Announcing the release of Voysys Free, our self-service tier — no sales call or onboarding

Voysys
Open Menu
Sign inSign up
Sign up

Legal

Privacy Policy

Voysys AB (“Voysys,” “we,” “us,” or “our”) provides teleoperation software, Bifrost cloud infrastructure, customer portal functionality, licensing tools, Voysys Free, and VR/live broadcasting-related services. This Privacy Notice explains how we collect, use, disclose, and protect personal data when individuals use our websites, portal, software, services, or otherwise interact with us.

Last updated: May 25, 2026

1. Introduction

This Privacy Notice is intended to describe Voysys’s practices where Voysys acts as a controller of personal data. Where Voysys processes personal data on behalf of an enterprise customer, Voysys generally acts as a processor, and the customer is responsible for determining the purposes and means of that processing.

2. Our roles

Voysys may act in different roles depending on the context:

  • Controller: We act as a controller when we process personal data for our own business purposes, including account registration, portal administration, authentication, billing, licensing, customer communications, support, security, diagnostics, website operations, and business administration.
  • Processor: We act as a processor when we process personal data on behalf of an enterprise customer in connection with that customer’s use of our teleoperation, relay, or related services. In those cases, we process personal data according to the customer’s instructions and the applicable customer agreement or data processing agreement.

3. Personal data we collect

We may collect the following categories of personal data, depending on how you interact with Voysys and our services.

  • Account and contact information: such as your name, email address, company name, role or job title, phone number, login credentials, account settings, and other information you provide when creating or managing an account.
  • Authentication information: such as information processed through Google Sign-In or other identity providers, including your name, email address, account identifier, hosted domain, email verification status, and related authentication information.
  • Company and billing information: such as company name, business contact details, billing and delivery addresses, VAT or tax identifiers, payment terms, invoice history, and related account administration information. For Voysys Free users, we may not collect billing or payment information unless the user converts to a paid offering or otherwise provides that information.
  • Service configuration information: such as vehicle, camera, operator station, layout, label, or other configuration information that you provide through the services.
  • Licensing and device information: such as license keys or hashes, disk IDs, device identifiers, hardware information, hostnames, license status, license validity period, and related activation information.
  • Connection and session metadata: such as IP addresses, display names, access groups, gateway IDs, operator IDs, vehicle IDs, connection IDs, public keys, relay IDs, timestamps, session status, and related technical metadata used to authenticate, route, secure, and troubleshoot connections.
  • Diagnostics, crash, and performance information: such as application metadata, crash reports, error reports, performance metrics, technical logs, device information, license identifiers, and related information used to detect, diagnose, secure, and improve the services.
  • Website and cookie information: such as information collected through cookies or similar technologies that are necessary to operate our websites, portal, and services. If we use analytics, advertising, or other non-essential tracking technologies, we will provide additional notice and choices where required.
  • Communications and support information: such as information you provide when contacting us, requesting support, responding to surveys, participating in sales discussions, or otherwise communicating with Voysys.
  • Customer-controlled data: where enterprise customers use our services to transmit, route, or process their own data, Voysys may process that data on behalf of the customer and in accordance with the customer’s instructions. Where individuals or organizations use Voysys Free outside an enterprise customer agreement, they are responsible for the data, content, video, telemetry, information, and materials they submit, transmit, stream, upload, or otherwise make available through Voysys Free. Voysys does not record or store video content transmitted through Bifrost as part of its relay functionality.

4. How we use personal data

We use personal data for the following purposes:

