1. Our Collection of Personal Information
Our primary goals in collecting personally identifiable information are to provide you with the services made available through the Sites, to communicate with you, and to manage your registered user account through which you can take advantage of the Services made available through the Sites. We will also use the information you provide to analyze and improve RiskSense’s products and services.
Types of Personal Information We Collect
Information You Provide to Us
- Communications with Us. We may collect Personal Information from you such as login information, email address, phone number, mailing address, company name, country and job title when you request information about our Services, create an account, register for our newsletter or loyalty program, request customer or technical support, or otherwise communicate with us.
- Social Media Content. We may offer forums, blogs, or social media pages. Any content you provide on these channels will be considered “public” and is not subject to privacy protections.
- Surveys. We may contact you to participate in online surveys. If you decide to participate, you may be asked to provide certain information which may include Personal Information. All information you submit in our surveys is provided by you voluntarily. We may use such information to improve our products, Sites and/or Services and in any manner consistent with our policies.
Information Collected Automatically or From Others
Automatic Data Collection. When you visit the Sites, our servers automatically record information that your browser sends whenever you visit a website (“Log Data”). Log Data may include information such as your Internet protocol (IP) address, cookie identifiers, mobile carrier, mobile advertising identifiers, MAC address, IMEI, Advertiser ID, unique identifiers, browser type and language, geo-location information, internet service provider, pages that you visit before and after using the Services, data and time of visit, amount of time you spend on each page, information about the links you click and pages you view within the Services.
- Cookies. Cookies are small text files placed in visitors’ computer browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.
- Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in the Services that collects information about users’ engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement.
Analytics. We may also use Salesforce Pardot, Google Analytics, Google Ads remarketing tags, Google Ads conversion tracking tags, HubSpot and similar technologies to collect information regarding visitor behavior and visitor demographics on our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout. For more information about HubSpot, please visit https://knowledge.hubspot.com/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser.
Information from Other Sources. We may obtain information about you from other sources, including through third party services and organizations to supplement information provided by you. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site , we may collect information about you from that third-party application that you have made public via your privacy settings. Information we collect through these services may include your name, your user identification number, your username, location, gender, birth date, email, profile picture, and your contacts stored in that service. This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with information about our business and Services.
2. Our Use of Your Personal Information
Our Company may use information that we collect about you for the following purposes:
- To Provide Products, Services, or Information Requested. We may use information about you to:
- Manage Individual information and accounts;
- Respond to questions, comments, and other requests;
- Provide access to certain areas, functionalities, and features of our Services;
- Answer requests for customer or technical support; and
- Allow you to register for events.
- Administrative Purposes. We may use Personal Information about you to:
- Measure interest and engagement in our Sites and Services and short-term, transient use, such as contextual customization of ads;
- Develop new products and Services;
- Undertake research for technological development and demonstration
- Improve, upgrade or enhance our Services
- Ensure internal quality control;
- Verify Individual identity;
- Communicate with you about your account, activities on our Sites and Services and policy changes;
- Contact you to verify your account and for informational and operational purposes, such as account management, customer service, or system maintenance;
- Process payment for products or Services purchased;
- Process applications and transactions;
- Prevent potentially prohibited or illegal activities; and
- Enforce our Legal Notice
- Marketing Our Products and Services. We may use Personal Information to provide you with materials about offers, products, and Services that may be of interest, including new content or Services. We may provide you with these materials by phone, postal mail, facsimile, or email, as permitted by applicable law. Such uses include:
- To tailor content, advertisements, and offers;
- To notify you about offers, products, and services that may be of interest to you;
- To provide Services to you and our sponsors; and
- Other purposes you consent to or are disclosed when you provide Personal Information.
You may contact us at any time to opt out of the use of your Personal Information for marketing purposes as described below.
- Research and Development. We may use Personal Information to create non-identifiable information that we may use alone or in the aggregate with information obtained from other sources, in order to help us to optimally deliver our products and Services or develop new products and Services. We may perform research via surveys. We may engage Third-Party service providers to conduct such surveys on our behalf. Survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve Individuals by learning more about their needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Sites and Services, various types of communications, advertising campaigns, and/or promotional activities. If an Individual participates in a survey, the information given will be used along with that of other study participants. We may use de-identified Individual and aggregated data for research and analysis purposes.
- Direct Mail, Email and Outbound Telemarketing. Individuals who provide us with Personal Information, or whose Personal Information we obtain from Third Parties, may receive periodic emails, newsletters, mailings, or phone calls from us with information on our or our business partners’ products and services or upcoming special offers/events we believe may be of interest. We offer the option to decline these communications at no cost to the Individual by following the instructions below.
