Privacy Policy

This Privacy Policy describes how RiskLens, Inc. and our subsidiaries (collectively "RiskLens," "we", “us” or "our") handle personal information that we collect though our websites (the “Service”) in connection with activities described in this Privacy Policy.

RiskLens provides a web-based software platform that businesses use to quantify business risk. This Privacy Policy does not apply to information that we process on behalf of our business customers while providing the RiskLens platform to them.Our use of this information is restricted by our agreements with those business customers. If you have concerns regarding personal information that we process on behalf of a business, you should direct your concerns to that business.

Personal information we collect

Information you provide to us. Personal information you may provide to us through the Service or otherwise includes:

• Contact data, such as your first and last name, and email address.
• Communications that we exchange, including when you contact us with questions, feedback, or otherwise.
• Marketing data, such as your preferences for receiving communications about our products and services, and details about how you engage with our communications.
• Other information that we may collect which is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Automatic data collection. We or our service providers may automatically log information about you, your computer or mobile device, and your activity over time on our sites and other sites and online services. This information (the “Usage Data”) may include:

• Device data, such as your computer or mobile device operating system or IP address.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.

Cookies. Some of our automatic data collection is facilitated by cookies and similar technologies. For more information, see our Cookie Notice.

How we use your personal information

We use your personal information for the following purposes or as otherwise described at the time we collect it.
Service delivery. We use your personal information to:

• provide, operate and improve the Service and our business;
• communicate with you about the Service;
• provide support for the Service, respond to your requests, questions and feedback.
• Direct marketing. We may send you RiskLens related or other direct marketing communications as permitted by law, including by email. You may opt-out of our marketing communications as described in the Opt-out_of_marketing section below.

Compliance and protection. We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
• communicate with you about the Service;
• protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements and internal policies;
• enforce the terms and conditions that govern the Service; and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

How we share your personal information

We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:

• Affiliates. Our subsidiaries and other corporate affiliates, for purposes consistent with this Privacy Policy.
• Service providers. Companies that provide services on our behalf or help us operate the Service or our business, such as hosting, information technology, email delivery and website analytics.
• Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Your choices

You have the following choices with respect to your personal information:

• Opt-out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions provided in communications.
• Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Service and the Service may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
• Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services.

Other sites and services

The Service may contain links to websites and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or other online services that are not associated with us. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions.

Security

We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

International data transfer

We are headquartered in the United States. Your personal information may be transferred to the United States where privacy laws may not be as protective as those in your state, province, or country.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

How to Contact us

Email: privacy@risklens.com
Mail:
RiskLens Privacy
601 W. Main Ave, Suite 910
Spokane, WA 99201

Information regarding the European Economic Area

Notice to European users
This section applies only to individuals in the United Kingdom and the European Economic Area.

Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller. RiskLens is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.

Legal bases for processing. The legal bases of our processing of your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us at privacy@Risklens.com.

Sensitive personal information
We ask that you not provide us with any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Service, or otherwise to us. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our Service.

Retention
We retain personal information where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested; to comply with applicable legal, tax or accounting requirements; to establish or defend legal claims; or for fraud prevention). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Service, or We are legally obligated to retain this data for longer time periods.

Your rights
European data protection laws give you certain rights regarding your personal information. If you are located within the United Kingdom or European Economic Area, you may ask us to take the following actions in relation to your personal information that we hold:

• Access. Provide you with information about our processing of your personal information and give you access to your personal information.
• Correct. Update or correct inaccuracies in your personal information.
• Delete. Delete your personal information.
• Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
• Restrict. Restrict the processing of your personal information.
• Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.

You may submit these requests by email to privacy@risklens.com or our postal address provided above in the How to contact us section. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.

Cross-Border Data Transfer
If we transfer your personal information from the United Kingdom or European Economic Area to a country such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so.