Privacy Policy
AUS and UK Corporate Website Privacy Policy
Last Modified: November 2025
- Information We Collect
- How We Use Your Information
- Sharing Your Information
- Data Retention
- Cross-border Data Transfer
- Your Data Privacy Rights
- Data Security
- Updates to Our Privacy Policy
- Contact Information
Introduction
This Privacy Policy is designed to help you understand how we, Risepoint and our affiliates listed at the end (each referred to as “we”, “us”, “our”), collect, use, and share your personal information when you access our websites, digital platforms and services (“Sites” or “Services”) or otherwise interact with us online.
This policy shall be interpreted in accordance with the law and does not grant you greater rights or imposes on us greater obligations than those afforded or imposed by law. It provides information only as may be required under data privacy laws and is not intended and must not be relied on as a representation, warranty, contract or acknowledgement of a duty of care.
Please read this policy carefully. If you have any questions or if you do not understand anything explained in it, please contact us.
Information We Collect
Personal information or personal data is information about an identified or reasonably identifiable individual. Sensitive information is personal information about an individual’s race, ethnic origin, political opinions, religious beliefs, health information, biometric data and other categories of sensitive information designated by law. What is or is not your personal information will depend on the circumstances and interpretation under local law.
We collect the following types of personal information about you:
Personal Information You Provide
Depending on how you interact with our Sites and Services, we will collect the following personal information that you provide to us:
- Create or sign into an account. If you create an account, we will collect your email address, first and last name, organisation, role, phone number, country and your postcode.
- Sign up for email and other outreach. If you sign up for our communications, we will generally collect your email address, first and last name, organisation, role, phone number, country and your postcode.
- Contact us. If you contact us, we generally ask for your email address, first and last name, organisation, role, phone number, your country and your postcode, and we will process further personal information as we deal with your enquiry.
- Job applications. If you apply for a job with us, we will collect your application information and may collect your bank, tax and social security information.
- Surveys, contests, or promotions. If you participate in these activities, we may collect your contact details and other relevant personal information.
You can remain anonymous if you make a general enquiry by email. However, it will often be necessary to collect your personal information to deal with your enquiry. For example, we may require your details to correctly address you, to manage enquiries coming from the same organisation or to follow up on your enquiry at a later date.
Please note that, unless the circumstances suggest otherwise, we will rely on the information provided by you as accurate, complete and up to date, and we would be grateful if you inform us of any changes. If you provide incorrect information to us, we may be unable to resolve your enquiry, provide our services or otherwise meet your expectations.
Automatically collected Information
We automatically collect certain information from our servers, through cookies and other tracking technologies, third party plug-ins and other tools when you use our Sites and Services, such as the following:
- Usage Information. For example, the pages on the Sites you access, when you open our email or click on its content, the frequency of access, and what you click on while on the Sites.
- Device Information. For example, hardware model, operating system, application version number, and browser.
- Mobile Device Information. Aggregated information about whether the Sites is/are accessed via a mobile device or tablet, and the device type.
- Location Information. Coarse location information of our Site visitors based on your IP address or similar information.
For more information on our cookie usage see our Cookie Policy.
Personal Information We Collect About You from Other Sources
In some cases, we may receive personal information about you from other sources, for example:
- Third party data from marketing partners. We may receive additional information about you, such as demographic data, from third party partners and combine it with other information we have about you.
- Public domain. Information about you that is publicly available, such as on social media, official public records, and other public sources.
- References if you apply for job with us.
