Privacy Policy.

Last updated: 2026 — placeholder, pending legal review.

This Privacy Policy explains how DroneHire collects, uses, shares and protects your personal data when you use our website and services. We are committed to handling your data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish data protection law.

1. Who we are (Data Controller)

DroneHire is a brand owned and operated by Arora Group AB, a company registered in Sweden (Organization Number 559579-7092). Arora Group AB is the data controller responsible for your personal data. For any privacy question or to exercise your rights, contact us at support@dronehire.se.

2. Information we collect

Depending on how you use DroneHire, we may collect:

  • Account data: your name, email address, phone number, city, password (stored encrypted), and your role (customer or creator).
  • Profile data (creators): your handle, bio, avatar, licence details, rates, availability, specialisations and services, and links to your website, Instagram or LinkedIn.
  • Portfolio content: images, videos and descriptions you upload to showcase your work.
  • Project and proposal data: project descriptions, budgets, dates, locations, proposals, quoted prices and agreed terms.
  • Payment preferences: the payment method and terms you choose to arrange between yourselves (we do not currently process or store card details).
  • Messages and reviews: content you send through our messaging feature and reviews you leave or receive.
  • Technical data: IP address, browser type, device information, pages visited, and cookies or similar technologies (see our Cookie Policy).
  • Communications: any correspondence you have with us by email or support channels.
Signing in with Google (optional)

You can optionally create an account or sign in using Google. If you choose to do so, authentication is provided through Google OAuth, and Google shares basic profile information with us — your name and email address. We store only the information necessary to create and operate your account. Google sign-in is entirely optional: you can always register and sign in with your email and password instead, and existing accounts are never required to use it.

3. How we use your data and our legal bases

We process your personal data for the following purposes, relying on these GDPR legal bases:

  • To create and manage your account and provide the platform — performance of a contract.
  • To display creator profiles and portfolios and connect customers with creators — performance of a contract and our legitimate interest in operating the marketplace.
  • To enable messaging, proposals, bookings and reviews between users — performance of a contract.
  • To keep the platform secure, prevent fraud and abuse, and improve our services — our legitimate interests.
  • To send you service-related and, where you have opted in, marketing communications — consent and/or legitimate interest.
  • To comply with legal, accounting and tax obligations — compliance with a legal obligation.
  • For optional cookies and analytics — your consent.
4. Sharing your information

We do not sell your personal data. We share it only as needed to run the service:

  • With other users: your public profile, portfolio, and the information required to complete a project (for example contact details shared once a booking is agreed) are visible to the other party.
  • With service providers: hosting, cloud storage, email and similar providers who process data on our behalf under a data processing agreement.
  • For legal reasons: where required by law, court order, or to protect our rights, users, or the public.
  • In a business transfer: if Arora Group AB is involved in a merger, acquisition or sale of assets, data may be transferred as part of that transaction.
5. International transfers

We aim to keep your data within the EU/EEA. If any provider processes data outside the EU/EEA, we ensure appropriate safeguards are in place, such as the European Commission's Standard Contractual Clauses.

6. How long we keep your data

We keep your personal data only as long as necessary for the purposes described above — for as long as your account is active, and afterwards where needed to meet legal obligations (for example accounting records), resolve disputes, or enforce our agreements. When data is no longer needed, we delete or anonymise it.

7. How we protect your data

We use appropriate technical and organisational measures to protect your data, including encrypted passwords, access controls and secure hosting. No system is completely secure, so we cannot guarantee absolute security, but we work to protect your information and to notify you and the authorities of any breach where required by law.

8. Your rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data ("right to be forgotten") where applicable.
  • Restrict or object to certain processing.
  • Data portability — receive your data in a portable format.
  • Withdraw consent at any time, without affecting processing already carried out.

To exercise any of these rights, email support@dronehire.se. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) if you believe your data has been handled unlawfully.

9. Children

DroneHire is intended for users aged 18 and over. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us and we will delete it.

10. Cookies

We use cookies and similar technologies to operate and improve the platform. For details on which cookies we use and how to manage them, please see our Cookie Policy.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here and change the "last updated" date. Significant changes will be communicated where appropriate.

This page is a plain-language placeholder and is not legal advice. It must be reviewed and adapted by a qualified lawyer, and updated to reflect the actual data processing, service providers and cookies in use, before launch.