Privacy Policy

Home Privacy Policy

RISC respects your right to privacy and is committed to protecting it. The purpose of this document is to inform you of RISC’s privacy policy with respect to customer data.

Privacy Shield for EU Individuals

RISC is in the process of applying for the US Department Privacy Shield designed by the U.S. Department of Commerce, and the European Commission in order to comply with EU privacy law.  This page will be updated when our application has been approved.

In compliance with the Privacy Shield Principles, RISC, Inc. (RISC), commits to resolve complaints about our collection or use of your personal information.  European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact RISC at:

PrivacyShield@risc-inc.com

RISC has certified that it adheres to the Privacy Shield Privacy Principles of notice, choice, access and accountability for onward transfer for EU Individuals. If there is any conflict between the policies in this privacy policy and the Privacy Shield Privacy Principles, the Privacy Shield Privacy Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page (once approved), please visit https://www.privacyshield.gov.

RISC has designated the Legal Department to oversee its information security program, including its compliance with the EU Privacy Shield program. The Legal Department shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Policy also may be directed to PrivacyShield@risc-inc.com.

All RISC employees who handle Personal Data from EU Individuals are required to comply with the Principles stated in this Policy.

The Federal Trade Commission has jurisdiction over RISC, Inc’s compliance with the Privacy Shield.

Collection of Information

RISC provides various products that may collect personally identifiable information (Personal Data).

RISC Web Site

Personal Data is collected only when you complete the information requested on the Contact RISC page of our web site. This information is collected for the purposes of sending the requested information to you.  RISC does not share this information with any external organization. RISC does not sell or rent your Personal Data, nor will we send you any unsolicited email.

RISC Products

The information collected by RISC products will vary from customer to customer.  In some cases the data collected is provided by you directly to the application.  In other cases, your employer may provide this information to RISC in order to facilitate your access to RISC products and/or training materials provided by your employer.  In general, this data may include: contact information, name, email address, title, work location and other data from an HR system.  This information will never include salary information, credit card data or banking information.  In some RISC products, if you attempt to purchase items through the product you will be asked to provide credit card information.  RISC does not store this information and it is used only for the purpose of completing your purchase.

The purpose of RISC products is to manage training.  Personal Data is collected in order to:

  • Verify your identity for access to training.
  • Provide reporting on the status of training.
  • Facilitate other business purposes required or permitted under applicable law.
  • Satisfy government reporting requirements.

RISC uses server logs that may collect some information about your browser. This information is not personally identifiable to any site visitor and is used internally by RISC for statistical purposes only.  This data is generally purged after 30 days.

RISC does not disclose Personal Data to third parties for purposes that are materially different than the purpose of the original collection.  Please know that RISC may be required to disclose Personal Data to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements.  RISC is liable for appropriate onward transfers of personal data regarding EU Individuals to third parties.

Your Rights

EU Individuals have the right to know what Personal Data is stored about them in RISC databases to ensure that such data is accurate and relevant to the purposes stated for collection.  Upon reasonable request and as required by the Privacy Shield principles, RISC allows EU Individuals access to their Personal Data in order to correct or amend inaccurate data.
When requesting Personal Data changes, Individuals must provide only truthful, accurate and complete information. To request review, erasure or modification of Personal Data, EU Individuals should submit a request to PrivacyShield@risc-inc.com.

RISC has designated the International Centre for Dispute Resolution of the American Arbitration Association as the independent arbiter for non-HR data.  Complaints may be filed at no cost to you.  Please visit http://go.adr.org/privacyshield.html for more information.

If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed by RISC, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.

Cookies

Cookies are small text files that may be stored on your computer as the result of visiting a web site. The RISC web site does not use tracking cookies.  RISC products may use temporary cookies that are automatically cleared when you close your browser.

Hyperlinks

Some RISC products may provide links to third-party websites for your convenience in completing training activities. If you access these links, you will leave the RISC product web site. RISC does not control these sites or their privacy policies, which may differ from those of RISC. RISC does not endorse or make any representations about third-party web sites.