Privacy Policy

Last Updated: October 2023

Riskpoint respects the privacy of its clients and visitors to this website.

We will only collect certain types of Personal information such as your name, telephone number, or email address, when it is voluntarily submitted to us using this website or sent to us by email. By submitting your personal information to us you agree to us using your personal information for the purpose you have selected, as set out in this privacy policy.

We respect the privacy of our clients and website visitors and recognise that when you choose to provide us with information about yourself, you trust us to act in a responsible manner with that information. We will always give you the option of how you would like your data to be used and for what purposes you wish to be contacted.

This privacy policy contains important information about how we use your personal information.

What information do we collect?

At times we may request that you voluntarily supply us with personal information. Generally, this information is requested when you want us to contact you as our client or prospective client, supply you with information or submit an application for employment. From time to time we may ask you to submit information for other purposes, but we will always make it clear what that information will be used for.

We may gather the following information about you:

  • Name
  • Email address
  • Telephone number
  • Information provided by you in relation to submitting a job application to us (this may include sensitive personal information)

Do we pass your information to third parties?

As a general rule we will not share any of your information with third parties. However, we may share your personal information with our subcontractors or other parties working on your projects to the extent required by the project work. We will ensure that the third parties who receive your personal information are required to keep it confidential.

We may disclose personal information to third parties when we reasonably believe we are required by law, and in order to investigate, prevent, or take action regarding suspected or actual unlawful or otherwise prohibited activities, including, but not limited to, fraud.

How do we use your information for marketing?

We do not engage in any email shoots, cold-calls or other mass-marketing campaigns. We will only use your contact data for our work on a specific project for you/your company or for a reply to a specific query.

Where do we keep your information?

We keep our clients personal data in EEA. We have technical and administrative measures to ensure that your personal information disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.

How long do we keep your information?

We only keep your personal information for as long as we need to, to be able to use it for the reasons given in this privacy policy, and for as long as we are required to keep it by law. For example, we may keep your information for a limited period following a project completion or termination for legacy and audit purposes; however, we will only keep your information for a limited period and your details will not be kept longer than is reasonably necessary or as required by law.

Riskpoint's role as Data Processor

In our role as IT developers, we routinely have access to personal data supplied to us as part of our clients' projects. As a Data Processor, we will never disclose, share, distribute, analyse, copy, amend or otherwise use our client's data outside the scope of the project. We will only do so following explicit instructions and/or permissions by our clients in their role as Data Controller.

As part of any project work, we normally make several copies of the project's data, including any personal data, on our servers and laptops. All such copies are held within EEA and are protected by a range of technical and administrative measures. They are only made either as backups/for audit purposes or for the ongoing project work.

Our clients are fully entitled to ask for the deletion or anonymisation of any of their project data, including backups, at any time during the project or after project completion or termination.

In case such a request has not been made, following project completion or termination, we will keep project data only for a limited period, and only for transfer, legacy or audit purposes.

Your rights

You are entitled to ask:

  1. for a copy of the personal information we hold about you, and details about how we are processing your personal information;
  2. to have any inaccuracies in your personal information corrected;
  3. if we are processing your personal information by automated means and on the basis of your consent (see “How do we use it?”, above), for us to provide your personal information to you in a structured, commonly-used and machine-readable format. You can also ask us to provide your personal information directly to a third party in this format, and, if technically feasible, we will do so; and
  4. to have your personal information erased, or for our use of it to be restricted (for example, if your preferences change, or if you don’t want us to send you the information you have requested).

Please contact us if you would like to exercise any of these rights.

You also have the right to make a complaint to the supervisory authority if you’re not happy with how we’ve handled your personal information. In the UK, the supervisory authority is the Information Commissioner's Office

Changes to this Privacy Policy

We reserve the right, at our discretion, to change, modify, add, or remove portions from this privacy policy at any time. You are encouraged to review this privacy policy from time to time. If we may material changes in how we use your personal information we will seek new consent where appropriate.