Last updated: March 21, 2024

Riskonnect (alternatively, “we” or “us” or “our”) respects the privacy of our users (“user”, “your” or “you”). This Privacy Notice explains how we collect, use, disclose, and safeguard your personal data when visiting our website, using our products and services or participating in our marketing activities. Please read this Privacy Notice carefully.

When providing our products and services to our customers, Riskonnect acts as a data processor with respect to the personal data obtained from our customers who act as a data controller. For additional information or how to exercise your privacy rights in connection with such personal data, please refer to the customer’s privacy notice.

Riskonnect reserves the right to make changes to this Privacy Notice at any time and for any reason. Riskonnect will alert you about any changes by updating the “Last updated” date of this Privacy Notice located above. You are encouraged to periodically review this Privacy Notice to stay informed of any changes to it.

If you are a California resident, please review the “California Privacy Notice” section below.

COLLECTION OF YOUR PERSONAL DATA

Riskonnect may collect personal data about you in a variety of ways. The data collected may include your name, email address, IP address, office/cell phone number, financial information, usage and browsing data, data from social networks, geolocation data, and aggregated data.

You may provide personal data to us when you interact with us on behalf of your organization. We may collect, use, store and transfer different kinds of personal data about you.

Personal Data

Personal data is defined as information that can be used to directly or indirectly identify you, or is reasonably linkable to you (such as your name and email address and employment-related information), that is provided to Riskonnect when you interact with us.

This data may be provided during activities such as social media posts, posting messages in comment sections, registering for our webinars or whitepapers, event registration, website contact forms, liking social media posts, sending feedback, or responding to our surveys. If you choose to share data about yourself via these methods, the data you disclose is either disclosed voluntarily or becomes publicly available information.

Riskonnect will collect personal data when a customer purchases its product(s). This information is used to conduct business with the customer. Examples of this type of personal data are name, company address, email, phone number, financial information, and technical specifics.

Riskonnect products collect personal data provided by its customers when carrying out their core functions. However, Riskonnect does not have access to this personal data. This personal data is under the control of the Riskonnect customer who collects the data. For additional information on how to exercise your privacy rights in connection with such personal data, please refer to the customer’s privacy notice.

Financial Data

Customer financial information, such as data related to your payment method (e.g., valid credit card number, credit card details, banking information, etc.) may be collected when you subscribe, update, or discontinue the use of Riskonnect products in the performance of a contract.

Usage and Browsing Data

When you visit our website, we may gather data such as your IP address, browser type or the referring site. If you visit our website in response to an email, social media post or a posted article, we may gather additional data such as your employer, title, or work address that you provided to a third-party site. For more information, please see the “Tracking Technologies” section of our Privacy Notice.

Data from Social Networks

User data may be gathered from social networking sites such as Facebook, LinkedIn, Instagram, Pinterest, X, etc. This may include your legal name, social network username, location, gender, birth date, email address, profile picture, and any other publicly available data for contacts, when you “like” or “follow” us or interact with our postings or advertising. This data may also include the contact information of anyone you invite to view, comment, or follow us. The data shared with us is at the discretion of the social media network.

Geolocation Data

When you visit our website, we determine your country of origin from your visiting IP address. We also use Google Analytics, a tool which collects additional data about your visit.

Marketing

In order to deliver relevant marketing content to you and to measure or understand the effectiveness of our marketing campaigns, we may collect data from you, such as your Riskonnect marketing communications preferences, the delivery method and the communication frequency.

You will receive marketing communications from us if you have requested information or purchased our services, or where we think our services would be of interest to you and you have not opted out of receiving that marketing communication. For information about how to opt out of marketing communications, see the section of this Privacy Notice entitled “Options Regarding Your Data”.

Aggregated Data

We also collect, use and disclose aggregated data such as usage, statistical or demographic data. Aggregated data could be derived from your personal data but is not considered to be personal data, as this data cannot be reasonably used to identify you directly or indirectly. For example, we may aggregate your usage data with other users to calculate the percentage of users accessing a specific website feature or page. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.

Personal Data Collection Methods

We use different methods to collect personal data from and about you, including the following:

  • Direct interactions – You provide us with your personal data by completing forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • Register on our website.
    • Register for events such as webinars or conferences.
    • Request information regarding our services.
    • Request marketing materials to be sent to you.
    • Request customer support.
    • Purchase or sell our products or services on behalf of your organization.
    • Provide a business card or other contact information at our event booth.
    • Provide us feedback or contact us.
  • Automated technologies or interactions – As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our Cookie Policy for further details.
  • Third parties or publicly available sources – We may receive personal data from third parties and from publicly available information sources. The types of personal data we collect from third parties or publicly available sources other sources include identifiers, professional or employment-related information, educational information, visual information, internet activity information, and inferences about preferences and behaviors. Your personal data is provided from sources such as the following:
    • Our customers.
    • Data brokers that collect business contact information, including mailing addresses, job titles, email addresses, phone numbers, internet-related data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs and custom profiles. This information is used for the purposes of targeted advertising, delivering relevant email content, event promotion, event profiling, determining eligibility, and verifying contact information.
    • Individuals at your organization who provide us with your contact details for the purposes of obtaining and/or maintaining services.

