Privacy Policy

Risk Vizon LLC | Last updated: June 2026 | Applicable law: Swiss Federal Act on Data Protection (FADP / nDSG, in force September 2023) and, where applicable, EU GDPR

        In plain terms: We collect only what we need, we use it only for the purpose stated, we do not sell it to anyone, and we store it on servers in Switzerland. You can ask us to delete it at any time.
    

1. Controller

The entity responsible for processing your personal data is:

Risk Vizon LLC (GmbH)
Zurich, Switzerland
Email: info@riskvizon.com
Website: www.riskvizon.com

2. What Data We Collect and Why

We collect personal data only when you actively provide it. We do not collect data automatically beyond what is technically necessary to serve the website.

Purpose	Data collected	Legal basis (FADP)	Retention
Contact / Demo request contact.php, demo.php	First name, last name, work email, company name, country, message	Legitimate interest (responding to your enquiry)	24 months from last contact
White paper download risk_resources.php	First name, last name, work email, company name	Consent (you actively submit the form)	36 months
Email verification (OTP)	Email address, OTP code (hashed), IP address (session only)	Consent / contract performance	Deleted immediately after verification
Website analytics Google Analytics GA4	Anonymised IP, pages visited, session duration, browser/device type	Legitimate interest (improving the website)	14 months (GA4 default)
Server logs	IP address, timestamp, page requested, HTTP status (Infomaniak hosting)	Legitimate interest (security, error diagnosis)	30 days

3. Cookies

We use the following cookies:

Session cookies (PHP): Strictly necessary — store your OTP verification state during a single visit. Deleted when you close the browser. No consent required.
Google Analytics (_ga, _gid, _ga_*): Analytics cookies that help us understand how visitors use the site. No personally identifiable information is sent to Google. These cookies are set only after page load and are subject to Google's Privacy Policy.

We do not use advertising, remarketing, or profiling cookies. We do not use cookies to track you across other websites.

4. Data Transfers Outside Switzerland

Your personal data is processed primarily in Switzerland on servers operated by Infomaniak Network SA, Geneva, Switzerland.

Google Analytics transfers anonymised usage data to Google LLC (USA). The USA is not deemed adequate under the FADP; however, Google participates in the EU–US Data Privacy Framework and provides standard contractual clauses. IP anonymisation is enabled.

No other international data transfers take place.

5. Data Sharing

We do not sell, rent or trade your personal data. We share it only with:

Infomaniak Network SA — web and application hosting (Switzerland), as a data processor under a data processing agreement.
Google LLC — anonymised analytics data only (see §4 above).
Swiss authorities — only if required by law or court order.

6. Your Rights Under the FADP

As a data subject under Swiss law you have the right to:

Access — request a copy of the personal data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete your data (subject to legal retention obligations).
Restriction — ask us to restrict processing while a dispute is resolved.
Portability — receive your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interest.
Withdrawal of consent — where processing is based on your consent, you may withdraw it at any time without affecting prior processing.

To exercise any right, contact us at info@riskvizon.com. We will respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC) at www.edoeb.admin.ch.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

HTTPS/TLS encryption on all data in transit.
OTP codes are hashed using PHP password_hash() and are single-use with a 15-minute TTL.
White paper download tokens are single-use and expire within 5 minutes.
Server access is restricted to authorised personnel. Infomaniak holds ISO 27001 certification.

8. Third-Party Links

Our website contains links to external websites (e.g. BIS, FINMA, EBA). We are not responsible for the privacy practices of those sites. We recommend reviewing their privacy policies independently.

9. Children

Our website is directed at business professionals. We do not knowingly collect personal data from persons under 18 years of age.

10. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. The date at the top of this page indicates when it was last revised. Material changes will be notified via a notice on this page.

Data Protection Contact
Risk Vizon LLC | Zurich, Switzerland
info@riskvizon.com | www.riskvizon.com