Get AI-powered risk reports in minutes — no consultants needed.Start Free Trial
RiskLink Logo

Privacy Policy

RiskLink Privacy Policy

Last Updated: October 22, 2025

1. Introduction

Welcome to RiskLink ("we," "our," "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website risk-link.co.uk and our AI-supported risk management and travel security services (collectively, the "Service").

Our Details:

- Business Name: RiskLink

- Address: 4 Waldeck Road, London, SW14 7HF, United Kingdom

- Contact Email: support@risk-link.co.uk

- ICO Registration: [To be completed upon registration]

If you have any questions about this Privacy Policy, please contact us at support@risk-link.co.uk.

2. Legal Basis for Processing

We process your personal data under the following legal bases as defined by the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (GDPR):

- Contract Performance: Processing necessary to provide our services to you

- Legitimate Interests: For business operations, fraud prevention, and service improvement

- Consent: Where you have provided explicit consent for specific processing activities

- Legal Obligations: To comply with applicable laws and regulations

3. Information We Collect

3.1 Information You Provide to Us

We collect information that you voluntarily provide when using our Service, including:

- Account Information: Name, email address, password

- Professional Information: Job title, company name, industry sector, professional affiliations

- Risk Assessment Information: Travel destinations, travel dates, risk tolerance levels, security requirements, business activities

- Payment Information: Billing address and payment card details (processed securely through our payment provider Stripe)

- Communication Data: Information contained in correspondence with us

- User-Generated Content: Any information you input into our platform to generate risk reports

3.2 Information Collected Automatically

When you access our Service, we automatically collect:

- Usage Data: Pages viewed, features used, time spent on the Service, frequency of use

- Device Information: IP address, browser type, operating system, device identifiers

- Cookies and Similar Technologies: See Section 8 below

3.3 Information from Third Parties

We may receive information about you from:

- Payment Processors: Transaction and payment verification data from Stripe

- Business Partners: If you access our Service through a partner organization

- Public Sources: Publicly available information relevant to risk assessments

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Service Provision

  • To create and manage your account
  • To generate AI-supported risk management and travel security reports
  • To provide customer support and respond to your inquiries
  • To process payments and manage subscriptions
  • To send service-related communications and updates

4.2 Service Improvement

  • To analyze usage patterns and improve our Service
  • To develop new features and functionality
  • To conduct research and data analysis
  • To train and improve our AI models (in anonymized form where possible)

4.3 Business Operations

  • To detect, prevent, and address fraud and security issues
  • To enforce our Terms and Conditions
  • To comply with legal obligations and respond to legal requests
  • To protect our rights, property, and safety

4.4 Marketing (With Your Consent)

  • To send promotional communications about new features and services
  • To provide personalized recommendations
  • You may opt out of marketing communications at any time

5. AI Processing and Third-Party Services

5.1 AI-Generated Content

Our Service uses artificial intelligence technology, including OpenAI's ChatGPT, to generate risk management and travel security reports. When you use our Service:

  • Your input data is processed by AI systems to generate personalized reports
  • AI processing may involve third-party AI providers located outside the UK/EEA
  • We implement appropriate safeguards for international data transfers (see Section 7)

Important Notice: AI-generated reports are provided for informational purposes. While we strive for accuracy, AI systems may produce incomplete or incorrect information. You should verify critical information independently and not rely solely on AI-generated content for safety-critical decisions.

5.2 Third-Party Service Providers

We share data with trusted third-party service providers, including:

- OpenAI (ChatGPT): For AI-powered report generation

- Stripe: For payment processing

- Cloud Hosting Providers: For data storage and service hosting

- Analytics Providers: For usage analysis and service improvement

- Email Service Providers: For transactional and marketing communications

- Business Partners: Companies we collaborate with to provide enhanced services

All third-party providers are contractually obligated to protect your data and use it only for specified purposes.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

- Account Data: Retained while your account is active and for a reasonable period afterward for legal and business purposes

- Transaction Data: Retained for at least 7 years to comply with financial and tax regulations

- Marketing Data: Retained until you withdraw consent or request deletion

- Usage Data: Typically retained for 24-36 months for analytical purposes

When data is no longer needed, we will securely delete or anonymize it.

7. International Data Transfers

Our Service is accessible internationally, and your data may be transferred to, stored, and processed in countries outside the UK and European Economic Area (EEA), including the United States.

When we transfer data internationally, we ensure appropriate safeguards are in place:

- Standard Contractual Clauses (SCCs): We use EU/UK-approved SCCs with service providers

- Adequacy Decisions: We rely on adequacy decisions where applicable

- Additional Security Measures: We implement supplementary technical and organizational measures

By using our Service, you acknowledge and consent to international data transfers as described.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

- Essential Cookies: Required for the Service to function properly

- Analytics Cookies: Help us understand how users interact with our Service

- Preference Cookies: Remember your settings and preferences

- Marketing Cookies: Used to deliver relevant advertisements

You can control cookie preferences through your browser settings. However, disabling certain cookies may limit Service functionality.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication requirements
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

10. Your Rights Under GDPR

You have the following rights regarding your personal data:

10.1 Right of Access

You can request a copy of the personal data we hold about you.

10.2 Right to Rectification

You can request correction of inaccurate or incomplete data.

10.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances.

10.4 Right to Restrict Processing

You can request that we limit how we use your data.

10.5 Right to Data Portability

You can request your data in a structured, machine-readable format.

10.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing.

10.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

10.8 Right to Lodge a Complaint

You can file a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or your local supervisory authority.

To exercise your rights, contact us at support@risk-link.co.uk.

11. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected individuals without undue delay
  • Document the breach and our response
  • Take steps to mitigate harm and prevent future breaches

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on our Service

Your continued use of the Service after changes constitutes acceptance of the updated policy.

14. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

15. Business Transfers

If RiskLink is involved in a merger, acquisition, sale of assets, or bankruptcy, your personal information may be transferred as part of that transaction. We will provide notice and ensure continued protection of your data.

16. Contact Us

For questions, concerns, or to exercise your data protection rights, please contact us:

Email: support@risk-link.co.uk

Postal Address: 4 Waldeck Road, London, SW14 7HF, United Kingdom

We will respond to your request within one month of receipt, or inform you if we need additional time.

17. Supervisory Authority

You have the right to lodge a complaint with the UK Information Commissioner's Office:

ICO Website: https://ico.org.uk

ICO Helpline: 0303 123 1113

ICO Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

By using RiskLink, you acknowledge that you have read and understood this Privacy Policy.