How We Use Your Information
We collect, hold, use, disclose or otherwise process your personal information for the following purposes:
| Purpose | Personal information | How collected and held? | Consequences if not collected | Lawful basis (individuals in the UK only) |
|---|---|---|---|---|
| To respond to your enquiry, service support request, data rights request, complaint or other communication. Some of our features allow you to input your information, for example, our “Get in Touch” form. We may take steps to identify you by asking for your name and other details or checking your public profile, where this is necessary in the handling of your enquiry. We may record, transcribe and analyse your customer communications for service, compliance, training and development purposes. | Contact details Details of your enquiryOrganisation details Public data | From you, our records, our third-party communication analysis tools, and from public sources. Information is held in our communication and case management systems. | Unable to efficiently and effectively assist with your enquiry without all necessary information and the use of communication analysis tools. Unable to ensure compliance and service improvement without appropriate records. | Necessary for our legitimate interest in responding to your enquiry, assisting you with our services, keeping a record of transactions and for training and development. |
| To provide our Sites and Services to you, such as our Site and online content. For example, when you visit our Site, your browser will provide certain technical information to enable us to display our content in a compatible manner. | Device and browser data | From you, your device and browser, cookies and similar technologies, data generated by our systems and from third parties, such as our technology providers. Your information is held in our internal systems and relevant third-party systems. | Unable to provide our service without all necessary information and the use of relevant records. Our systems automatically collect and provide information necessary to deliver our online services to your device. If you block cookies and similar technologies in your browser, some of our online services may be reduced. | Necessary for our legitimate interest in providing our online services. Where required by law, we rely on your consent to deploy cookies or similar technologies on your device or to read information on your device. |
| To send you relevant direct marketing communications about our services and our collaborations with third parties, by email, text, or post. | Contact and organizational details | From you, your device. Your information is held in our internal systems and on relevant third-party partner platforms. | Unable to deliver direct marketing without all necessary information. | Necessary for our legitimate interest in promoting our and third party services. Where required by law, we rely on your consent to send you marketing communications. |
| To undertake research, development and analytics, for example, service usage metrics, reviewing your feedback, improving our services, quality assurance, market research, publishing statistical reports, business development, collaborating with third parties, sharing statistical research outputs, and other research. | Feedback Usage dataAll other de-identified information | From you, our records, data generated by our systems, and third parties, such as our analytics partners and providers. Your information is held in our internal systems and on relevant third-party partner platforms. | Unable to conduct research and development without all necessary data, often based on de-identified personal information. | Necessary for our legitimate interest in research and development. Where required by law, we rely on your consent to send you marketing communications, deploy cookies or similar technologies on your device or to read information on your device. |
| To administer our organisation, for example, working with our affiliates, contacting and working with our partners, managing our service providers and our professional advisors, maintaining our technology stack, keeping and updating our records, collecting debt, monitoring compliance with our terms, resolving complaints, and similar activities. We may use our record management systems and engagement tools, identifying opportunities and contacting you. | All necessary personal informationOpportunity records | From you, our records, data generated by our systems, and from third parties, such as our service providers. Your information is held in our internal systems and on relevant third-party systems. | Unable to perform certain tasks, provide services, administer our organisation, use our group’s corporate resources, and comply with the law without all relevant information and without engaging relevant third parties to handle your personal information on our behalf. | Necessary for our legitimate interest in administering our organisation’s operations. |
| To carry on recruitment of staff and contractors, for example, to assess your application, interview you, assess your qualifications, experience and fitness for a particular role, conduct background checks, make hiring decisions, discuss your terms of engagement and similar activities. We use your identifier information only where reasonably necessary to verify your identity as part of recruitment. We may ask for your tax and social security details to set up tax withholding, as appropriate. We may only use these details as authorised under relevant laws. | Application details Bank, tax and social security Identity details Public data Sensitive information (for example, where we wish to accommodate your needs on account of disability). | From you, your recruitment agent, data generated by our systems, public sources, and third parties, such as persons providing a reference or testimonial about you. Your information is held in our internal systems, systems of third parties such as our service provider or recruitment agents. | Unable to identify candidates, make hiring or engagement decisions, ensure correct tax and social security deductions and manage our contactors without all necessary information. | Necessary for our legitimate interest in managing our workforce and accepting job applications, or necessary to take steps prior to entering into a contract with you. |
| To maintain information security of our connected assets and online properties, for example, by monitoring use of our corporate resources, networks and Sites for suspicious activities, blocking access, isolating suspicious objects, preventing malicious software distribution and implementing other technical and organisational security measures to ensure the confidentiality, integrity and availability of information. | Usage data | From your device and browser, collected and generated by our systems, collected and generated by third party systems. | Unable to ensure information security without monitoring user and network activity and collecting relevant information including through server-side tracking and cookies and similar technologies. | Necessary for our legitimate interest in ensuring information security and necessary for our compliance with the law. |
| To comply with the law, a binding decision or direction of a regulator, cooperate with a public authority, comply with mandatory disclosure, exercise legal rights and defend legal claims. | All necessary personal information | Collected from you, our records, third parties, and public sources. | Unable to comply with the law, exercise a right or defend a legal claim without the use and disclosure of your personal information. | Necessary for our compliance with the law or legitimate interest in adhering to best practice. |
We will update this policy to include any new purposes from time to time, and we will obtain your prior consent for such new purposes where we are required to do so by law. We may not require your prior consent if the secondary purpose is related to our primary purpose and reasonably anticipated by you or otherwise authorised or required by law.
Sharing Your Information
We may share your information with subsidiaries and professional advisors (to fulfil your request or provide services as well as obtain any advice related thereto); any organisation you may be affiliated with or your representative; service providers (website hosting and maintenance, technology solution providers, which includes including AI providers, marketing services, and business operations and optimisation); in connection with a merger or sale of our company; and complying with legal processes. We require all third-party recipients to respect the security of your personal information and to treat it in accordance with the law.
