Last updated: July 2022
Riskonnect (“we” or “us” or “our”) respects the privacy of our users (“user”, “your” or “you”). This Privacy Notice explains how we collect, use, disclose, and safeguard your data when using our website and participating in our marketing activities. Please read this Privacy Notice carefully. Your continued use of Riskonnect’s website and participation in our marketing activities imply your consent with the terms of this Privacy Notice.
Riskonnect reserves the right to make changes to this Privacy Notice at any time and for any reason. Riskonnect will alert you about any changes by updating the “Last updated” date of this Privacy Notice located above. You are encouraged to periodically review this Privacy Notice to stay informed of any changes to it. Your continued use of the Riskonnect website after the date such revised Privacy Notice is posted will constitute your acceptance of it, and you will be subject to its terms. Please refer to the Riskonnect Product Privacy Notice for information about how we use your data when you use our products.
Important: This Privacy Notice describes how Riskonnect uses your data but is limited to:
- Collection of data on our website – Riskonnect acts as a data controller for the data it collects on its website. This may include gathering data from our website visitors for the purposes of conducting business or when hosting events.
- Collection of data by third parties – Riskonnect may use third parties which act as data controllers in providing Riskonnect with personal data. This data may be gathered from the third party’s website, services or through other interactions and then sold to us as a service. Please refer to their privacy notices for more information.
- Data collected by Riskonnect for marketing purposes.
- Marketing communications using your personal data.
COLLECTION OF YOUR DATA
Riskonnect may collect data about you in a variety of ways. The data collected may include your name, email address, IP address, office/cell phone number, location, LinkedIn URL or social media IDs.
You may provide personal data to us when you interact with us on behalf of your organization. We may collect, use, store and transfer different kinds of personal data about you. Your personal data is used according to the guidelines set out in local laws and regulations. Riskonnect does not sell your personal data.
Personal data is defined as demographic or other personally identifiable information (such as your name and email address) that is provided to Riskonnect when you interact with us. This data may be provided during activities such as social media posts, posting messages in comment
sections, registering for our webinars or whitepapers, event registration, website contact forms, liking social media posts, sending feedback, or responding to our surveys. If you choose to share data about yourself via these methods, the data you disclose is either disclosed voluntarily or becomes publicly available information. In all of these cases, your data may be accessed and used by Riskonnect’s personnel and will be subject to Riskonnect’s data retention policies.
When you visit our website, we may gather data such as your IP address, browser type or the referring site. If you visit our website in response to an email, social media post or a posted article, we may gather additional data such as your employer, title, or work address that you provided to a third-party site.
Riskonnect does not collect financial data on its website.
Data from Social Networks
User data may be gathered from social networking sites such as Facebook, LinkedIn, Instagram, Pinterest, Twitter, etc. This may include your legal name, social network username, location, gender, birth date, email address, profile picture, and any other publicly available data for contacts, when you “like” or “follow” us or interact with our postings or advertising. This data may also include the contact information of anyone you invite to view, comment or follow us. The data shared with us is at the discretion of the social media network.
When you visit our website, we determine your country of origin. We also use Google Analytics, a tool which collects additional data about your visit. The raw data collected by Google Analytics is not accessible, examined or stored on our servers or databases.
Our website does not send push notices.
We do not share or sell the personal data provided to us by third parties. These third parties may share your data with companies other than Riskonnect, but we have no access to or control of their business or collection practices. Please refer to their privacy notice(s) for more information. Riskonnect does not sell or share data received from these third parties.
In order to deliver relevant marketing content to you and to measure or understand the effectiveness of our marketing campaigns, we may collect data from you, such as your Riskonnect marketing communications preferences, the delivery method and the communication frequency.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. Your personal data is used to form a view on what we think you may want or need, or what might be of interest to you.
You will receive marketing communications from us if you have requested information or purchased our services, or where we think our services would be of interest to you and you have not opted out of receiving that marketing communication.
We also collect, use and share aggregated data such as usage, statistical or demographic data. Aggregated data could be derived from your personal data but is not considered personal data, as this data cannot be reasonably used to identify you directly or indirectly. For example, we may aggregate your usage data with other users to calculate the percentage of users accessing a specific website feature or page. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
We do not collect any special categories of personal data about you. Special category of data includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, gender identity, political opinions, trade union membership, your health data, genetic data and biometric data. Nor do we collect any information about criminal convictions or offenses.
You can request that we stop sending you marketing messages at any time by clicking the opt-out links on any marketing message sent to you or by contacting us at firstname.lastname@example.org. When you opt out of receiving our marketing messages, we may still send you non-marketing related messages. These messages may be about a purchase, service experience or other transaction that you have made with us.
If you no longer wish to receive correspondence, emails, or other communications from our third parties, you are responsible for contacting the third party directly.
Personal Data Collection Methods
We use different methods to collect data from and about you, including the following:
- Direct interactions – You provide us with your personal data by completing forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- Register on our website.
- Register for events such as webinars or conferences.
