Privacy Policy
Responsible Cyber Pte. Ltd.
Effective Date: 17 July 2022
Review Date: 21 June 2025
Introduction
Responsible Cyber Pte. Ltd. (“we” or “us”) is the owner and operator of https://riskimmune.com (the “Website”).
As part of our core mission to help businesses mitigate cyber risks, we are committed to safeguarding the privacy of our customers and users of our Website, products, and Services, including our cloud-based offerings, platforms, social media, communications, web-based tools, and mobile applications (collectively, the “Services”).
This Privacy Policy explains how we collect, process, and share personal information (“Personal Data”) through our Services and your rights concerning that data.
Scope of This Policy
This Privacy Policy applies whenever Responsible Cyber Pte. Ltd. is the Data Controller, meaning we determine the purposes and means of processing your Personal Data. We may also act as a Data Processor, processing data on behalf of another organisation, such as your employer, which will then serve as the Data Controller. For such cases, please refer to the privacy policy of that respective organisation.
You can reach our representative and Data Protection Officer, Magda Chelly, at:
📧 [email protected]
We update this policy periodically to reflect changes in law, practices, and technology.
Information We Collect
1. Information You Provide
We collect data you directly provide, such as:
-
Personal information (e.g., full name, date of birth, photo)
-
Contact details (e.g., email, phone, work address, company, title)
-
Account credentials (e.g., user ID, passwords)
-
Uploaded or shared content (e.g., documents, messages, community posts)
-
Payment details (processed securely via third-party providers)
-
Recruitment data (e.g., CVs, references, qualifications, interview materials)
-
Insurance interactions via the Website
2. Information Collected Automatically
We automatically collect technical data for security and analytics purposes, such as:
-
IP address, browser, device type
-
Operating system, mobile carrier, session duration
-
Behavioural analytics (e.g., interactions, navigation patterns)
3. Information from Third Parties
We may obtain personal data from:
-
Business or marketing partners
-
Service providers (e.g., insurers, cloud providers)
-
Third-party integrations connected through our Website
If you provide someone else’s data, you must have their consent. Report any concerns to: 📧 [email protected]
Purposes of Data Processing
Contractual Obligations
To initiate and maintain customer relationships, provide account support, deliver product alerts, process transactions, and communicate effectively.
Legitimate Interests
To:
-
Operate, manage, and improve our Website and Services
-
Detect and prevent fraud or misuse
-
Support internal audits, analytics, and training
-
Enhance user experience and develop new features
Legal Obligations
To comply with:
-
Data protection regulations (e.g., PDPA, GDPR)
-
Financial and tax recordkeeping requirements
-
Legal investigations and incident reporting
With Consent
For specific activities such as direct marketing, we seek your explicit consent. You may withdraw it at any time.
Marketing and Communications
Where legally permissible, we may contact you with relevant product and service updates. You may opt out anytime by:
-
Emailing: 📧 [email protected]
-
Following unsubscribe links in our messages
Use and Confidentiality of Customer Data
Customer Data uploaded via our Website is:
-
Owned and controlled by you
-
Treated as strictly confidential
-
Processed solely in accordance with our agreements
We only share Customer Data with law enforcement when legally compelled to do so and ensure compliance with data access requests through due diligence.
Sharing of Personal Data
We do not sell your personal data. We may share your data only:
-
With your consent
-
With authorised service providers (e.g., payment processors, analytics vendors)
-
For legal compliance, fraud prevention, or emergency response
-
In the case of mergers, acquisitions, or asset transfers
-
With affiliated companies within our corporate group when needed for service delivery
-
In anonymised or aggregated forms that do not identify you
We may also monitor or record interactions (calls, emails, screen recordings) for compliance, support, or training purposes.
Data Transfers Outside the EEA
If you’re located in the EEA, your data may be transferred to jurisdictions outside the EEA (e.g., Singapore). In such cases, we implement:
-
Approved contractual safeguards
-
Transfer to authorised processors only
By using our Services, you consent to such transfers under this Policy.
Data Retention
We retain Personal Data:
-
As long as necessary to maintain service relationships
-
As long as required by law or contractual obligations
-
Until legitimate business needs cease
Once the data is no longer needed, we will delete or anonymise it securely.
Data Security
We use organisational, technical, and administrative measures to protect your data, including:
-
Industry-standard encryption (TLS/SSL)
-
Access controls and monitoring
-
Anonymisation where feasible
While we take reasonable precautions, no method of online transmission is entirely secure.
Breach Response
We have an incident response plan for Personal Data breaches, including:
-
Notification to affected individuals and authorities (as required by law)
-
Investigation and remediation steps
-
Documentation of actions taken
Children’s Privacy
Our Website is not intended for children under 13. If you believe a child has submitted data, contact us immediately.
Your Rights
Depending on your jurisdiction, you may:
-
Request access to your Personal Data
-
Correct or update inaccuracies
-
Request data deletion (subject to legal exceptions)
-
Object to certain processing
-
Request data portability
Please contact 📧 [email protected] to exercise these rights.
Cookies and Tracking Technologies
We use cookies and similar technologies to:
-
Improve your browsing experience
-
Gather analytics on website usage
-
Facilitate Service functionality
You can manage your cookie preferences through your browser. For more, visit www.aboutcookies.org.
Policy Updates
This policy may be updated from time to time. Changes will be posted here and, if significant, we may notify you. Continued use of our Services constitutes acceptance of changes.
Third-Party Websites
Our Website may contain links to external sites. We are not responsible for the privacy practices or content of those sites.
Accessibility
If you require this policy in a different format (e.g., audio, braille), please contact us.
Notice to End Users (Enterprise Accounts)
Where the Services are provided by an organisation (e.g., employer), that organisation may control account settings, access, and user data. Please contact your administrator for privacy-related matters in such cases.
Complaints and Contact
We conduct regular internal audits of our privacy practices. For questions or concerns, reach us at: