

This policy applies to personal data collected when you:

  • visit the website;
  • submit a message through our contact form;
  • communicate with us by email in connection with a website inquiry;
  • interact with embedded third-party content or outbound links made available on the site; or
  • make choices in our cookie or consent interface.

This policy does not automatically govern data processing that may occur in the course of a separate consulting engagement, recruitment process, or commercial relationship unless that processing explicitly references this policy.

3. Categories of data we may collect

Depending on how you interact with the site, we may process the following categories of data:

  • Contact details such as your name and email address when you submit a form or contact us directly.
  • Message content and related correspondence, including the contents of your inquiry and any details you choose to provide.
  • Technical and usage data such as IP address, browser type, operating system, referring page, requested pages, timestamps, and similar server-log information generated when you visit the website.
  • Consent and preference data such as whether you accepted or declined optional cookie categories in the site interface.
  • Embedded-content interaction data where a third-party service such as YouTube or Google Fonts receives technical request data from your browser in order to render content.

Please do not send sensitive personal data or confidential client material through the public website unless it is necessary and appropriate to do so.

4. How we collect personal data

We collect personal data:

  • directly from you, for example when you submit the contact form or email us;
  • automatically from your device or browser, for example through standard server logs and browser requests; and
  • from third-party service interactions, for example when your browser loads externally hosted fonts or embedded media.

5. Purposes of processing

We use personal data for the following purposes:

  • to respond to inquiries and communicate with prospective clients, partners, candidates, or other correspondents;
  • to provide, maintain, secure, and improve the website;
  • to detect abuse, spam, fraudulent activity, or technical misuse of the service;
  • to maintain internal business records and communication history;
  • to comply with legal, regulatory, accounting, or security obligations; and
  • to manage user preferences relating to cookies or similar technologies.

We do not sell personal data, and we do not use the website contact form to build unrelated marketing profiles.

Where the EU General Data Protection Regulation (“GDPR”) or similar laws apply, we rely on one or more of the following legal bases:

  • Legitimate interests: operating and securing the website, handling inbound business communications, preventing abuse, and maintaining records of correspondence.
  • Steps prior to entering into a contract: where you contact us about a potential engagement, service, or partnership.
  • Consent: where consent is required for optional technologies or where you voluntarily choose to provide information in a context that depends on consent.
  • Legal obligation: where processing is necessary to comply with applicable law, lawful requests, accounting rules, or regulatory requirements.

7. Cookies, browser storage, and similar technologies

The website includes a consent interface that allows visitors to make choices about cookie categories. At present, the site primarily uses this mechanism to store your consent preferences in browser storage so that your choices can be remembered on later visits.

The website may also rely on technically necessary mechanisms for:

  • core site delivery and security;
  • remembering consent preferences; and
  • loading external resources requested by the page, such as fonts or media embeds.

You can usually control cookies and browser storage through your browser settings. Blocking certain technologies may affect the operation or presentation of parts of the site.

8. Third-party services and external content

The website may involve third-party services in limited ways, including:

  • Google Fonts, which may receive technical request information from your browser when external font files are loaded;
  • YouTube, where embedded video content is displayed on certain pages;
  • email infrastructure providers, where contact-form submissions are transmitted through our configured mail service; and
  • social media and external websites, if you choose to follow links to third-party platforms.

When you interact with third-party services, their own privacy notices and terms may apply. We do not control the privacy practices of third-party websites, platforms, or services that we do not operate.

9. Sharing of personal data

We may share personal data only where reasonably necessary and proportionate, including with:

  • hosting, infrastructure, and technical service providers;
  • email or communications providers used to deliver website inquiries to our team;
  • legal, compliance, accounting, or professional advisers;
  • public authorities, regulators, courts, or law enforcement where required by law or necessary to protect rights, security, or legal claims; and
  • a successor entity in connection with a business reorganization, merger, acquisition, or asset transfer, subject to applicable confidentiality and legal requirements.

We do not disclose personal data to unrelated third parties for their own independent marketing use.

10. International data transfers

SysArt is based in Sweden, but some technical services involved in website delivery may process data in countries outside your country of residence, including outside the European Economic Area.

Where we transfer personal data internationally, we aim to use appropriate safeguards required by applicable law. These may include adequacy decisions, standard contractual clauses, or comparable transfer mechanisms where relevant.

11. Data retention

We retain personal data only for as long as reasonably necessary for the purposes described in this policy, including:

  • the time needed to respond to and follow up on your inquiry;
  • the period required to maintain business records, security logs, or audit trails;
  • any period necessary to establish, exercise, or defend legal claims; and
  • any longer period required by law, regulation, or legitimate operational necessity.

Retention periods may vary depending on the nature of the information and the context in which it was collected.

12. Security

We use reasonable technical and organizational measures intended to protect personal data against unauthorized access, disclosure, alteration, loss, or misuse. These measures may include encrypted transport, access controls, limited operational access, and security monitoring appropriate to the nature of the website and the information processed.

No internet transmission or storage system can be guaranteed to be completely secure. You should therefore avoid sending highly sensitive information through public web forms unless an appropriate secure channel has been established.

13. Your rights

Subject to applicable law, you may have the right to:

  • request access to personal data we hold about you;
  • request correction of inaccurate or incomplete personal data;
  • request deletion of your personal data;
  • object to certain processing or request restriction of processing;
  • request portability of personal data you have provided to us, where applicable;
  • withdraw consent where processing is based on consent; and
  • lodge a complaint with a competent supervisory authority.

To exercise any of these rights, contact us at info@sysart.consulting. We may ask for information necessary to verify your identity before responding.

14. Children’s privacy

This website is intended for business and professional audiences. It is not directed to children, and we do not knowingly collect personal data from children through the website.

15. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in the website, applicable law, our service providers, or our business practices. When we do, we will publish the updated version on this page and revise the “Last updated” date.

16. Contact

If you have questions about this Privacy Policy or our handling of personal data through the website, contact:

AuthorSysArt Consulting
Last reviewedApril 12, 2026