Privacy Policy
Last updated 07.31.2023
The C1Risk Privacy Policy describes the privacy practices of C1Risk's app and website.
Information Collection and Use
C1Risk only holds basic data about the person’s name and email address when information is requested using our online contact form, or when you are a customer and authorized to use our application.
When requesting information, we request email, name, name of company and company website.
While using the application, C1Risk may process the personal information for the customer’s security, accounting, contract and product usage. Your basic personal data is also used for C1Risk user access identification. All data processed on the C1Risk application is protected with reasonable security measures.
Customers directly provide our company contact information to conduct business in the following processes:
At the time of registration, customer provides basic information to onboard users to our system.
Contact information is provided in contract agreements.
User information is provided to the product for identification and authentication to securely access The 1Risk Platform.
Data Use and Protection
Customer data is used to conduct business activities such as:
For contract agreements
For the 1Risk Platform Identification and authorization security control
For managing your account, order processing and billing
For email notification of special offers, training, alerts and provide notifications that is relevant to you
Data Collection
Customer data is stored in a private database hosted on the Salesforce Cloud and Amazon Web Services, AWS, resources, as appropriately deployed with security measures aligned with state, federal, and global regulations. Our security policies and controls applies to protect customer data. The Company will keep your data to support account activities.
When a customer terminates the account, the termination terms from the Cloud Service Agreement will apply to protect customer data. Customers may request for a data destruction certificate.
You may object to C1Risk for using your information for the above purposes at any time by not using our application and contacting us at support@c1risk.com to remove your information.
Subject Consent
By accepting our terms and conditions, you are giving C1Risk consent to process your data. You may at any time withdraw a consent granted hereunder by contacting us. at support@c1risk.com
Subject Rights
We do not intend for our cloud application or online services to be used by anyone unauthorized by our customer. Except as otherwise mentioned in this privacy notice and in compliance of our contractual terms with customers, we keep your personal information only for as long as required by us to provide you with the services you have requested; to comply with the law, or to support a claim or defense in court.
Our company would like to make sure you're fully aware of all your data protection rights when you terminate your business with the Company.
The right to access - you have the right to request the Company for copies of your personal data. We may charge you a small fee for this service.
The right to rectification - you have the right to request that the Company correct any information you believe is inaccurate. You also have the right to request the Company to complete information you believe is incomplete.
The right to erasure - you have the right to request that the Company erase your personal data, in accordance to the Cloud Service Agreement
The right to restrict processing - you have the right to restrict the processing of your personal data when the account is terminated.
The right to object to processing - you have the right to object the Company's processing of your personal data when the account is terminated.
The right to data portability - you have the right to request that the Company transfer the data that we collected to another organization, or directly to you when the account is terminated.
Our privacy policy has been compiled to comply with the law of every country or legal jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your jurisdiction, we should like to hear from you. It is your choice as to whether you wish to use our application.
Children’s Privacy
These Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us atsupport@c1risk.com so that we will be able to do the necessary actions.
Changes to our Privacy Policy
We may update this privacy notice from time to time as necessary. The terms that apply to you are those posted here and on our application on the day you use our website. We advise you to print a copy for your records.
Contact Us
If you have any question regarding our privacy policy or should you wish to report a complaint, please contact us at support@c1risk.com or legal@c1risk.com.
Supplemental
Privacy Notice
Last updated 01.3.23
This Supplemental Privacy Notice applies to you only if you are a natural person and live in California, Colorado, Connecticut, Virginia, or Utah. This Supplemental Privacy Notice is incorporated into and forms part of the BILL Privacy Notice.
This Supplemental Privacy Notice describes how we collect, process, and disclose your personal information. It also describes the rights you have with regard to your personal information, which apply when new or updated laws take effect in these states. This Supplemental Privacy Notice does not apply to any employees, owners, directors, officers, or contractors of BILL or its affiliates.
Categories of Personal Information We Collect, and How We Use and Share that Information
During the past twelve (12) months, we have collected, used, and shared the following categories of personal information:
| Category of Personal Information | Category of Source | Business or commercial purpose(s) for collection | Categories of third parties with whom we share |
|---|---|---|---|
| Personal identifiers | Directly from you or your agents From your Organization From your Vendors or Customers From other third parties you choose to interact with From our service providers From public sources |
To provide our Service to you To communicate with you To verify your identity To protect your account To prevent fraud or illegal activity Our marketing activities |
Our service providers Your authorized service providers Other third parties that you authorize Our business and marketing partners Third parties as required by law |
| Financial information, including bank account number, credit card number |
Directly from you or your agents From your Organization From your Vendors or Customers From other third parties you choose to interact with From our service providers From public sources |
To provide our Service to you To verify your identity To protect your account To prevent fraud or illegal activity |
|
| Commercial information, including products/services purchased |
Directly from you or your agents From your Vendors or Customers |
Provide our Service to you Prevent fraud or illegal activity |
|
| Internet or other electronic network activity information |
Directly from you From our service providers |
Provide our Service to you Protect your account Prevent fraud or illegal activity Debug or repair our Service Maintain reliability, quality or safety of our Service Improve our Service Our marketing activities |
|
| Geolocation data | Directly from you From your mobile provider or ISP |
Provide our Service to you Protect your account Prevent fraud or illegal activity Debug or repair our Service Maintain reliability, quality or safety of our Service |
|
| Audio, electronic, visual, or similar information | Directly from you | Provide our Service to you Prevent fraud or illegal activity Improve our Service Maintain reliability, quality or safety of our Service |
|
| Professional or employment-related information | Directly from you From your Organization From your Vendors or Customers |
Provide our Service to you Prevent fraud or illegal activity Our marketing activities |
|
| Inferences drawn to create a profile about a consumer | C1Risk | Provide our Service to you Prevent fraud or illegal activity Maintain reliability, quality or safety of our Service Our marketing activities |
Sensitive Personal Information
When we collect government identification (such as your driver’s license number or Social Security number) or financial details (such as your bank account or credit card numbers), we are deemed to be collecting data that is “sensitive” under state privacy laws. Where legally required, we will obtain your consent for collecting this information. For our California users, we do not use or disclose sensitive personal information for any purpose other than as permitted by law, such as to provide our Service to you, to detect security incidents, and protect against malicious or fraudulent actions, nor do we use or disclose such information to build a profile about you.
Retention
We retain your personal information as long as it is necessary to provide you our Service and to comply with our data retention requirements. Even after you stop using our Service, we may be required to keep your information for as long as necessary to comply with our legal and regulatory obligations, to make or defend legal claims, and to protect against fraudulent activity of others.
Sales | Sharing
In the last 12 months, we have allowed third parties ad providers to collect personal information from our website visitors in order to provide them with targeted advertising and analytics. This practice may constitute a sale of personal information under certain state laws and, in California, may also constitute “sharing” (which is a term used to address the sharing of information for advertising purposes) of personal information. To the extent that our practice constitutes a sale or sharing of your personal information, you have the right to opt-out of the sale or sharing of your personal information with third parties for purposes of targeted advertising by filling out this Opt-Out Form and by enabling Global Privacy Control on your browser or opting-out of cookies by clicking here:
Cookie Settings
Global Privacy Control (“GPC”) is a setting you can enable in your web browser to communicate your privacy preference for not having certain information about your webpage visits collected across websites. For all the details, including how to turn on GPC, visit https://globalprivacycontrol.org/. Our websites that link to this privacy policy recognize and respond to GPC signals.
Consistent with our practice of not collecting data on anyone under 16 years old, we do not have actual knowledge that we shared information on such minors with the companies we work with on targeted advertising.
Understanding Your Rights
Subject to certain limitations, you have the following rights with respect to the personal information that we collect about you:
Right to Know. You can ask us to give you information about our collection and use of your personal information. Specifically, you can request that we provide you one or more of the following:
The categories of personal information we collected about you.
The categories of sources from which we collected your personal information.
Our business and commercial purposes for collecting, selling, or sharing your personal information.
The categories of third parties to whom we disclose your personal information.
The specific pieces of personal information we collected about you.
Right to Delete. Subject to certain limitations, you can ask us to delete your personal information.
Right to Correct. You can ask us to correct inaccurate personal information that we have about you.
Right to Opt Out of Targeted Advertising or Sale. You can ask us to stop using your personal information for targeted advertising. Please see the discussion on Sales/Sharing above.
Right Against Discrimination. We will not discriminate against you for exercising your rights.
You can exercise your right to know, delete, or correct your personal information by emailing legal@c1risk.com. If you do not receive a confirmation of our receipt of your request within 10 days, we may not have received your request and you should re-submit it. Once we receive your request, we will attempt to verify your identity. We may ask you for additional information to help us verify your identity, including by asking you to confirm other personal information you have provided to us. We may deny your request for reasons permitted by law, including our inability to verify your identity. If we deny your request, we will tell you why we did so.
Subject to certain restrictions, you can have an agent exercise your rights for you. If you have an agent exercising your rights, that person must provide to us your written authorization allowing them to make such a request on your behalf. We reserve the right to deny the agent’s request if we are not reasonably able to confirm proper authorization and/or verify your identity as the requestor.
Appeals
Residents of Colorado, Connecticut, and Virginia can appeal a refusal to take action on a request by contacting us by email at legal@c1risk.com
Contact
If you have any questions or concerns about this Supplemental Privacy Notice, you can email us at legal@c1risk.com.