Data Protection and Privacy Policy

PreviousAI Usage and Ethical Considerations Policy NextModern Day Slavery Statement

Last updated 3 months ago

Data Protection and Privacy Policy

Welcome to Riskoa, supporting both and . We are committed to protecting the privacy and security of our users' data. This Data Protection and Privacy Policy outlines how we collect, use, protect, and share information gathered through both platforms.

Data Collection:

User Information: We collect personal information such as name, email address, and professional details to create accounts, provide customer support, and communicate updates.
Usage Data:
- For Emvide, we collect data related to your usage of the platform, such as login information, time spent on the platform, and the types of analyses conducted. This data helps us improve our services and enhance user experience.
- For LCA Factory, we collect data related to project details, such as the scope of work, lifecycle boundaries, and other project-specific inputs.
Project Data:
- Emvide: We store the lifecycle assessment data you input, including details about products, processes, and environmental impacts. This information remains confidential and is used solely for your LCA projects, unless specifically selected to share with additional parties. This remains a user option.
- LCA Factory: Data provided by clients for assessments, such as Bills of Materials (BOMs) and environmental metrics.

Data Use:

Service Provision: Your data enables us to deliver tailored and efficient services for both Emvide and LCA Factory.
Improvement and Development: We analyse usage data to enhance Emvide functionalities and introduce new features that respond to user needs.
Communication: We use your contact information to send updates, notifications, and informative content.

Data Protection:

At Riskoa, we prioritise the security and confidentiality of your data across both Emvide and LCA Factory. We employ rigorous measures to ensure your information remains safe from unauthorised access and breaches.

1. Security Measures

Encryption: All data transmitted and stored on our platforms is encrypted using industry-standard encryption protocols to safeguard against unauthorised access.
Secure Infrastructure: Our platforms operate on secure servers located in compliant data centres with advanced physical and digital security measures.
Regular Audits: We conduct periodic security audits and vulnerability assessments to ensure our systems are up-to-date and resilient against emerging threats.

2. Access Controls

Restricted Access: Data access is limited to authorised personnel who require it to fulfil their job responsibilities. These personnel are bound by strict confidentiality agreements and undergo regular training on data protection practices.
Role-Based Permissions: Access to sensitive data is managed through role-based permissions, ensuring users and staff only have access to the information necessary for their tasks.
Two-Factor Authentication (2FA): All access to sensitive systems and data requires two-factor authentication to add an additional layer of protection.

3. Monitoring and Response

Continuous Monitoring: We utilise real-time monitoring tools to detect and respond to potential security threats swiftly.
Incident Response Plan: In the unlikely event of a data breach, our incident response plan ensures immediate action, notification to affected parties, and mitigation measures to minimise impact.

4. Alignment with Standards

ISO Compliance Roadmap: Riskoa is committed to aligning its platforms with international standards such as ISO 27001 for information security management.
GDPR Compliance: We adhere to the General Data Protection Regulation (GDPR) and other relevant data protection laws to ensure your rights are respected and your data is handled responsibly.

No Third-Party Sharing: We do not sell, trade, or otherwise transfer your personal data to external parties. Any sharing of data is strictly limited to what is necessary to provide our services, and with your explicit consent.
Legal Compliance: We may disclose your information if required by law or if such action is necessary to comply with legal processes or to protect the rights, property, or safety of Emvide, our users, or others.

User Rights:

Access and Control: You have the right to access your personal information, correct any inaccuracies, or request its deletion. You can manage your information through your account settings or by contacting our support team.
Data Portability: Upon request, we can provide you with a copy of your data in a commonly used electronic format.
Consent Withdrawal: You may withdraw your consent to data processing at any time. However, this will not affect the lawfulness of processing based on consent before its withdrawal.

Updates to Our Privacy Policy:

This Privacy Policy is periodically reviewed and updated to reflect changes in our practices or regulatory requirements. We maintain an internal version history to track all changes, which is available upon request. Significant updates will be communicated to users through the platform or direct communication. We encourage you to review this Privacy Policy regularly to stay informed about how we protect your data.

