PRIVACY POLICY:
1. Introduction:
ErgoRisk ("we","us","our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our application available at https://app.ergorisk.net/ (collectively, the "Service"). It also informs you about your privacy rights under applicable data protection laws, particularly the EU General Data Protection Regulation (GDPR), and how the law protects you. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access or use the Service.
2. Who We Are (Data Controller)
For the purposes of the GDPR and other applicable data protection laws, the Data Controller
responsible for your personal data collected through the Service is:
Full name of legal entity:{ErgoRisk B.V
Email address: umut@ergorisk.net
Postal address: Paul van Vlissingenstraat 10 F, first floor, 1096 BE Amsterdam
If you have any questions about this privacy policy or our privacy practices, please contact us using the details above.
3. What Personal Data We Collect and Why
We collect and process your personal data for various purposes based on specific legal grounds:
Account Creation and Service Provision:
Data Collected: Name, email address, phone number, address, company name and address (if applicable), payment details.
Purpose: To create and manage your account, provide you with access to our services, process payments, communicate with you about your account and service updates, and fulfill our contractual obligations.
Legal Basis (GDPR): Processing is necessary for the performance of a contract with you (Article 6(1)(b) GDPR) or to take steps at your request before entering into a contract.
Legal Basis (GDPR): Your explicit consent (Article 6(1)(a) GDPR). You provide this consent when you opt-in to receive these communications.
Opt-Out: You can withdraw your consent and unsubscribe at any time by clicking the "unsubscribe" link in any email you receive from us or by contacting us directly at {emailAddress}.
Customer Support and Enquiries:
Data Collected: Name, email address, phone number, social media handle (if applicable), and the content of your communication.
Purpose: To respond to your enquiries, provide support, and address any issues you report.
Legal Basis (GDPR): Our legitimate interests (Article 6(1)(f) GDPR) to provide effective customer service and respond to user communications.
Website Usage Analytics (via Cookies):
Data Collected: Information about how you use our website (e.g., IP address, browser type, pages visited, time spent), collected through cookies and similar technologies.
Purpose: To understand how users interact with our website, improve website functionality and user experience, and ensure website security.
Legal Basis (GDPR): Your consent (Article 6(1)(a) GDPR) for non-essential cookies. For essential cookies necessary for website function, our legitimate interest (Article 6(1)(f) GDPR). Please see our separate Cookie Policy for detailed information on the cookies we use and how to manage your preferences.
Business Transfers:
Data Collected: Your personal data relevant to the business operations.
Purpose: In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of that transaction.○
Legal Basis (GDPR): Our legitimate interests (Article 6(1)(f) GDPR) to ensure business continuity. We will notify you if such a transfer occurs and any changes to this privacy policy. If you object, the buyer may not be able to provide services to you.
4. Who We Share Your Data With
We do not sell your personal data. We may share your information with third parties only in the ways described below:
Service Providers: We share data with trusted third-party vendors, consultants, andother service providers who perform services on our behalf, cloud hosting providers like ,email delivery services. These providers are contractually obligated to protect your data and use it only for the purposes we specify.●
Legal Obligations and Safety: We may disclose your information if required by law, regulation, legal process, or governmental request. We may also disclose information if we believe it's necessary to protect the rights, property, or safety of companies, our users, or others.
Business Transfers: As mentioned above, in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
With Your Consent: We may share your information with other third parties when we have your explicit consent to do so.
5. International Data Transfers
Your personal data is primarily stored and processed on our servers located in Frankfurt. If we transfer your personal data outside the European Economic Area (EEA) or the UK to countries not deemed to provide an adequate level of data protection, we ensure appropriate safeguards are in place as required by law. These safeguards typically include:
Using Standard Contractual Clauses (SCCs) approved by the European Commission or
the UK Information Commissioner's Office (ICO).
Transferring data to countries that have received an adequacy decision from the
European Commission or the UK government.
Relying on Binding Corporate Rules (BCRs) for intra-group transfers.
You can request more information about the specific safeguards we use for international transfers by contacting us.