  • Account and access management: to create accounts, authenticate users, manage logins, administer access rights, and maintain account settings.
  • Service delivery and operation: to provide, operate, maintain, and support the Voysys portal, Bifrost, licensing tools, software, and related services.
  • Connection routing and session management: to authenticate operators, vehicles, devices, and sessions, route connections, maintain service availability, and troubleshoot connection issues.
  • Licensing and activation: to issue, validate, manage, and support software licenses and activations.
  • Billing and customer administration: to manage customers, process invoices, administer billing records, maintain account records, and comply with tax and accounting requirements.
  • Support and communications: to respond to inquiries, provide support, send account, service, and administrative communications, and communicate about updates to our services. To administer Voysys Free account and trials, notify users about trial expiration, evaluation extension requests, enforce license limits, and communicate about paid offerings or related Voysys products and services.
  • Diagnostics, reliability, and improvement: to detect, diagnose, and resolve crashes, errors, performance issues, and service reliability issues, and to maintain, analyze, improve, and develop our services.
  • Security and misuse prevention: to protect accounts, systems, software, customers, and services against unauthorized access, misuse, abuse, fraud, and security incidents.
  • Legal and compliance purposes: to comply with applicable legal, regulatory, contractual, tax, accounting, and recordkeeping obligations, and to establish, exercise, or defend legal rights.

5. Legal bases for processing

Where GDPR applies and Voysys acts as a controller, we rely on the following legal bases, depending on the purpose of the processing:

  • Creating and managing accounts, authenticating users, providing access to the portal, and administering account settings: performance of a contract, where the user has a direct relationship with us; otherwise, our legitimate interests in providing and administering the services.
  • Providing, operating, maintaining, and supporting the portal, Bifrost, licensing tools, software, and related services: performance of a contract; our legitimate interests in operating and improving our services.
  • Authenticating operators, vehicles, devices, sessions, and connections, and routing or troubleshooting connections: performance of a contract; our legitimate interests in providing, securing, and maintaining service functionality.
  • Issuing, validating, managing, and supporting software licenses and activations: performance of a contract; our legitimate interests in license administration and fraud/misuse prevention.
  • Processing invoices, billing records, customer account information, tax records, and accounting records: performance of a contract; compliance with legal obligations; our legitimate interests in customer and business administration.
  • Responding to inquiries, providing support, and sending service or administrative communications: performance of a contract; our legitimate interests in customer support and service administration.
  • Administering Voysys Free accounts and trials, notifying users about trial expiration, evaluating extension requests, enforcing license limits, and communicating about paid offerings or related Voysys products and services: performance of a contract; our legitimate interests in administering Voysys Free, managing trial usage, preventing misuse, and developing customer relationships.
  • Detecting, diagnosing, and resolving crashes, errors, performance issues, and service reliability issues: our legitimate interests in maintaining, securing, and improving our services.
  • Protecting accounts, systems, software, customers, and services against unauthorized access, misuse, abuse, fraud, and security incidents: our legitimate interests in security and misuse prevention; compliance with legal obligations where applicable.
  • Complying with legal, regulatory, tax, accounting, contractual, and recordkeeping obligations, and establishing, exercising, or defending legal rights: compliance with legal obligations; our legitimate interests in legal compliance and dispute management.
  • Processing optional cookies, marketing communications, or optional features where consent is required: consent.

6. How we disclose personal data

We may disclose personal data to the following categories of recipients:

  • Service providers and sub-processors: we use vendors that help us provide hosting, infrastructure, authentication, diagnostics, email delivery, billing, DNS, security, and related services.
  • Affiliates: we may disclose personal data to Serve Robotics and other affiliates for administration, support, legal, security, operational, and business purposes.
  • Enterprise customers and account administrators: where users are associated with an enterprise customer account, certain account, usage, configuration, or service information may be visible to that customer or its authorized administrators.
  • Legal and compliance recipients: we may disclose information where required by law, legal process, government request, or to protect rights, safety, security, and integrity.
  • Business transaction recipients: we may disclose information in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction.
  • We do not sell personal data.

7. Vendors and sub-processors

We use third-party vendors and sub-processors to help us provide, secure, support, and administer our services. These providers may process personal data on our behalf or otherwise receive personal data as necessary to provide their services to us.

Our current vendors and sub-processors include:

  • Google Cloud: hosting, compute, database, storage, logging, secrets management, certificates, DNS, and related infrastructure.
  • AWS: licensing database and related licensing infrastructure.
  • Auth0: authentication and identity management.
  • Sentry: crash reporting, diagnostics, and error monitoring.
  • Postmark: email delivery, including account confirmation emails.
  • Fortnox: invoicing, billing, accounting, and customer administration.
  • Cloudflare: DNS, proxying, content delivery, and related security and availability functions.