PreviousAI Usage and Ethical Considerations Policy NextModern Day Slavery Statement

Last updated 3 months ago

Data Collection:

User Information: We collect personal information such as name, email address, and professional details to create accounts, provide customer support, and communicate updates.
Usage Data:
- For Emvide, we collect data related to your usage of the platform, such as login information, time spent on the platform, and the types of analyses conducted. This data helps us improve our services and enhance user experience.
- For LCA Factory, we collect data related to project details, such as the scope of work, lifecycle boundaries, and other project-specific inputs.
Project Data:
- Emvide: We store the lifecycle assessment data you input, including details about products, processes, and environmental impacts. This information remains confidential and is used solely for your LCA projects, unless specifically selected to share with additional parties. This remains a user option.
- LCA Factory: Data provided by clients for assessments, such as Bills of Materials (BOMs) and environmental metrics.

Data Use:

Service Provision: Your data enables us to deliver tailored and efficient services for both Emvide and LCA Factory.
Improvement and Development: We analyse usage data to enhance Emvide functionalities and introduce new features that respond to user needs.
Communication: We use your contact information to send updates, notifications, and informative content.

Data Protection:

1. Security Measures

Encryption: All data transmitted and stored on our platforms is encrypted using industry-standard encryption protocols to safeguard against unauthorised access.
Secure Infrastructure: Our platforms operate on secure servers located in compliant data centres with advanced physical and digital security measures.
Regular Audits: We conduct periodic security audits and vulnerability assessments to ensure our systems are up-to-date and resilient against emerging threats.

2. Access Controls

Restricted Access: Data access is limited to authorised personnel who require it to fulfil their job responsibilities. These personnel are bound by strict confidentiality agreements and undergo regular training on data protection practices.
Role-Based Permissions: Access to sensitive data is managed through role-based permissions, ensuring users and staff only have access to the information necessary for their tasks.
Two-Factor Authentication (2FA): All access to sensitive systems and data requires two-factor authentication to add an additional layer of protection.

3. Monitoring and Response

Continuous Monitoring: We utilise real-time monitoring tools to detect and respond to potential security threats swiftly.
Incident Response Plan: In the unlikely event of a data breach, our incident response plan ensures immediate action, notification to affected parties, and mitigation measures to minimise impact.

4. Alignment with Standards

ISO Compliance Roadmap: Riskoa is committed to aligning its platforms with international standards such as ISO 27001 for information security management.
GDPR Compliance: We adhere to the General Data Protection Regulation (GDPR) and other relevant data protection laws to ensure your rights are respected and your data is handled responsibly.

No Third-Party Sharing: We do not sell, trade, or otherwise transfer your personal data to external parties. Any sharing of data is strictly limited to what is necessary to provide our services, and with your explicit consent.
Legal Compliance: We may disclose your information if required by law or if such action is necessary to comply with legal processes or to protect the rights, property, or safety of Emvide, our users, or others.

User Rights:

Access and Control: You have the right to access your personal information, correct any inaccuracies, or request its deletion. You can manage your information through your account settings or by contacting our support team.
Data Portability: Upon request, we can provide you with a copy of your data in a commonly used electronic format.
Consent Withdrawal: You may withdraw your consent to data processing at any time. However, this will not affect the lawfulness of processing based on consent before its withdrawal.

Updates to Our Privacy Policy:

This Privacy Policy is periodically reviewed and updated to reflect changes in our practices or regulatory requirements. We maintain an internal version history to track all changes, which is available upon request. Significant updates will be communicated to users through the platform or direct communication. We encourage you to review this Privacy Policy regularly to stay informed about how we protect your data.

We encourage you to review our Data Protection and Privacy Policy regularly to stay informed about how we are protecting your information. If you have any questions or concerns about our data practices, please contact us at .

Data Collection:

Data Use:

Data Protection:

Data Sharing:

User Rights:

Updates to Our Privacy Policy:

Data Collection:

Data Use:

Data Protection:

Data Sharing:

User Rights:

Updates to Our Privacy Policy: