company logo of pandion ai
    Home
    Industries
    Showcases
    Alert Deliveries
    Blogs
    About
company logo of pandion ai
company logo
company logo

Company

    About UsNewsContact usPrivacy PolicyCookies Policy

Solutions

    Alert DeliveriesServicesShowcases

Contacts

+46 736 60 01 22info@pandionai.com

PandionAI c/o United Spaces, Kungsgatan 64, 111 22 Stockholm

 
markus
Markus SkogsmoCEO of PandionAImso@pandionai.com
markus
Olof JohanssonCTO of PandionAIojo@pandionai.com
Request a DemoRead more about AlertSat

PandionAI Website Privacy Policy

PandionAI AB, Version 1.1, Effective 8 May 2026

This Privacy Policy explains how PandionAI AB ("PandionAI", "we", "us"), org. nr. 559208-7984, Kungsgatan 64, 111 22 Stockholm, processes personal data when you visit the PandionAI corporate website at pandionai.com (the "Website").

PandionAI is the controller for the personal data described in this Policy. For the AlertSat Portal product at alertsatportal.com, see the separate AlertSat Portal Privacy Policy.

1. Personal data we process

We process the following categories of personal data when you visit the Website:

  • Visitor data — IP address (anonymised by Google Analytics) and derived approximate location, browser type and version, device type, operating system, referring page, pages visited and time on page. Cookieless aggregate data is collected by Vercel; cookie-based analytics is collected by Google Analytics 4 only after you give consent through our cookie banner.
  • Contact form data — when you submit our contact form, your name, email address, organisation, and the content of your message. Submissions are sent to info@pandionai.com by email.
  • Newsletter data — when you sign up for our newsletter, your email address and any other details you provide. The newsletter is delivered via HubSpot.
  • Communication data — our replies to you and any follow-up correspondence.

2. Why we process your data, and the legal basis

We process personal data on the following legal bases under Article 6(1) GDPR:

  • Consent (Article 6(1)(a)) — for Google Analytics tracking and any non-essential cookies, and for sending you our newsletter (with double opt-in confirmation). You give consent through our cookie banner or, for the newsletter, by confirming your email address. You can withdraw consent at any time.
  • Legitimate interests (Article 6(1)(f)) — for cookieless aggregate analytics provided by Vercel (page views, performance metrics, no individual tracking), and to operate the Website securely. Our interest in running an informative public website is balanced against the limited and aggregate nature of the data.
  • Performance of a contract or pre-contract steps (Article 6(1)(b)) — where you contact us through the contact form or by email about our products, services, or potential collaboration, we process your contact details to respond and to evaluate the opportunity.
  • Legal obligation (Article 6(1)(c)) — to comply with bookkeeping and other legal duties where applicable.

3. How long we keep data

  • Vercel cookieless analytics — aggregated and retained for up to 24 months.
  • Google Analytics 4 — retained for 14 months from collection (only collected if you give consent).
  • Contact form and email correspondence — 3 years from the last interaction, unless a longer period is needed for an active commercial relationship or legal duty.
  • Newsletter subscription — until you unsubscribe, plus a short suppression record so we do not contact you again after withdrawal.

4. Sub-processors and recipients

We use sub-processors to operate the Website. Each is contractually bound to data-protection obligations equivalent to those in this Policy.

  • Vercel Inc — front-end hosting and cookieless analytics for pandionai.com, EU regions where available. EU Standard Contractual Clauses apply for any US transfer.
  • Google Ireland Limited / Google LLC — Google Analytics 4 (only if you consent through the cookie banner). EU Standard Contractual Clauses and Google Consent Mode v2 apply; data is regionalised in the EU where supported. We do not use Google Signals, advertising features, or cross-device tracking.
  • Cookiebot (Cybot A/S, Denmark) — cookie consent management. EU-based provider.
  • HubSpot Inc — newsletter delivery and subscriber management. US-based, EU Standard Contractual Clauses apply. We use HubSpot only for the newsletter; we do not use HubSpot tracking pixels, marketing analytics, or advertising features.
  • one.com (Group.one A/S, Denmark) — email hosting for our staff communications and inbound contact form submissions.
  • Asana Inc — internal task management which may include records of enquiries from website visitors. US-based, EU Standard Contractual Clauses apply.
  • Storegate AB (Sweden) — document storage, EU-based.

We may also share data with public authorities when required by law, in connection with a corporate transaction (with notice to you), or to protect our rights.

5. International transfers

Personal data is stored in the EU/EEA by default. Where a sub-processor is US-headquartered (notably Vercel, Google, HubSpot, and Asana), transfers are governed by the European Commission Standard Contractual Clauses (Decision 2021/914) and additional safeguards as needed under Schrems II. For Google Analytics, we use Google Consent Mode v2 and have configured the GA4 property with EU regional processing where supported.

6. Cookies and consent

Essential cookies are set when you visit the Website (such as session cookies and consent preference cookies). These are necessary for the Website to work and do not require consent.

Non-essential cookies, including those set by Google Analytics 4, are loaded only after you give consent through the Cookiebot consent banner that appears on your first visit. Until you give consent, Google Analytics does not collect data, in line with Google Consent Mode v2.

HubSpot may set cookies when you submit the newsletter form. These are limited to what is needed to remember your submission and prevent duplicate sign-ups; HubSpot tracking pixels for marketing analytics are turned off.

You can change your consent at any time by clicking the "Cookie settings" link in the Website footer or by clearing your browser cookies and revisiting the Website.

For full details of every cookie set on the Website, see our separate Cookie Policy.

7. Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you;
  • ask us to correct inaccurate data;
  • ask us to delete data (right to erasure), subject to legal retention duties;
  • ask us to restrict processing, or object to processing based on legitimate interests;
  • receive your data in a portable format;
  • withdraw any consent you gave (this does not affect lawfulness of processing before withdrawal);
  • complain to a supervisory authority. The Swedish authority is Integritetsskyddsmyndigheten (IMY), imy.se.

To exercise any right, contact us at info@pandionai.com. We will reply within one month. To unsubscribe from the newsletter, use the unsubscribe link in any newsletter email.

8. Security

We protect personal data with technical and organisational measures appropriate to the risk, including encryption in transit (TLS 1.2 or higher), least-privilege access controls for our team, EU/EEA hosting where possible, and regular review of sub-processor security postures.

9. Changes to this Policy

We may update this Policy from time to time. The current version is always at pandionai.com/privacy with its effective date.

10. Contact

PandionAI AB, Kungsgatan 64, 111 22 Stockholm, Sweden, org. nr. 559208-7984.

Email:

info@pandionai.com