RepRisk appreciates your visit to our website and your interest in our products and services. Your privacy is important to us and we want you to feel comfortable visiting our site. We take care to protect any personal data we collect, use, or otherwise process, during visits to our site.
In the course of serving you as an individual client or as a visitor to our website, RepRisk may obtain certain personal information about you (“personal data or personal information”). Personal data, as used in Swiss privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Obtaining this information is important to our ability to deliver the highest level of service to you, but we also recognize that you expect us to treat this information confidentially and appropriately.
This policy describes the types of personal information we may collect about you, the purposes for which we use the information, the circumstances in which we may share the information, and the steps that we take to safeguard the information to protect your privacy.
What kind of information does RepRisk collect?
When you visit the RepRisk website, our web server automatically records details about your visit (for example your anonymized IP address, the website from which you visit us, the type of browser software used, the RepRisk website pages that you actually visit including the date, and the duration of your visit).
We collect personal information only when it is voluntarily offered by you and it is reasonably necessary for the purposes of conducting our business. For example, during the course of our business relationship, you might provide your name, address, email address, and contact numbers. If necessary, we may ask you to provide additional information from time to time. We may collect this information from you via webpage, mail, email, telephone, text message, or in person. You can update your preferences at any time.
We do not seek to collect sensitive personal data.
Our website also uses web-analytics tools for website analysis. These tools collect data related to the type of device or browser you are using, your anonymized IP address, and on-site activities to measure user interactions on our website, to get a sense of where in the world visitors to our website come from, and to help us maintain, improve, and develop our services. The information we collect is anonymized and is not shared with the web-analytics tools providers or any other third parties.
When do we collect information?
We collect information from you when you register on our website, request a trial registration to our RepRisk ESG Risk Platform; place an order on our Webshop; subscribe to our mailing list to receive our research, publications, newsletters, and more; respond to a survey; or fill out any other form on our website.
How will RepRisk use your personal data?
- For the purposes of technical administration as well as research and development of the RepRisk Website
- For client and user administration and marketing
- For marketing purposes including direct marketing (for example, to email newsletters) and to inform you about our research, publications and news, as well as products and services that may be of interest or that you may have signed up to receive, where you have consented to receiving such information
- To facilitate our internal business operations, including assessing and managing risk, and fulfilling our legal and regulatory requirements
- To conduct surveys, where you have consented to receiving such information
How do we protect visitor information?
Our website is scanned on a regular basis using Malware Scanning for known vulnerabilities in order to make your visit to our site is as safe as possible.
Your personal information is stored in secured networks and is only accessible by a limited number of RepRisk employees who have special access rights to such systems, and are required to keep the information confidential. In addition, all login attempts and access to sensitive information are logged. All information transferred to and from our information systems are encrypted using the default industry standard encryption.
We implement a variety of security measures when a user places an order, enters, submits, or accesses his or her information to maintain the security and privacy of your personal information.
All payment transactions are processed through a gateway provider and are not stored or processed on our servers.
To whom do we disclose your information collected from the RepRisk Website?
RepRisk is committed to protecting the privacy and confidentiality of your personal information. We limit access to your personal information to authorized RepRisk staff, who, like our service providers are held to stringent standards of privacy. We also maintain physical, electronic, and procedural safeguards to protect the information against loss, misuse, damage or modification, and unauthorized access or disclosure.
International transfers - you should expect that the recipients identified above, which will receive or have access to your personal data, are located inside or outside the European Economic Area ("EEA").
For recipients located in countries which do not adduce an adequate level of protection from a European data protection law perspective, we will take all necessary measures to ensure that access to your personal data and transfers out of the EEA are adequately protected as required by applicable data protection law.
The data transfer to RepRisk affiliates is protected by standard data protection clauses adopted by the European Commission (Art. 46(2)(c) or (d) GDPR).
RepRisk uses commercially reasonable best efforts to abide by applicable laws and regulations in its use of personal data. RepRisk does not sell, trade, or otherwise transfer to outside parties your personal data.
We may disclose your information to governmental agencies or entities, regulatory authorities, or other persons in line with any applicable law, regulations, court order or official request, or under any and for the purposes of any guidelines issued by regulatory or other authorities, or similar processes as either required or permitted by applicable law.
Third-party links: Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Pursuant to applicable data protection law, you may have the right to: (i) request access to your personal data; (ii) request rectification of your personal data; (iii) request erasure of your personal data; (iv) request restriction of processing of your personal data; (v) request data portability; and/or (vi) object to the processing of your personal data (including objection to profiling). Below please find further information on your rights to the extent that the GDPR applies. Please note that these rights might be limited under the applicable local data protection law.
To exercise your rights, please contact us as stated under the below contact details. You also have the right to lodge a complaint with the competent data protection supervisory authority in the relevant Member State (e.g., the place where you reside, work, or of an alleged infringement of the GDPR).
- Email us at firstname.lastname@example.org
- Call us at +41 43 300 54 40