- Request information regarding our services.
- Request marketing materials to be sent to you.
- Request customer support.
- Purchase or sell our products or services on behalf of your organization.
- Provide a business card or other contact information at our event booth.
- Provide us feedback or contact us.
- Third parties or publicly available sources – We receive personal data in several ways. We purchase personal data from third parties and from publicly available information sources. The types of personal data we collect from other sources include identifiers, professional or employment-related information, educational information, visual information, internet activity information, and inferences about preferences and behaviors. Your personal data is provided from sources such as the following:
- Data brokers that collect business contact information, including mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs and custom profiles. This information is used for the purposes of targeted advertising, delivering relevant email content, event promotion, event profiling, determining eligibility, and verifying contact information.
- Individuals at your organization who provide us with your contact details for the purposes of obtaining and/or maintaining services.
USE OF YOUR DATA
Having accurate information about you allows us to provide a smooth, efficient, and customized website experience. Specifically, we may use the data collected about you to:
- Create and manage your account.
- Fulfill and manage purchases, orders, payments, and other transactions.
- Generate a configuration profile about you to make your future use of our site more personalized.
- Increase the efficiency and operation of our sales and marketing operations.
- Notify you of updates and available upgrades to Riskonnect’s product lineup or its software.
- Provide you with the latest industry news and news about Riskonnect.
- Perform other business activities as needed.
DISCLOSURE OF YOUR DATA
We may share the data we have collected about you in certain situations, including the following:
Law Enforcement Orders or Policy Violations
We may release data about you under the following conditions:
- To respond to court or law enforcement orders or investigations.
- To investigate or remedy potential violations of our policies.
- To protect the rights, property, and safety of others.
In these circumstances we may share your data as permitted (or required) by any applicable law, rule, or regulation. This includes exchanging data with outside entities for the purposes of fraud protection and credit risk reduction.
Third-Party Service Providers
A third-party provider may share your data with other third parties that perform services for them or on their behalf. This may include payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. Please refer to their privacy notice(s) for more information.
We share your data with third parties in the execution of those duties listed in the Marketing section of this Privacy Notice.
Riskonnect does not provide third-party advertising companies with your data. However, we do use advertising partners that host our ads, report to us on the user’s interaction with those ads and direct traffic to our website.
We use several marketing firms to place ads, conduct webinars and to gather contact information for our marketing campaigns. The contact information is developed by affiliate firms and provided to us as a service. The contact information is stored in our customer engagement tools and used for marketing outreach.
We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails or other communications from third parties, you are responsible for contacting the third party directly.
We offer items such as e-books, industry news and whitepapers on our website in exchange for your contact information. If you provide such information, it is stored in our customer relationship management (CRM) platform and other third-party marketing platforms that we use.
Social Media Contacts
If you interact with us through social media, your data on the social media platform will be shared with us to the extent allowed by the platform. What is shared with us is at the discretion of the social media platform and in accordance with its policies.
Transfer of Ownership
If we reorganize, sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your data to the successor entity. If we go out of business or enter bankruptcy, your data would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur, and that the transferee may decline to honor the commitments we made in this Privacy Notice.
Cookies and Web Beacons
If you interact with our ads on the Internet or within an email, you will be redirected to a page within our website. Depending on your settings, cookies may retain a record of your visit to our website (as previously described).
We use several tools to monitor the effectiveness of our website and your interactions with it. This data is not considered personal data as we do not collect data that can be reasonably used to identify you directly or indirectly. The data is stored in our analytic tools (e.g., Google Analytics) to help us improve the website’s experience. If you are in the EU and visit the US website, your personal data is not shared or transferred to us.
If you wish further information on how we use this data, please contact us at email@example.com.
SECURITY OF YOUR DATA
We use administrative, technical, and physical security measures consistent with legal and regulatory requirements to help protect your personal data. These methods are designed to protect against unlawful or unauthorized destruction, loss, alteration, use or disclosure of, or access to, your personal data.
POLICY FOR CHILDREN
We do not knowingly solicit data from, or market to children under the age of 13. If you become aware of any data that we or an affiliate company has collected from children under the age of 13, please contact us using the contact information provided below.
CONTROLS FOR DO-NOT-TRACK FEATURES
We comply with your settings. If your browser has activated the Do Not Track option, with your browser settings set to reject cookies, then we do not collect your personal data from our website.
OPTIONS REGARDING YOUR DATA
Our website provides a secure link to your Riskonnect product’s secure login portal that is hosted outside of our marketing website. The data used to access your account is not retained or viewed by us. Your account and the data associated with it are subject to our Product Privacy Notice. You may sign in or update your account via the product website to which you are directed from the hosting platform.
Disclosure of Your Personal Data
We may share your personal data with various third parties, including as follows:
We may share your personal data with our contracted service providers who provide us with services such as IT services, system administration, hosting, credit card processing, research and analytics, marketing, customer support, and data enrichment.