USE OF YOUR PERSONAL DATA

We may use the personal data collected about you to:

  • Create and manage your account.
  • Fulfill and manage purchases, orders, payments, and other transactions.
  • Generate a configuration profile about you to make your future use of our site and the use of our products and services more personalized.
  • Provide certain customer support services to you.
  • Increase the efficiency and operation of our sales and marketing operations and our products and services.
  • Notify you of updates and available upgrades to Riskonnect’s product lineup or its software.
  • Provide you with the latest industry news and news about Riskonnect.
  • Perform other business activities as needed.

Our legal basis for processing your personal data will depend on the personal data collected and the specific context in which we collect it. We process personal data from you when:

  • We have your consent to do so;
  • We have a contract with you, and it is necessary to process your personal data to perform our contract with you, including to operate our business, provide our products and services, and provide you with the benefits of our products and services;
  • The processing is in our legitimate business interests, such as operating our business, providing our products and services, improving and developing the services, communicating with you, marketing and advertising our products and services, to identify and protect fraud, protect you, us, or others from security threats by enhancing the security of our network and information systems, and complying with applicable laws and industry regulations; and
  • To comply with legal requirements, including applicable laws and regulations.

DISCLOSURE OF YOUR PERSONAL DATA

We may disclose the personal data we have collected about you in certain situations, including the following:

Law Enforcement Orders or Policy Violations:

We may release data about you under the following conditions:

  • To respond to court or law enforcement orders or investigations.
  • To investigate or remedy potential violations of our policies.
  • To protect the rights, property, and safety of others.

In these circumstances we may disclose your personal data as permitted (or required) by any applicable law, rule, or regulation. This includes exchanging data with outside entities for the purposes of fraud protection and credit risk reduction.

We may also disclose your personal data to various third parties, including as follows:

Service Providers:

We may disclose your personal data to our contracted service providers who provide us with services such as IT services, system administration, email delivery, hosting services, payment processing, research and analytics, marketing, customer support, and data enrichment.

Event Sponsors:

If you attend an event, conference, webinar organized by us, or register for an event through our website, we may disclose your personal data to sponsors of the event. If required by applicable law or regulation, you will consent to such disclosure via the registration form or by allowing your attendee badge to be scanned at a vendor’s booth. In these circumstances, your personal data will be subject to the sponsor’s privacy notice(s). If you do not wish for your data to be shared, you may decline to opt-in by declining the event/webinar registration or electing to not have your badge scanned.

Customers with Which You Are Affiliated:

If you use our services as an authorized user of one of our customers, we may disclose your personal data to that customer, who is responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies.

Third-Party Networks and Websites:

Third-party social media networks, advertising networks and websites will share your data with us so that we can better market and advertise on third-party platforms and websites. Riskonnect does not share personal data with those networks.

Professional Advisers:

In individual instances, we may disclose your personal data to professional advisers acting as service providers, processors, or joint controllers. This may include lawyers, bankers, auditors, and insurers (based in the countries where we operate) who provide us with consultancy, banking, legal, insurance and accounting services. This is only done when we are legally obligated to share, or have a legitimate interest in sharing, your personal data.

Riskonnect Affiliates:

We disclose your personal data internally to other affiliated entities that are controlled by Riskonnect, Inc. The data we disclose is necessary to fulfill requests you have submitted on our website. Data is also disclosed for customer support, marketing, technical operations, and account management purposes. Riskonnect’s affiliates are currently located in the USA, UK, Ireland, Australia, and India.

We may also disclose personal data (as part of a transaction) to third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, the new owners may not use your personal data in the same way as set out in this Privacy Notice, as further described in “Transfer of Ownership” section of this Privacy Notice below.

Marketing Communications:

We disclose your personal data to third parties in the execution of those duties listed in the “Marketing” section of this Privacy Notice. We use several marketing firms to place ads, conduct webinars and to gather contact information for our marketing campaigns. The contact information is developed by affiliate firms and provided to us as a service. The contact information is stored in our customer engagement tools and used for marketing outreach.

