Scope
Websites, modules, APIs, and dashboards. Effective date [insert date]. Last updated 27 September 2025.
How RiskMetrica collects, uses, stores, and protects personal data across our AI native risk intelligence platform. Includes roles, lawful bases, retention, security measures, international transfers, and your rights.
Websites, modules, APIs, and dashboards. Effective date [insert date]. Last updated 27 September 2025.
Primary hosting and storage in the UK and EU. Transfers safeguarded by adequacy or Standard Contractual Clauses.
Data Protection Officer, privacy@riskmetrica.com.
We do not collect special category data unless a regulated customer instructs us and appropriate safeguards are in place.
| Purpose | Legal basis | Typical storage period |
|---|---|---|
| Account setup and platform access | Contract | Subscription term plus 90 days |
| Platform performance and security | Legitimate interests | Operational logs 12 to 24 months |
| Billing and financial records | Contract and legal obligation | Statutory record period |
| Compliance with supervisory requests | Legal obligation | As required by law |
| Product analytics and improvement | Legitimate interests | Aggregated or anonymised retention |
We disclose personal data only to deliver services and comply with law.
Cloud hosting, logging, and model APIs under GDPR compliant DPAs and Standard Contractual Clauses where required.
Lawful requests only, after verification and in line with legal obligations.
Where personal data leaves the UK or EU, we use adequacy decisions where available or Standard Contractual Clauses with supplementary technical and organisational measures.
We use essential cookies for secure sessions and optional analytics cookies for usability. Manage preferences in your browser or via in platform controls. See our Cookie Policy for details.
The services are not intended for individuals under 18. We do not knowingly collect data from minors. If you believe a child has provided data contact us for deletion.
We may update this policy to reflect legal or technical changes. Material changes will be notified in product or by email. Continued use after the effective date indicates acceptance.
For privacy requests and questions: