Data Confidentiality and Compliance
Privacy and security of Customer’s information, including personal data, are a primary concern for RISC Networks. RISC Networks’ data centers adhere to strict regulatory compliance standards such as:
At the end of any engagement, RISC Networks anonymizes data for aggregation reporting.
RISC Networks does not collect personal user data such as:
|
•
|
User sign ins or passwords |
|
•
|
Data Files (office documents, text files, etc) |
|
•
|
Any files containing user information |
|
•
|
Application payload information |
To the extent that any particular engagement requires the processing of personal data in the EU and their subsequent transfer outside of the EU, RISC Networks, will, as a data processor, upon request, enter into the EU Standard Contractual Clauses for the transfer of personal data to third countries. In addition, RISC Networks is classified as a “Data Processor” under EU privacy laws and shall act only on instructions from its Customer and will have adequate technical and organizational security measures in relation to the processing of any personal data.