Third-Party Advertisers:

Riskonnect does not provide third-party advertising companies with your data. However, we do use advertising partners that host our ads, report to us on the user’s interaction with those ads and direct traffic to our website.

Offer Wall:

We offer items such as e-books, industry news and whitepapers on our website in exchange for your contact information. If you provide such information, it is stored in our customer relationship management (CRM) platform and other third-party marketing platforms that we use.

Social Media Contacts:

If you interact with us through social media, your data on the social media platform will be shared with us to the extent allowed by the platform. What is shared with us is at the discretion of the social media platform and in accordance with its policies.

Transfer of Ownership:

If we reorganize, sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your data to the successor entity. If we go out of business or enter bankruptcy, your data would be an asset transferred or acquired by a third party.

Third-Party Data Practices:

We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails or other communications from third parties, you are responsible for contacting the third party directly.

TRACKING TECHNOLOGIES

Cookies and Web Beacons:

Cookie data is stored on your device when interacting with our website. The account information is encrypted and is stored in the browser’s memory. Please refer to our Cookie Policy on what data is collected and how to manage your preferences.

Internet-Based Advertising:

If you interact with our ads on the Internet or within an email, you will be redirected to a page within our website. Depending on your settings, cookies may retain a record of your visit to our website (as previously described).

Website Analytics:

We use several tools to monitor the effectiveness of our website and your interactions with it. The data is stored in our analytic tools (e.g., Google Analytics) to help us improve the website’s experience.

Chat Bot:

We use a website chatbot powered by ZoomInfo to provide you with information and support. You acknowledge that our chatbot and ZoomInfo may collect, monitor, record, and manage any information (including personal data) that you enter or certain device data and usage data automatically. In addition, your interactions with this chatbot are also subject to ZoomInfo’s applicable terms of use, privacy and data collection policies. Learn more here: https://www.zoominfo.com/privacy-center.

Google Analytics:

We may use Google Analytics, a web analysis service provided by Google, together with other analytics services, in order to better understand your use of our website and how we can improve it. Google Analytics collects information such as how often users visit a website, what pages you visit when you do so, and what other websites you used prior to coming to such website. Google Analytics collects only the IP address assigned to you on the date you visit a website, rather than your name or other directly identifying information. We do not combine the information collected through the use of Google Analytics with your personal data. Although Google Analytics plants a persistent cookie on your web browser to identify you as a unique user the next time you visit a website, the cookie cannot be used by anyone but Google. Google Analytics uses its cookie(s) and the information Google Analytics collects to track your online activities over time and across different websites when you use our website, and other websites. Google’s ability to use and share information collected by Google Analytics about your visits to our website are governed by the Google Analytics Terms of Service and the Google Privacy Policy. Google may utilize the data collected to track and examine the use of our website, to prepare reports on its activities, and share them with other Google services. To more fully understand how Google may use the data it collects through the website, please review “How Google Uses Information From Sites or Apps That Use Our Services” (located here).

Notice of Right to Opt-Out of Sale and Sharing of Personal Data and Targeted Advertising:

As described above, we may collect your personal data via automated technologies via our website and disclose such data to third parties. Under certain U.S. state privacy laws, this may constitute a “sale” or “share” of personal data or processing for “targeted advertising”. We may have “sold” or “shared” personal data, which consists of identifiers, commercial information, internet or other electronic network activity information, and geolocation data to third-party providers and advertising partners to provide you with marketing and advertising and for internal research, analytics, and development purposes. Under certain U.S. state privacy laws, you have the right to opt-out of this disclosure of your information, which may be considered a “sale”, “sharing”, or “targeted advertising” under such laws. You may opt-out of this “sale” or “sharing” of your personal data or “targeted advertising” through: setting the Global Privacy Control Signal, configuring your browser to reject cookies, rejecting cookies in our cookie banner or contacting us at privacy@riskonnect.com.

SECURITY OF YOUR PERSONAL DATA

We use administrative, technical, and physical security measures consistent with legal and regulatory requirements to help protect your personal data. These methods are designed to protect against unlawful or unauthorized destruction, loss, alteration, use or disclosure of, or access to, your personal data.

POLICY FOR CHILDREN

We do not knowingly solicit data from, or market to children under the age of 13. If you become aware of any data that we or an affiliate company has collected from children under the age of 13, please contact us using the contact information provided below.

CONTROLS FOR DO-NOT-TRACK FEATURES

We comply with your settings. If your browser has activated the Do Not Track option, with your browser settings set to reject cookies, then we do not collect cookies from our website.

