Privacy Policy
This Privacy Policy details important information regarding the use and disclosure of user information collected by Riskalyze, Inc. (“we”, “us”, or “Riskalyze”) through its websites or in connection with the services provided by Riskalyze to you. Riskalyze provides this Privacy Policy to help you make an informed decision about whether to use or continue using the websites or Riskalyze’s services (the “Services”).
This Privacy Policy covers data, data collection and processing where Riskalyze acts as the controller of data as described by the European Union’s General Data Protection Regulation (“GDPR”), the California Consumer Protection Act (“CCPA”) or any other data protection law (known collectively with GDPR and CCPA as “Data Protection Laws”).
If you are a client of our customer (a “Client”), this Privacy Policy does not apply. If you are a Client, please contact the controller of your data (most likely your financial representative or their parent company) directly for detailed privacy information. We will process your data only as directed by our customer, who is the controller of your data.
This Privacy Policy considers “Users” as anyone using the Services. The subset of Users that are subscribers, or those for whom we support account creation, are referred to within as “Customers”.
Data Ownership
The most important part of this Privacy Policy is the simple principle that your data belongs to you. You are not transferring the ownership of data about you or your clients by storing it in Riskalyze. Your clients are your clients, and the data that you store in Riskalyze belongs to you.
Information We Collect and How We Use It
We may collect the following types of information:
-
User Information. When you visit any of our websites, we collect information about you relating to your browser, the device you use to access the website and your IP address. We may also collect information about any of previous, concurrent and future visits to our URLs. We use this information to maintain the security posture, improve the quality of the Services and provide you with content that we believe to be most interesting to you.
When you complete any steps of a Risk Questionnaire or another form in scope of the Services, you provide personal information, which may include your name, email address, phone numbers, date of birth, household income information, financial goals or status, other financial information, opinions or other personal information provided by you. We use this data to provide and personalize the Services for you (for example, to generate a Risk Number that fits your tolerance for risk).
We use cookies in various ways across our sites, including those mentioned above. For more details about the data we collect when you visit our websites and how you can adjust certain collection preferences and consents can be seen below under “Cookies”.
-
Customer Information. When you establish a Riskalyze account, we ask you for personal information, which may include your name, address, email address, credit card information, phone number, corporate affiliation and other personal information provided by you. We use this data to provide and personalize the Services for you and to bill for the Services provided.
As a representative of other Customers or Users, you may choose to collect or store data or direct another entity to collect or store data for other individuals or entities in Riskalyze and utilize the Services to process that information according to our Terms of Service. In providing or directing another entity to provide information for an individual or entity other than yourself, you certify that you have the appropriate rights, consents, and permissions to do so and accept all liability for damages resulting from inappropriate collection or processing of this information occurring as the result of your action or inaction.
-
Contact Information. In addition to the aforementioned collection of contact information, you may be asked for your email address or other personal contact information for promotions, event registration or to fulfill support requests. We may also acquire your contact information through a third-party service or marketing partner. We will not share your contact information with third parties unless expressly granted permission to do so by you. We use contact information to communicate with you as necessary to provide the services or respond to your requests. We may also use it to send you promotional offers. When communications are not necessary to provide services or respond to your requests, opt-out options will be provided to you at the time of receiving the communication.
-
Log Information. When you access the Services, our servers automatically record certain information in an industry-standard way. These logs may include information such as your web request, your interaction with a service, IP address, browser type, browser language, the date and time of your request, specific fields involved in your request or action and one or more cookies that may uniquely identify your browser or your account. We use logs to improve the quality of our services, maintain our security posture, debug problems, track User trends, and maintain records for compliance with laws or our contract with you or your governing entities.
-
User Communications. Any messages, email, phone, web conference or other communications that you send to Riskalyze or send using the Services may be retained so that we can process your inquiries, respond to your requests or improve the quality of our services.
-
Affiliated Riskalyze services delivered through other sites. Some of the Services may be offered through other third-party websites. Your use of those websites is subject to such third-party privacy policies, but if information that you send to those sites is shared with Riskalyze in order to deliver the Services, we process that information under this Privacy Policy.
-
Aggregated/anonymous information. Riskalyze may also collect or aggregate User information on an anonymous basis, which does not personally identify you, and disclose the aggregate or anonymous data to prospective partners or other outside parties for their use. Riskalyze may also use this aggregate or anonymous information for various other business purposes, including without limitation, the creation and sale of other products to our customers and potential customers.
This Privacy Policy applies to the Services provided by Riskalyze only. We do not have any control over the websites offered by our partners, or sites that integrate Riskalyze services. Those sites are governed by their own privacy policies, which you should read before using them. Although Riskalyze vets its partners and attempts to choose the most secure partners for you, Riskalyze is not responsible for the actions you take to share your information with these third-parties or for any material breach of contract or Data Protection Laws that results from your use of the Services.
In addition to the business uses mentioned above, we may utilize any User data to assist you with support requests, to troubleshoot problems, to meet the obligations of an agreement between you and us, or to monitor and improve the performance and effectiveness of the Services.
We may collect other information about you, informing you of the collection and use at the time of collection. We may also continue to ask you for personal information to renew the fidelity of the information you provided previously, to verify your identity, to provide you with new or improved Services that require additional information, or to improve the Services in new ways. Whenever possible, we will ensure that requests for information are appropriately marked as required or optional as they relate to providing the Services.
Cookies
When you visit a Riskalyze website, we send one or more cookies to your computer or other device. We use cookies to improve the quality of the Services, store user preferences, and track user trends and advertise to potential customers. The table below details the categories of cookies used by Riskalyze, the purpose and uses of those cookies and how to opt-in or out where applicable. To edit your cookie preferences at any time, riskalyze.com/cookies.
Third party cookie providers used include those from Facebook, Google, Hotjar, Hubspot, LinkedIn, Microsoft, OptinMonster, and Twitter.
Type of Cookies Utilized |
Description |
How to Manage Settings |
Strictly Necessary |
These cookies are strictly necessary to the functionality of a website. Examples are authentication cookies used to keep you logged in and those used to increase the security of the site. |
You may opt out by choosing not to use the Services. |
Functional Cookies |
These cookies are used to persist your personal preferences between sessions. Without these cookies, you would need to set these preferences each time you started a new session. |
You may opt-out of these cookies when they are not anonymized.
You are free to change your preferences regarding functional cookies with us at any time by clicking the link in the paragraph above this table to open our preference center. |
Performance Cookies |
These cookies are used to understand how Users interact with the Services, how the Services perform, and to alert us when something goes wrong. |
You may opt-out of these cookies when they are not anonymized.
You are free to change your preferences regarding performance cookies with us at any time by clicking the link in the paragraph above this table to open our preference center.
|
Marketing Cookies |
These cookies are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission. |
You are free to change your preferences regarding marketing cookies with us at any time by clicking the link in the paragraph above this table to open our preference center.
You can also visit the DAA at youradchoices.com or the NAI at optout.networkadvertising.org for additional information about opting-out of marketing-related tracking activities.
|
“Do Not Track" (DNT) Settings
Since there is not yet a common understanding of how to interpret DNT browser settings, the Services do not respond to these settings. Please refer to the other information in this Privacy Policy to appropriately configure your tracking options.
Location of Processing
Riskalyze processes personal information on our servers in the United States of America and may do so in other countries. In some cases, unless otherwise prohibited by a superseding agreement, we may process personal information outside your own country. For more information about where your data may be processed, contact [email protected]
Information Sharing
We do not sell or rent personally identifiable information about current or former Users to third parties. We may share User information with Riskalyze subsidiaries or affiliated companies in order to properly service your account or provide an agreed upon service. In compliance with applicable laws, we may disclose information we collect about our Users and former Users, as described above, to nonaffiliated businesses and service providers such as the following, who we have also shared information with in the last 12 months:
- Companies acting as our service providers, including those used to provide hosting, IT services, data analytics, research, and credit card processing.
-
Companies that perform services for us or on your behalf, including the asset managers, investment strategists and fund companies who manage your assets;
-
Companies who provide a technology service that is integrated with Riskalyze, when you have enabled that integration in your Riskalyze account (you should ensure that you only connect trusted services to your Riskalyze account);
-
Companies that participate in joint marketing activities with us;
-
Financial services companies (such as your custodian and brokers or dealers) who effect transactions on your behalf;
-
Other organizations, with your consent or as directed by your representative or controller; and
-
Companies participating with us in a proposed or actual sale, merger, transfer, or business exchange.
These companies are required to treat your private information with the same high degree of confidentiality that we do and only for the services for which they are engaged.
If you are affiliated with a broker-dealer or enterprise RIA who uses Riskalyze Command Center or its predecessor products, we may connect data about your Clients, portfolios and accounts into their data feeds to assist them in providing compliance and supervision services to you and your firm.
If you are a User, we may share your information with one or more Customers when explicitly granted permission to do so by you. By doing so, you identify yourself as a Client and these Customers as controllers over the shared personal data, potentially preventing us from deleting your personal information without direction from our Customer.
We may also disclose information to non-affiliated parties as allowed by law, when we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce any applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm or damages to the rights, property or safety of Riskalyze, its Users or the public as required or permitted by law. If Riskalyze is ordered by a legal process or government to provide data about one or more individual Users, we will notify those Users of our compliance with that order, to the extent permitted by law.
In addition, we may develop, use, distribute and publish information and statistics derived from your data and the content that you contribute for use on an anonymous, aggregate basis. This particular use of your data and content will not result in the distribution or publication of any personally identifiable information.
