uRisk is committed to protecting your privacy, and that includes protecting the privacy of any data you share with us. This policy sets out what data we collect, what we do with your data, when and how we store your data, and what you can do if you have questions or wish to exercise rights you have with respect to your data.
What data do we collect, and why?
Through the use of pages on our website and interaction with our products and services, we may collect data from you. Sometimes the data we collect relates to you or identifies you. In this policy, data that relates to or identifies a natural person is defined as “personal data.” “Data” always includes personal data. Our goal is always to maintain the highest levels of privacy and security with your personal data, in keeping with the principles of the Federal Trade Commission Act and related regulations, the General Data Protection Regulation, and applicable local privacy laws. We will always try to give you appropriate notice of what data we collect and how we will use it, and we will only process your data when we consider it fair and lawful to do so.
We may collect the following data from you:
- Records of your visits to our website, through cookies and otherwise (which records may include: traffic data; location information; logs; information about your computer or mobile device such as if applicable your IP address, operating system, mobile carrier, or device identifying information)
- Records of correspondence between us and you (for example, records of your and our communication for purposes of support services)
- Comments, posts, or other data you upload to our site (for example, in the comments section of our blog posts)
- Information you provide by completing forms on our website or in our products and services (for example, purchase information and information you provide when subscribing to newsletters or contacting us)
- Sometimes the reason for collection will be obvious (such as when you give us your email address to allow us to contact you). When it is not, we will describe to you at the time of collection the purpose for collecting the data and if possible ask for your consent. To the extent possible, we anonymize or pseudonymize data we collect from you.
In general, we do not intentionally collect sensitive personal data. Sensitive personal data is data of the kind regulated by Article 9 or Article 10 of the GDPR, such as personal identity numbers; financial account information; information concerning racial or ethnic origin; political opinions; religious, philosophical, or other beliefs; membership in trade unions or professional or trade associations; physical or mental health information; biometric data; genetic data; data concerning sexual activity or orientation; or data concerning criminal records or suspected criminal activity. However, if you provide us with sensitive personal data, whether through the website or through any of our products or services, you explicitly consent to our use and processing of that data.
Additionally, we do not intentionally collect personal data from anyone under the age of eighteen (18), and to the extent reasonably possible we take steps to verify that you are a legal adult when we collect data from you. By using our website, products, or services, and by submitting any data to us, you warrant that you are eighteen (18) years of age or older.
How do we use data we collect from you?
We use the data we collect from you to provide information, services, or products you have requested or purchased, and to allow you to interact with us and the website. This may include sending you emails from time to time; these emails always contain either information you have requested or that you have consented to receive, or information we have a legitimate interest in delivering (such as notices of product changes). You can always unsubscribe from any email list by clicking the indicated link in the email.
When applicable we analyse this information to improve our website, improve the products and services we provide, and to protect us and you from malicious web activity. We may share this information with third parties. Those third parties and their respective privacy policies are as follows:
- Google Analytics (https://policies.google.com/privacy)
How long do we keep your data?
In general, we keep your data only as long as necessary to provide the service or product you requested. If you are a customer who has an account with us, we will keep the data connected to your account until you ask us to destroy it. This is in order to help us remember information about previous interactions with you (for example, records of support service) or in order to comply with our legal and contractual obligations. Ordinarily, if your account is inactive, your data will only be stored so that the account can be reactivated in the future, and your data will not be processed for any other purpose. You can ask us to destroy your data at any time by following the procedures outlined in this policy, but if we do not have certain information about you, it may be impossible for us to provide any products or services to you.
Where is your data stored?
We are a business located in the UK. When we store your data, it is stored in the UK. However, data we collect may be routed or transferred internationally by us or by our business partners during the course of providing products and services to you and others.
How do we ensure your data is secure?
We take a number of steps to ensure that data we collect is protected from unauthorized access, alteration, disclosure, or destruction, including the following:
- Many of our services are encrypted using SSL.
- We regularly review our data collection, storage, and processing practices, including physical and electronic security measures.
- We restrict access to your personal data to only those employees, agents, and business partners who need access to it in order to deliver requested products and services.
- All of our employees, agents, and business partners are subject to strict confidentiality and nondisclosure obligations, the violation of which may result in termination and/or liability.
- All of our employees and agents receive regular appropriate training, including training in information privacy suitable to their respective fields and disciplines.
Do we share your data?
We may transfer your data to our business partners, some of whom may be located in other countries. We strive to do business only with partners who uphold high standards of data privacy and security, and whenever we transfer data to a third party, we take steps to make sure that the data will remain secure and private as required by applicable law and our internal guidelines.
Sometimes we may be required to share your data for specific purposes. These purposes may include:
- In order for us to comply with a legal obligation or to detect, prevent, or otherwise address fraud or crime
- In order to detect or correct technical or security issues
- In order to apply or enforce our Terms and Conditions, or to protect the rights, property, or safety of us, you, our customers, our business partners, others, or the public
- In order to maintain continuity of service in the event that we sell or liquidate some or all of our business or assets
- Additionally, our website may contain links to our business partners or other third parties. Please understand that those websites have their own policies, and we do not accept any responsibility or liability for your use of those websites or any products or services available there.
What about data we obtain from third parties?
Sometimes we may obtain your personal data from a third party, either through the use of our website or through some of our products or services. Due to the nature of our products, it is possible that we may even obtain your data unsolicited from a third party. We may also obtain your personal data from our business partners through contractual relationships or through software they develop. We apply the same standards of security and privacy to all personal data in our possession, and you have rights with respect to your data regardless of its source. When and to the extent possible, we will notify you of the source if we obtain your data from a third party without your consent within at least thirty (30) days.
Are you required to supply us with your personal data?
Sometimes we have to have your personal data in order to interact with you. Supplying some personal information is a prerequisite to purchasing products or services from us, obtaining support services, or using the website. If you do not provide the requested data in those instances, you will not be able to purchase any products or services from us, you will not have access to support services, and you may lose some functionality when interacting with the website, respectively.
What rights do you have with respect to your personal data?
You have a right to know if we have any of your personal data and to have access to that data, and you have the right to have any incorrect personal data corrected. If you have given us consent to have or use your data, you have the right to withdraw that consent at any time. You also have the right to have your personal data erased or to transport your data. Ordinarily we do not use automated decision-making with respect to any personal data, but if we do, you have the right to object.
You have the right to lodge a complaint with a supervisory authority. Which authority is appropriate varies depending on your jurisdiction. If you wish to lodge a complaint, we can assist you in determining where the complaint should be lodged.
You may contact us at any time at https://www.urisk.co.uk/contact-us, to exercise any of these rights. Understand that sometimes we have to have your data in order to interact with you, and so exercising some or all of these rights might impact your ability to use our website or our products and services.
What if you have further questions?
If you have any additional questions about our privacy practices, please contact us at https://www.urisk.co.uk/contact-us.