6. How Long We Keep Your Data
We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider:
The amount, nature, and sensitivity of the personal data.
The potential risk of harm from unauthorized use or disclosure.
The purposes for which we process your data and whether we can achieve those purposes through other means.
Applicable legal requirements.
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this
Information indefinitely without further notice to you.7. Your Data Protection Rights (GDPR)
Under the GDPR, if you are within the European Economic Area (EEA) or the UK, you have the following rights regarding your personal data:
Right to Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can request correction of inaccurate or incomplete personal data.
Right to Erasure ('Right to be Forgotten'): You can request deletion of your personal data where there is no compelling reason for us to keep using it.
Right to Restrict Processing: You can request suspension of the processing of your personal data under certain circumstances.
Right to Data Portability: You can request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format applies to data processed based on consent or contract and processed by automated means).
Right to Object: You can object to the processing of your personal data based on our legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Where we rely on consent to process your data, you can withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
Rights related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (unless necessary for entering into/performing a contract, authorized by law, or based on your explicit consent). [Include this if your app uses such processes] To exercise any of these rights, please contact us at umut@ergorisk.net. We may need to request specific information from you to help us confirm your identity. There is usually no fee to exercise these rights, but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
You also have the right to lodge a complaint with a data protection supervisory authority. For the UK, this is the Information Commissioner's Office (ICO). If you are in the EU, you can find your local supervisory authority here: https://edpb.europa.eu/about-edpb/about-edpb/members en
8. Cookies
Our website uses cookies. For detailed information on the cookies we use, the purposes for which we use them, and how you can manage your cookie preferences, please refer to our Cookie Policy.
9. Data Security
We implement appropriate technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, use, alteration, or disclosure.However, please remember that transmission of information via the internet is not completely secure.
10. Changes to This Privacy Policy
We keep this privacy policy under regular review and may update it from time to time. We will notify you of any significant changes by posting the new policy on our website and updating the "Effective Date" at the top. We encourage you to review this policy periodically.
11. Keeping Your Data Accurate
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
PRIVACY POLICY:
1. Introduction:
ErgoRisk ("we","us","our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our application available at https://app.ergorisk.net/ (collectively, the "Service"). It also informs you about your privacy rights under applicable data protection laws, particularly the EU General Data Protection Regulation (GDPR), and how the law protects you. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access or use the Service.
2. Who We Are (Data Controller)
For the purposes of the GDPR and other applicable data protection laws, the Data Controller
responsible for your personal data collected through the Service is:
Full name of legal entity:{ErgoRisk B.V
Email address: umut@ergorisk.net
Postal address: Paul van Vlissingenstraat 10 F, first floor, 1096 BE Amsterdam
If you have any questions about this privacy policy or our privacy practices, please contact us using the details above.
3. What Personal Data We Collect and Why
We collect and process your personal data for various purposes based on specific legal grounds:
Account Creation and Service Provision:
Data Collected: Name, email address, phone number, address, company name and address (if applicable), payment details.
Purpose: To create and manage your account, provide you with access to our services, process payments, communicate with you about your account and service updates, and fulfill our contractual obligations.
Legal Basis (GDPR): Processing is necessary for the performance of a contract with you (Article 6(1)(b) GDPR) or to take steps at your request before entering into a contract.
Legal Basis (GDPR): Your explicit consent (Article 6(1)(a) GDPR). You provide this consent when you opt-in to receive these communications.
Opt-Out: You can withdraw your consent and unsubscribe at any time by clicking the "unsubscribe" link in any email you receive from us or by contacting us directly at {emailAddress}.
Customer Support and Enquiries:
Data Collected: Name, email address, phone number, social media handle (if applicable), and the content of your communication.
Purpose: To respond to your enquiries, provide support, and address any issues you report.
Legal Basis (GDPR): Our legitimate interests (Article 6(1)(f) GDPR) to provide effective customer service and respond to user communications.
Website Usage Analytics (via Cookies):
Data Collected: Information about how you use our website (e.g., IP address, browser type, pages visited, time spent), collected through cookies and similar technologies.