Deleting Your Information
We believe that your data belongs to you, and therefore, you may delete your account at any time that you choose. To request that your account be deleted, please contact us at [email protected]e.com. Because of the way we maintain the Services to protect the integrity of your data, residual copies may take a period of time before they are deleted, and your data may remain in our backup systems. However, our systems are architected so that your data will drop out of active use for all the uses that we described above.
Information We Do Not Collect
We do not intentionally collect or process personal information for individuals who are deemed to be children under applicable Data Protection Laws. Customers using the system may direct Riskalyze to process this information only when they follow the appropriate steps as determined by applicable Data Protection Laws. When Riskalyze identifies that information for children has been collected using the Services in a manner that does not comply with applicable law, we will take appropriate steps to delete that information.
Changes to this Privacy Policy
Please note that this Privacy Policy may change from time to time. We will post any changes to the policy at riskalyze.com/privacy and, if the changes are significant in our judgment, we will provide a notification of such changes. Your continued use of the Services or the web site following the posting of any changes to the policies constitute your acceptance of the amended Privacy Policy. If you have any questions about our Privacy Policy, please contact us at [email protected].
Additional Information for California Users
In addition to the information above, we provide the following information to California Users according to our obligations under California data protection laws:
Sources of Personal Information Collected
All of the categories of personal information we collect about you (as detailed below) come from the following types of sources:
- From you or your representatives, including through your use of our services.
- Automatically collected from you or your representatives.
- Automatically through your or your representative’s activity on our websites.
- From our affiliates and subsidiaries.
- From third parties that interact with us in connection with the services we provide.
Categories of Personal Information Collected in the Last Twelve Months
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device. In particular, we collect the following categories of personal information from consumers. We have also collected this information during the twelve (12) months prior to the most recent update of this Privacy Policy:
Category |
Business Purpose for Collection |
Identifiers (e.g., address, date of birth, email, phone numbers, credit card information) |
Marketing (such as to communicate with you about promotional offers or other advertised opportunities, to analyze data, generate aggregate statistics for marketing purposes, social media or other electronic campaigns or communications, co-marketing with partners, to organize and promote events, and other purposes disclosed at the time of collection or agreed upon by you)
Operational (such as to provide the service as advertised or agreed upon, customer service, process payments, improve the services or offer new services, comply with applicable law, identify or prevent fraud or information security incidents, coordinate with third parties and service providers, and any other actions which might be necessary to run a business)
|
Commercial information (e.g., usage and purchasing history and communications between us and you)
|
Marketing (see examples above)
Operational (see examples above)
|
Internet or other similar network activity (e.g., your interaction with our websites and cookie information)
|
Marketing (see examples above)
Operational (see examples above)
|
Inferences drawn from other personal information (e.g., preferences, sentiment or risk tolerance information)
|
Marketing (see examples above)
Operational (see examples above)
|
Your Rights and Choices
Subject to certain restrictions, California residents have certain rights as described below. As a California resident, you also have the right to designate an agent to exercise these rights on your behalf. This section also describes how to exercise these rights and what to expect from us when you do so. If you would like further information regarding your legal rights under applicable law or would like to exercise any of them, please contact us either through our email at [email protected] or call us at 855-RISKALYZE.
Accessing and Deleting Your Personal Information
-
Right to request access to your personal information. California residents have the right to request that we disclose what categories of personal information we collect, use, disclose or sell about you. You may also request the specific pieces of personal information that we have collected about you. However, we may withhold some information where the risk to you, your personal information, or our business is too great to disclose the information.
-
Right to request deletion of your personal information. You may also request that we delete any personal information that we have collected from/about you. However, we may retain personal information as authorized under applicable law, such as personal information required as necessary to provide our services, protect our business and systems from fraudulent activity, to debug and identify errors that impair existing functionality, as necessary for us, or others, to exercise their free speech or other rights, comply with law enforcement requests pursuant to lawful process, for scientific or historical research, for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Of course, we also need certain types of information so that we can provide our services. If you ask us to delete it, you may no longer be able to utilize our services to their full potential.
For security purposes, we may request additional information from you to verify your identity when you request to exercise your California privacy rights so we can reasonably verify you are eligible to make such a request.
We endeavor to respond to a verifiable consumer request electronically within 45 days of its receipt and will notify you if we require more time. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.
If you wish to exercise any of these rights and do not have an account with us, feel free to contact us as discussed above and we will request additional information to perform identity verification where possible. If you are a Client of one of our Customers, please contact them first as we are most often unable to comply without their direction.
Sale of Personal Information
California residents may opt out of the “sale” of their personal information. Riskalyze does not sell your personal information as we understand that term to be defined by the CCPA and its implementing regulations, nor have we done so in the last 12 months.
Non-Discrimination Rights
California residents have the right to not be discriminated against for exercising their rights as described in this section. We will not discriminate against you for exercising your CCPA rights.
Last Modified February 14, 2022