OPTIONS REGARDING YOUR PERSONAL DATA

Account Data

Our website provides a secure link to your Riskonnect product’s secure login portal that is hosted outside of our marketing website. The data used to access your account is not retained or viewed by us. You may sign in or update your account via the product website to which you are directed from the hosting platform.

Opting Out

You can request that we stop sending you marketing messages at any time by clicking the opt-out links on any marketing message sent to you by us by contacting us at privacy@riskonnect.com . When you opt out of receiving our marketing messages, we may still send you non-marketing related messages. These messages may be about a purchase, service experience or other transaction that you have made with us.

If you no longer wish to receive correspondence, emails, or other communications from our third parties, you are responsible for contacting the third party directly.

International Personal Data Transfers

Your personal data may be collected, accessed, transferred to, and stored by us in the USA and by our affiliates and third parties (as described above under Riskonnect Affiliates) that are based in other countries.

Whenever we transfer your personal data to these third parties, we ensure that the recipient of your personal data offers an adequate level of protection and security, including by entering into Standard Contractual Clauses and/or International Data Transfer Agreements or other alternative mechanisms for data transfers, as approved by applicable regulators.

Personal Data Retention

We retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, as described in this Privacy Notice, or as otherwise required to satisfy any legal, regulatory, tax, accounting, or reporting requirements. We may also retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of future litigation. In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for our business purposes, including for research and analysis, or as otherwise permitted by applicable laws and regulations.

Your Legal Rights

Depending on where you reside, you may have certain rights under data privacy law, including:

  • The right to access or know: You have the right to know what personal data we process about you.
  • The right to correct: You have the right to correct the personal data we hold about you.
  • The right to delete or request erasure of your personal data. This enables you to ask us to delete personal data in certain circumstances. Note, however, that we may not always be able to comply with your deletion or erasure request for specific legal reasons which will be disclosed to you, if applicable, at the time of your verified request.
  • The right to object to the processing of your personal data where we are relying on a legitimate interest (or that of a third party). In some cases, we may demonstrate that we have compelling legitimate grounds to process your data which overrides your rights and freedoms.
  • The right to object where we are processing your personal data for direct marketing purposes.
  • The right to request the restriction of your personal data processing. You may request us to suspend your personal data processing under the following scenarios:
    • You want us to establish the data’s accuracy.
    • Where our use of the data is unlawful, but you do not want us to erase it.
    • Where you need us to hold the data for you if you need the data to establish, exercise or defend legal claims.
    • You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
  • The right to data portability: You may request the transfer of your personal data to you or to a third party. We will provide you, or a third party you have chosen, with your personal data in a structured, commonly used, machine-readable format.
  • The right to withdraw consent: You may withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect any data that we used or processed before you withdrew your consent. If you withdraw your consent, we may be unable to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • The right to opt out of the processing of personal data for purposes of: (i) targeted advertising, (ii) the “sale” of personal data; or (ii) profiling in furtherance of decisions that produce legal or significant effects concerning you.

Exercise of Rights and Fees and Right to Appeal

When we provide our products and services to our customers, we are a data processor with respect to the personal data provided by our customers. In order to exercise your rights described in this Privacy Notice with respect to such personal data, please contact the customer directly.

If you wish to exercise any of the rights described in this Privacy Notice where we are acting as a data controller, you or your authorized agent may contact us at privacy@riskonnect.com. If you would like to opt-out of the “sale” or “sharing” of personal data or “targeted advertising”, you may also opt-out through rejecting cookies on our cookie banner on our website. If you would like to authorize an agent to make a rights request, please have them contact us via the email address, disclosing they are your “authorized agent”.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request under these circumstances.

What We May Need from You

We may request specific information from you or your authorized agent to confirm your identity when exercising any of your rights. This is a security measure to prevent unauthorized access. We may also request additional information to speed up our response.

How to Appeal and Lodge a Complaint

If you submitted a request to exercise your rights and are dissatisfied with the decision made by us, you may have the right to appeal that decision in certain states. Please contact privacy@riskonnect.com to exercise your right to appeal.

If you have a complaint about how we use your personal data, we hope that you will contact us according to the below. However, you can always file a complaint with the data protection authority in your jurisdiction. For more information, please contact your local data protection authority (contact details for data protection authorities in the EEA are available at https://edpb.europa.eu/about-edpb/board/members_en). Contact details for the data protection authority in the UK is available at https://ico.org.uk/.

California Privacy Notice

This portion of our Privacy Notice (the “California Privacy Notice”) applies only to residents of the State of California and provides California residents with certain information under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”). It applies only to the extent of any inconsistency with the information above.

Categories of Personal Data Collected About Consumers

In the past 12 months, we may have collected the following categories of personal data from you: (1) identifiers, such as name, address, online identifiers, internet protocol address, e-mail address, or other similar identifiers; (2) additional personal information described in Cal. Civ. Code Section 1798.80, such as telephone number, employment, and employment history; (3) commercial information such as products, purchased, obtained, or considered or other purchasing or consuming tendencies; (4) internet or other electronic network activity information; (5) geolocation data; (6) professional or employment-related information; and (7) education information.

Categories of Sources from Which Personal Data is Collected

We may have collected personal data about you from the following categories of sources as further described in the “Personal Data Collection Methods” section of the Privacy Notice.

Business or Commercial Purposes for Collecting Personal Data from Consumers

We may have collected any of the categories of personal data collected above for the business or commercial purposes further described in the “Use of Your Personal Data” section of the Privacy Notice.

Categories of Personal Data Sold or Shared to Third Parties

In the past 12 months, we may “sell” or “share” (as such terms are defined in the CCPA) the following categories of personal data: (1) identifiers; (2) commercial information; (3) internet or other electronic network activity information; or (4) geolocation data. We may “sell” or “share” (as such terms are defined in the CCPA) such personal data with third-party providers and advertising partners to provide you with marketing and advertising and for internal research, analytics, and development purposes. We do not knowingly “sell” or “share” (as such terms are defined in the CCPA) personal data of consumers under 16 years of age.

Categories of Personal Data Disclosed to Third Parties

In the past 12 months, we may have disclosed the categories of personal data listed in the “Categories of Personal Data Collected about Consumers” section of this California Privacy Notice to the categories of third parties listed in the “Disclosure of Your Personal Data” section of the Privacy Notice for the business or commercial purposes listed in the “Use of Your Personal Data” section of the Privacy Notice.

Personal Data Retention

The criteria used to determine how long we retain personal data are set forth in the “Personal Data Retention” section of the Privacy Notice.

Use and Disclosure of Sensitive Personal Data

We do not use or disclose your sensitive personal data outside of the following purposes: (1) performing our services; (2) detecting security incidents; (3) resisting malicious, deceptive, fraudulent, or illegal actions; (4) ensuring physical safety; (5) for short-term transient use, including certain non-personalized advertising; (6) maintaining or servicing accounts, providing customer service, verifying customer information, or providing similar services, and (7) verifying and maintaining the quality or safety of a service or product or improving, upgrading, or enhancing a service or product. Accordingly, we do not provide the right to limit the use or disclosure of your sensitive personal data under the CCPA.

CCPA Rights

If you are a California resident, you have certain rights regarding your personal data under the California Consumer Privacy Act and the California Privacy Rights Act subject to certain restrictions under applicable law, including:

  • Right to Know: The right to know what personal data we have collected about you, including the categories of personal data, the categories or sources from which the personal data is collected, the business or commercial purpose for collecting, selling or sharing such personal data, the categories of third parties to whom we have disclosed personal data, and the specific pieces of personal data we have collected about you.
  • Right to Deletion: Subject to certain exceptions, the right to delete personal data that we have collected from you.
  • Right to Opt-Out of Sales and Sharing: The right to opt-out of the sale or sharing (as such terms are defined under the CCPA) of your personal data by us.
  • Right to Nondiscrimination: You have the right to not receive discriminatory treatment by us for the exercise of any of the rights conferred by the CCPA.
  • Right to Correct Inaccurate Personal Data: The right to correct inaccurate personal data that we maintain about you.

How to Exercise Your CCPA Rights

When we provide our products and services to our customers, we are a service provider with respect to the personal data provided by our customers. In order to exercise your CCPA rights with respect to such personal data, please contact the customer directly.

If you are a California resident, you may exercise your CCPA rights where we are acting as a data controller, by emailing privacy@riskonnect.com. You may designate an authorized agent to exercise any of your CCPA rights described in the previous section of this California Privacy Notice on your behalf. Upon receiving your request, we will verify your identity and in order to do so may request information (such as identifiers already known to or collected by us) from you.

You may opt-out of the sale or sharing (as such terms are defined under the CCPA) of your personal data described above by sending certain browser enabled opt-out signals, such as the Global Privacy Control, rejecting cookies through our cookie preference tool, and/or configuring your browser to reject cookies. You may learn more about how to set the Global Privacy Control here: https://globalprivacycontrol.org/.

CONTACT US

If you have questions or comments about this Privacy Notice or would like to exercise one of your privacy rights where we are acting as a data controller, we want to hear from you.

Riskonnect, Inc.
380 Interstate North Parkway SE, Suite 400,
Atlanta, Georgia 30339
+1-800-436-3195
privacy@riskonnect.com