Purpose: To understand how users interact with our website, improve website functionality and user experience, and ensure website security.
Legal Basis (GDPR): Your consent (Article 6(1)(a) GDPR) for non-essential cookies. For essential cookies necessary for website function, our legitimate interest (Article 6(1)(f) GDPR). Please see our separate Cookie Policy for detailed information on the cookies we use and how to manage your preferences.
Business Transfers:
Data Collected: Your personal data relevant to the business operations.
Purpose: In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of that transaction.○
Legal Basis (GDPR): Our legitimate interests (Article 6(1)(f) GDPR) to ensure business continuity. We will notify you if such a transfer occurs and any changes to this privacy policy. If you object, the buyer may not be able to provide services to you.
4. Who We Share Your Data With
We do not sell your personal data. We may share your information with third parties only in the ways described below:
Service Providers: We share data with trusted third-party vendors, consultants, andother service providers who perform services on our behalf, cloud hosting providers like ,email delivery services. These providers are contractually obligated to protect your data and use it only for the purposes we specify.●
Legal Obligations and Safety: We may disclose your information if required by law, regulation, legal process, or governmental request. We may also disclose information if we believe it's necessary to protect the rights, property, or safety of companies, our users, or others.
Business Transfers: As mentioned above, in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
With Your Consent: We may share your information with other third parties when we have your explicit consent to do so.
5. International Data Transfers
Your personal data is primarily stored and processed on our servers located in Frankfurt. If we transfer your personal data outside the European Economic Area (EEA) or the UK to countries not deemed to provide an adequate level of data protection, we ensure appropriate safeguards are in place as required by law. These safeguards typically include:
Using Standard Contractual Clauses (SCCs) approved by the European Commission or
the UK Information Commissioner's Office (ICO).
Transferring data to countries that have received an adequacy decision from the
European Commission or the UK government.
Relying on Binding Corporate Rules (BCRs) for intra-group transfers.
You can request more information about the specific safeguards we use for international transfers by contacting us.
6. How Long We Keep Your Data
We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider:
The amount, nature, and sensitivity of the personal data.
The potential risk of harm from unauthorized use or disclosure.
The purposes for which we process your data and whether we can achieve those purposes through other means.
Applicable legal requirements.
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this
Information indefinitely without further notice to you.7. Your Data Protection Rights (GDPR)
Under the GDPR, if you are within the European Economic Area (EEA) or the UK, you have the following rights regarding your personal data:
Right to Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can request correction of inaccurate or incomplete personal data.
Right to Erasure ('Right to be Forgotten'): You can request deletion of your personal data where there is no compelling reason for us to keep using it.
Right to Restrict Processing: You can request suspension of the processing of your personal data under certain circumstances.
Right to Data Portability: You can request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format applies to data processed based on consent or contract and processed by automated means).
Right to Object: You can object to the processing of your personal data based on our legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Where we rely on consent to process your data, you can withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
Rights related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (unless necessary for entering into/performing a contract, authorized by law, or based on your explicit consent). [Include this if your app uses such processes] To exercise any of these rights, please contact us at umut@ergorisk.net. We may need to request specific information from you to help us confirm your identity. There is usually no fee to exercise these rights, but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
You also have the right to lodge a complaint with a data protection supervisory authority. For the UK, this is the Information Commissioner's Office (ICO). If you are in the EU, you can find your local supervisory authority here: https://edpb.europa.eu/about-edpb/about-edpb/members en
8. Cookies
Our website uses cookies. For detailed information on the cookies we use, the purposes for which we use them, and how you can manage your cookie preferences, please refer to our Cookie Policy.
9. Data Security
We implement appropriate technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, use, alteration, or disclosure.However, please remember that transmission of information via the internet is not completely secure.
10. Changes to This Privacy Policy
We keep this privacy policy under regular review and may update it from time to time. We will notify you of any significant changes by posting the new policy on our website and updating the "Effective Date" at the top. We encourage you to review this policy periodically.
11. Keeping Your Data Accurate
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.