- De-identified and Aggregated Information Use. We may use Personal Information and other information about you to create de-identified and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access our Sites and Services, or other analyses we create. De-identified and aggregated information is used for a variety of functions, including the measurement of visitors’ interest in and use of various portions or features of the Sites and Services. De-identified or aggregated information is not Personal Information, and we may use such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes. We may share this information within RiskSense and with Third Parties for our or their purposes in an anonymized or aggregated form that is designed to prevent anyone from identifying you.
- Sharing Content with Friends or Colleagues. RiskSense’s Sites and Services may offer various tools and functionalities. For example, RiskSense allows you to provide information about your friends through our referral services, such as “Tell a Friend.” Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services. Email addresses that you may provide for a friend or colleague will be used to send your friend or colleague the content or link you request but will not be collected or otherwise used by RiskSense or any other Third Parties for any other purpose.
- Other Uses. RiskSense may use Personal Information for which we have a legitimate interest, such as direct marketing, individual or market research, anti-fraud protection, or any other purpose disclosed to you at the time you provide Personal Information or with your consent.
- Advertising or Targeting Related. We may use first-party or third-party cookies and web beacons to deliver content, including ads relevant to your interests, on our Sites or on third party sites. This includes using technologies to understand the usefulness to you of the advertisements and content that has been delivered to you, such as whether you have clicked on an advertisement.
If you would like to opt-out of the Technologies we employ on our Sites, Services, applications, or tools, you may do so by blocking, deleting, or disabling them as your browser or device permits.
- We may use third party application programming interfaces (“APIs”) and software development kits (“SDKs”) as part of the functionality of our Services. APIs and SDKs may allow third parties including analytics and advertising partners to collect your personal information for various purposes including to provide analytics services and content that is more relevant to you. For more information about our use of APIs and SDKs, please contact us as set forth below.
3. Our Disclosure of your Personal Information to Third Parties
Information We Share
- Resellers and Partners. We will share your Personal Information with our resellers and partners, and such resellers and partners may use your information to market our products and services, as well as their own products and services.
- Service Providers. We may engage certain trusted third parties to perform functions and provide services to us, including, without limitation, hosting and maintenance services, customer relationship services, and database storage and management services. We will share your personally identifiable information with these third parties, but only to the extent necessary to perform these functions and provide such services, and only pursuant to binding contractual obligations requiring such third parties to maintain the confidentiality of your data.
- Compliance with Laws and Law Enforcement. RiskSense cooperates with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including subpoenas); to protect the property and rights of RiskSense or a third-party, the safety of the public or any person; to prevent or stop any illegal, unethical, or legally actionable activity; or to comply with the law.
- Business Transfers. If any or all of the assets of RiskSense are acquired by, or merged with another entity, we may share some or all of your information with this entity.
International Data Transfers
Potential for Other Users to Contact You
To the extent that a given application supports personal messaging functionality between and among end users, you may receive personal messages from other end users. You can disable this functionality by using the “unsubscribe” or other disabling instructions in the given application.
4. Your Choices: Right to Object to Processing
- General: You have the right to object to and change your preferences or opt out of certain uses and disclosures of your Personal Information. Where you have consented to RiskSense’s Processing of your Personal Information or Sensitive Personal Information, you may withdraw that consent at any time and prevent further Processing by contacting us as described below. Even if you opt out, we may still collect and use non-Personal Information regarding your activities on our Sites, Services and/or information from the advertisements on Third-Party websites for other legal purposes as described above.
- We maintain telephone “do-not-call” and “do-not-mail” lists as mandated by law: We process requests to be placed on do-not-mail, do-not-phone and do-not-contact lists within 60 days after receipt, or such shorter time as may be required by law.
- Notifications: We may occasionally send you push notifications or contact you through our mobile applications, Services, Sites, social media or Third-Party services with notices or alerts that may be of interest to you. You may at any time opt out or stop from receiving these types of communications by changing the settings on your mobile device.
- “Do Not Track”: Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
- Cookies and Interest-Based Advertising: As noted above, you may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser preferences. Please note that cookie-based opt-outs are not effective on mobile applications. However, on many mobile devices, application users may limit ad tracking of certain mobile ads via their device settings.
The online advertising industry also provides websites from which you may opt out of receiving targeted ads from our data partners and our other advertising partners that participate in self-regulatory programs. You can access these, and also learn more about targeted advertising and consumer choice and privacy, at http://www.networkadvertising.org/managing/opt_out.asp, or http://www.youronlinechoices.eu/ and http://www.aboutads.info/choices/. You can also choose not to be included in Google Analytics here.
5. Your Privacy Rights. In accordance with applicable law, you may have the right to:
- Access/port your Personal Information consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic Personal Information transferred to another party.
- Request correction of your Personal Information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your Personal Information or we may refer you to the controller of your Personal Information who is able to make the correction.
- Request deletion of your Personal Information, subject to certain exceptions prescribed by law.
- Request restriction of or object to processing of your personal information, including the right to opt in or opt out of the sale of your Personal Data to third parties, if applicable, where such requests are permitted by law.
If you would like to exercise any of these rights, please log into your account or contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.
6. Retention and Security
RiskSense will retain Personal Information for as long as needed to provide Services or as otherwise permitted by law.
Security of Your Information
RiskSense is very concerned about safeguarding the confidentiality of your personally identifiable information. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. However, RiskSense takes security very seriously. All company employees are contractually obligated to safeguard RiskSense and user data under confidentiality and privacy agreements. Access to RiskSense production systems is restricted to authorized RiskSense team members.
We will disclose any breach of the security, confidentiality, or integrity of your unencrypted electronically stored personal data to you as required by contract in the most expedient time possible and without unreasonable delay, consistent with (i) the legitimate needs of law enforcement, or (ii) any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the data system.
7. Users Outside the United States
RiskSense is headquartered in the United States and is subject to the applicable state and federal laws of the United States. By using our Sites, you will transfer data to the United States. By choosing to visit our Sites, utilize the Services or otherwise provide information to us, you agree that any dispute over privacy or the terms contained in this Policy will be governed by the laws of the State of California and the adjudication of any disputes arising in connection with RiskSense or our Sites will be in accordance with the Legal Notice.
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and processing globally. By providing your Personal Information, you consent to any transfer and processing in accordance with this Policy.
8. Our Policy Towards Children
The Sites are not directed to persons under the age of 18 and we do not knowingly request or receive any information from children under the age of 18. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us at email@example.com. If we become aware that a child under 18 has provided us with personally identifiable information, we will remove such information from our files.
9. Legal Basis for Processing your Personal Data (EEA and Switzerland only)
With respect to personal data collected from individuals from the European Economic Area or Switzerland, our legal basis for collecting and using the Personal Information will depend on the Personal Information concerned and the specific context in which we collect it. Our Company will normally collect Personal Information from you only where: (a) we have your consent to do so, (b) where we need the personal data to perform a contract with you (e.g. to deliver the services you have requested), or (c) where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms).
10. Additional Rights (EEA and Switzerland only)
You may have the right to make a privacy complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
11. California Privacy Rights
If you are a California resident, California Civil Code Section 1798.83 permits you to request certain information regarding our disclosure of Personal Information to third parties for the third parties’ direct marketing purposes. To make such a request, please contact us by sending an email to firstname.lastname@example.org.
Our Sites, products, and Services are not intended to appeal to minors. However, if you are a California resident under the age of 18, and a registered user of our Sites or Services, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted. To make such a request, please send an email with a detailed description of the specific content or information to email@example.com.
Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
Under California law, California residents who have an established business relationship with us may opt-out of our disclosing Personal Information about them to third parties for their marketing purposes.
13. Legal Notice
14. Redress/Compliance and Accountability
15. Questions and Comments
If you would like to contact us about our privacy practices, or exercise any of your data subject rights, please send a written request to the data controller of your Personal Information or to us at:
Mail: RiskSense, Inc., Attn: Privacy Officer, 1230 Midas Way, Suite 220, Sunnyvale, CA 94085
The following capitalized terms shall have the meanings herein as set forth below.
“Sites” are our company website https://risksense.com/, social media pages, blogs and content produced and managed online by RiskSense.
“Services” are all other online and offline offerings by RiskSense.
“Agent” means any Third Party that Processes Personal Information pursuant to the instructions of, and solely for, RiskSense or to which RiskSense discloses Personal Information for use on its behalf.
“Employee” refers to any current, temporary, permanent, prospective or former employee, director, contractor, worker, or retiree of RiskSense or its subsidiaries worldwide.
“Personal Information” is any information relating to an identified or identifiable natural person (“Individual”).
“Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Sensitive Data” or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding EU residents that is classified as a “Special Category of Personal Data” under EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where Processed to uniquely identify a person; (6) health information; (7) sexual orientation or information about the Individual’s sex life; or (8) information relating to the commission of a criminal offense.
“Third Party” is any company, natural or legal person, public authority, agency, or body other than the Individual, RiskSense or RiskSense’s agents.
Last Updated: 02 July 2020