PRIVACY POLICY
1. Introduction
At Moderate Risk (available at moderaterisk.net), we are committed to protecting your personal data and upholding your privacy rights. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize transparency, fairness, and respect in all our data practices.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of moderaterisk.net, and covers all data collected through our website, services, features, and communications. Moderate Risk acts as the “data controller” with respect to the personal data gathered through these means. As a data controller, we determine the purpose and manner in which your data is processed, pursuant to applicable legal standards.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information about how you use our website, which may include IP addresses, browser type, referring/exit pages, date/time stamps, device identifiers, time zone settings, session duration, clickstream data, and pages viewed.
b. Account Data
Details you provide when registering or creating an account, including your full name, mailing address, email address, and telephone number.
c. Profile Data
Information relating to your preferences, interests, purchase history, and behavioral data collected from your interactions with our services.
d. Communication Data
Records of your interactions with us, such as support inquiries, feedback, complaints, or other contact forms submitted through moderaterisk.net or via correspondence with our team.
e. Technical Data
Details about the devices and technology you use to access our services, such as device type, operating system, screen resolution, and browser configurations.
f. Transaction Data
Information relating to purchases and payments, including billing information, order history, payment methods, and shipping details.
g. Preference Data
Your consent choices and marketing preferences, including whether you have opted in to newsletters, product updates, or partner promotions.
4. Legal Bases for Processing
We process your personal data under the following lawful bases, as required by the GDPR:
– Consent: Where you have freely given informed and unambiguous permission for specific processing purposes (e.g., email marketing).
– Contractual Necessity: When the processing is needed to fulfill our contractual obligations or provide services you have requested.
– Legal Obligation: When necessary to comply with legal or regulatory obligations.
– Legitimate Interests: Where our processing is reasonably necessary for our legitimate business interests, provided those interests are not overridden by your rights.
Under the CCPA, we also observe principles of transparency, notice at collection, and your right to opt out of data sales (note: we do not sell your personal data).
5. Your Data Protection Rights
Under applicable data protection laws, you have the following rights in relation to your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You can ask us to correct any inaccuracies in your information.
– Right to Erasure: You may request that we delete your personal data, subject to lawful retention requirements.
– Right to Restriction: You may request limited processing of your data where certain conditions apply.
– Right to Data Portability: You may request to receive your data in a portable format and, where feasible, request that we transmit it to another processor.
– Right to Object: You may object to data processing based on our legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected]. Requests will be responded to in accordance with the requirements of applicable laws, including timelines set by the GDPR and CCPA.
6. Security Measures
We implement a variety of technical and organizational measures to protect your personal data:
– Encryption of data in transit and at rest
– Strict access controls and authentication procedures
– Regular software patching and vulnerability testing
– Routine backups and disaster recovery protocols
– Staff training in compliance and security awareness
While we take all reasonable precautions, no method of data transmission or storage can be guaranteed to be 100% secure.
7. International Transfers
We may process or store your personal data outside your region, including in jurisdictions that may not provide the same level of data protection. In such cases, we implement appropriate safeguards such as European Commission Standard Contractual Clauses or other legally recognized transfer mechanisms to ensure an adequate level of protection.
8. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected:
– Usage Data: up to 12 months for analytics and diagnostic purposes
– Account Data: while the account remains active, and up to 6 years thereafter for legal compliance
– Profile & Preference Data: until you withdraw consent or object to processing
– Communication Data: retained for up to 3 years for support quality and resolution history
– Transaction Data: retained for up to 7 years in compliance with tax and accounting obligations
We periodically review our retention policies to ensure data is not held longer than necessary.
9. Cookie Policy
Moderaterisk.net uses cookies and similar technologies to improve user experience, analyze service performance, and support personalization. Our use of cookies falls into the following categories:
– Essential Cookies: Required for the operation of the website, such as those for login and security functions.
– Functional Cookies: Enable website enhancements like remembering your preferences.
– Analytics Cookies: Help us understand user behavior and improve our services.
– Performance Cookies: Measure website performance and help diagnose technical issues.
10. Cookie Management and Compliance
Under GDPR and CCPA, you have the right to control your cookie settings. Upon visiting moderaterisk.net, you will be presented with a cookie consent banner, allowing you to:
– Accept or decline non-essential cookies
– Manage individual cookie preferences
– Withdraw consent at any time through your browser settings or cookie banner
We honor “Do Not Track” signals where supported and implemented by your web browser.
11. Children’s Privacy
Moderaterisk.net is not directed to children under the age of 13. We do not knowingly collect, use, or disclose personal data from anyone under 13 years of age. If we become aware that we have inadvertently gathered such data, it will be promptly deleted. Parents or guardians who believe their child has provided us with personal data should contact [email protected].
12. Policy Updates and Notifications
We reserve the right to amend or update this Privacy Policy as necessary to remain compliant with changing legal requirements or service updates. Changes will be posted on this page and, where required, we will notify you via email or other appropriate channels. You are encouraged to review this Policy periodically.
13. Contact Us
For questions, concerns, or to exercise any of your rights under this Policy, please contact us at:
Email: [email protected]
Website: https://moderaterisk.net
We are committed to maintaining compliance with GDPR, CCPA, and all applicable privacy regulations. If you have any privacy-related concerns, we welcome you to reach out to us directly at the contact details provided above.