8. International transfers

Voysys is based in Sweden. We and our service providers may process personal data in the European Economic Area, the United States, Japan, Australia, and other countries where we or our service providers operate.

Where required, we use safeguards designed to protect personal data in accordance with applicable law, which may include data processing agreements, Standard Contractual Clauses, or other legally recognized transfer mechanisms.

Where Voysys processes personal data on behalf of an enterprise customer, international transfers may also be governed by the applicable customer agreement or data processing agreement.

You may contact us using the details below if you would like more information about the safeguards we use for international transfers.

9. Data retention

We retain personal data for as long as reasonably necessary to provide our services, maintain accounts, operate and secure our systems, comply with legal, tax, accounting, and contractual obligations, resolve disputes, and enforce our agreements.

The specific retention period depends on the type of personal data and the context in which we process it. We determine retention periods based on factors such as the duration of our relationship with the relevant user or customer, the period needed to provide the applicable service or feature, applicable legal and accounting requirements, security and incident-response needs, backup and disaster recovery practices, and customer instructions where we process personal data on behalf of an enterprise customer.

When personal data is no longer needed, we delete, de-identify, or retain it only as permitted or required by applicable law and our retention procedures.

10. Security

We use technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, and disclosure. These measures may include access controls, authentication controls, encryption where appropriate, customer-level access restrictions, logging, and contractual and technical safeguards with service providers.

Access to certain customer and portal data is limited by account roles and customer scoping. Non-admin portal users are limited to data associated with their customer account. Certain authorized administrator users may access data across customer accounts for administration, support, security, and operational purposes.

11. Your privacy rights

Depending on where you are located and the nature of our processing, you may have rights to request that we:

  • Provide access to the personal data we hold about you.
  • Correct inaccurate or incomplete personal data.
  • Delete personal data.
  • Restrict or object to certain processing.
  • Provide a copy of your personal data in a portable format.
  • Stop processing personal data where we rely on your consent and you withdraw that consent.
  • Provide information about how we collect, use, disclose, and retain personal data.

Exercising your rights

You may also have the right to object to certain uses of personal data for direct marketing or to opt out of certain disclosures or uses of personal data where required by applicable law.

If you are located in the EEA, you may lodge a complaint with your local supervisory authority or with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).

To exercise your rights, please contact us using the details below. We may need to verify your identity before responding. Where Voysys processes personal data on behalf of an enterprise customer as a processor, we may direct your request to that customer or handle it according to the customer’s instructions.

12. Deletion requests

You may request deletion of your personal data by contacting us using the details below. We will evaluate and respond to deletion requests in accordance with applicable law.

We may retain certain information where permitted or required by law, including where needed to provide the services, maintain security, comply with legal, tax, accounting, or contractual obligations, resolve disputes, enforce agreements, or maintain backups and business continuity records.

Where Voysys processes personal data on behalf of an enterprise customer as a processor, we may direct the request to that customer or handle it according to the customer’s instructions.

13. Children

Our services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. If we learn that we have collected personal data from a child under 13 without appropriate consent, we will take steps to delete it as required by applicable law.

Voysys Free and our other services may be used only by individuals who are old enough to use the services under applicable law and the applicable terms of service.

14. Third-party services and links

Our websites, portal, or services may include links to third-party websites, services, or integrations. Third-party services process personal data according to their own privacy notices and terms. We are not responsible for the privacy practices of third parties that we do not control.

15. Changes to this privacy notice

We may update this Privacy Notice from time to time to reflect changes in our services, data practices, or legal obligations. If we make material changes, we may provide notice through the website, portal, email, or other appropriate means.

16. Contact us

For questions about this Privacy Notice or our privacy practices, contact Voysys AB, Knäppingsborgsgatan 13B, 602 26 Norrköping, Sweden, info@voysys.se.

For Serve Robotics privacy inquiries, contact privacy@serverobotics.com.