If you attend an event, conference, webinar organized by us, or register for an event through our website, we may share your personal data with sponsors of the event. If required by applicable law or regulation, you will consent to such sharing via the registration form or by allowing your attendee badge to be scanned at a vendor’s booth. In these circumstances, your data will be subject to the sponsor’s privacy notice(s). If you do not wish for your data to be shared, you may decline to opt-in by declining the event/webinar registration or electing to not have your badge scanned.
Customers with Which You Are Affiliated:
If you use our services as an authorized user of one of our customers, we may share your personal data with that customer, who is responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies.
Third-Party Networks and Websites:
Third-party social media networks, advertising networks and websites will share your data with us so that we can better market and advertise on third-party platforms and websites. Riskonnect does not share personal data with those networks.
In individual instances, we may share your personal data with professional advisers acting as service providers, processors, or joint controllers. This may include lawyers, bankers, auditors, and insurers (based in the countries where we operate) who provide us with consultancy, banking, legal, insurance and accounting services. This is only done when we are legally obligated to share, or have a legitimate interest in sharing, your personal data.
We share your personal data internally with other affiliated entities that are controlled by Riskonnect, Inc. The data we share is necessary to fulfill requests you have submitted on our website. Data is also shared for customer support, marketing, technical operations, and account management purposes. Riskonnect’s affiliates are currently located in the USA, UK, Ireland, Australia and India.
We may also share personal data (as part of a transaction) with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, the new owners may not use your personal data in the same way as set out in this Privacy Notice, as further described in Transfer of Ownership above.
We require all third parties to respect the security of your personal data and to treat it in accordance with applicable legal and regulatory requirements.
Your personal data may be collected, accessed, transferred to, and stored by us in the USA and by our affiliates and third parties (as described above under Riskonnect Affiliates) that are based in other countries.
Whenever we transfer your personal data to these third parties, we ensure that the recipient of your personal data offers an adequate level of protection and security, including by providing
entering into Standard Contractual Clauses and/or International Data Transfer Agreements or other alternative mechanisms for data transfers, as approved by applicable regulators.
Please contact us if you want further information on the specific mechanism(s) used by us when transferring data to third parties located outside the USA.
We retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, as described in this Privacy Notice. This also applies to satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of future litigation.
For EU or UK residents, in some circumstances you may request that we delete or update your data. Please see Your Legal Rights in the EU and the UK below for further information.
For California residents, please see California Privacy Rights below for more information on our data retention practices with respect to your personal data.
In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for our business purposes, including for research and analysis, or as otherwise permitted by applicable laws and regulations.
Your Legal Rights in the EU and the UK
If you are based in the EU or the UK, you have rights under applicable EU and UK laws and regulations with respect to your personal data. You have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request a correction of the personal data we hold about you. This enables you to have any incomplete or inaccurate data corrected, though we will verify the accuracy of the new data that you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data when there is no reason for us to continue processing it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your data unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your erasure request for specific legal reasons which will be disclosed to you, if applicable, at the time of your verified request.
- Object to the processing of your personal data where we are relying on a legitimate interest (or that of a third party). In some cases, we may demonstrate that we have compelling legitimate grounds to process your data which overrides your rights and freedoms.
- Object to the location where we are processing your personal data for direct marketing purposes.
- Request restriction of your personal data processing. You may request us to suspend your personal data processing under the following scenarios:
- You want us to establish the data’s accuracy.
- Where our use of the data is unlawful, but you do not want us to erase it.
- Where you need us to hold the data for you if you need the data to establish, exercise or defend legal claims.
- You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide you, or a third party you have chosen, with your personal data in a structured, commonly used, machine-readable format.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect any data that we used or processed before you withdrew your consent. If you withdraw your consent, we may be unable to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
California Privacy Rights
Under the California Consumer Privacy Act and the California Privacy Rights Act, California residents have many of the same rights with respect to their personal data as do EU and UK data subjects, including:
- Right to Disclosure
- Right to Deletion
- Right to Opt-Out
- Right to Nondiscrimination
California residents also have the right to receive information that identifies any third parties with which we have shared their personal data for that third party’s own marketing purposes within the previous 12 months, as well as a description of the categories of personal data disclosed to that third party. You may obtain this information once a year and free of charge by emailing firstname.lastname@example.org
Exercise of Rights and Fees
If you wish to exercise any of the rights described in this Privacy Notice, you may contact us using the information provided under Contact Us below.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request under these circumstances.
What We May Need from You
We may request specific information from you to confirm your identity when accessing your personal data (or to exercise any of your other rights). This is a security measure to prevent unauthorized access. We may also request additional information to speed up our response.
Time Limit to Respond to Your Requests
We will respond to all verifiable consumer requests within 45 days. If additional time is needed, you will be provided with notice of the extension request within the first 45-day period. In this case, we will notify you and keep you updated.
If you have questions or comments about this Privacy Notice or would like to exercise one of your privacy rights, we want to hear from you.
1701 Barrett Lakes Blvd. Suite 500
Kennesaw, GA 30144