We may also share the personal information that we collect about you in the following ways:
- To the extent that we are required to do so by law.
- In connection with any legal proceedings or prospective legal proceedings.
- With any other person or entity where you consent to the disclosure.
Our Sites or Services may link to third-party services not owned or operated by our company. We take reasonable steps to choose reliable service providers who hold your personal information on our behalf. Whilst we take these reasonable steps to implement appropriate measures to safeguard your personal information in the hands of third parties, we are not responsible for third parties and you should read their privacy policies to find more information about how they handle your personal information.
Data Retention
We retain personal information for as long as is necessary to fulfil the purposes for which it was collected, or as authorised or required by law. Unless a shorter period is required under our data retention policy, we will take such steps as are reasonable in the circumstances to delete or de-identify the personal information when it is no longer needed.
Our data retention periods will be determined by data minimisation requirements, the typical duration of data processing for each purpose informed by operational needs, volume, sensitivity of the data, likelihood of harm if misused, any statutory minimum retention period, likelihood of secondary purposes such as legal claims occurring and other relevant criteria.
Cross-border Data Transfer
Our Sites and Services operate on a global scale, and we may transfer your personal information across national borders. In providing its Sites and Services, Risepoint relies on services delivered by its affiliates and service providers in Australia, the EU, Switzerland, UK, US and India.
When we disclose personal information to our recipients overseas, we take reasonable steps to satisfy ourselves of the recipient’s information security and ensure that each recipient will protect your personal information and handle it in accordance with the law. This may include entering into contractual arrangements with the recipient to impose appropriate obligations or satisfying ourselves that they are already subject to laws that offer equivalent protection of your personal information that you can enforce.
If you have any questions or concerns about our cross-border data transfer practices, please contact us at privacy@risepoint.com.
Your Data Privacy Rights
Depending on the data privacy laws of your country, you may have various data privacy rights in respect of your personal information, subject to certain conditions, exemptions and satisfactory verification of your identity.
If you are an individual in Australia, you may also have the following rights in relation to your personal information:
- Right to information as provided by us in this policy.
- Right to remain anonymous, unless this is unreasonable or impracticable in the circumstances.
- Right to withdraw consent at any time where our handling of your personal information is based on your consent.
- Right to access your personal information we hold about you.
- Right correction if you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading.
- Right to opt-out from marketing by using the unsubscribe facility in our communications or by contacting us.
- Right to seek the removal of your tax file number.
- Right to know the source of marketing data.
- Right to complain in accordance with our complaints procedure explained below. If you are not satisfied with our response to a complaint, you may lodge a complaint with the Office of the Australian Information Commissioner.
If you are an individual in the UK, you may have the above-mentioned as well as the following additional rights in relation to your personal information:
- Right to object to our processing of personal information based on our legitimate interest.
- Right to erasure of personal information that is no longer needed.
- Right to restriction of the processing of personal information, for example, where necessary while we deal with your objection.
- Right to human intervention in respect of any automated decision-making without human involvement that significantly affected you.
- Right to data portability from one service provider to another, where applicable.
- Right to lodge a complaint with the UK Information Commissioner’s Office.
In order to make a request regarding your personal information, please contact us at privacy@risepoint.com. We will take reasonable steps to process your request and respond without delay and no later than within one month.
To protect all personal information held by us, we may require you to confirm your identity before resolving your request.
We may refuse requests on certain grounds, for example, if they are unreasonably repetitive, disproportionately demanding or otherwise exempt or if refusing your request is appropriate and lawful in the circumstances. If we refuse your request, we will explain our lawful reason for doing so.
If necessary, reasonable costs may be charged to you where doing so is appropriate and lawful.
Complaints procedure
If you consider that we have interfered with your data privacy, or you are not happy about how we have handled your personal information, please contact us at privacy@risepoint.com.
We will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps which we will take in dealing with your complaint. We will endeavour to do so within 14 days of receipt and work with you to resolve your complaint without delay and generally within one month of receipt.
If you are not satisfied with our response, you may complain to the relevant data privacy authority. If given the nature of your complaint we consider there are other government agencies you could complain to, we will endeavour to inform you of this at the time we respond to your complaint.
Data Security
We implement technical and organisational security measures to protect your personal information from unauthorised access, use, alteration, and disclosure. However, no internet-based site or service can be 100% secure, so we cannot guarantee the absolute security of your information.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Site or Service, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Site like message boards. The information you share in public areas may be viewed by any user of the Site.
Updates to Our Privacy Policy
We may update our Privacy Policy periodically. We will notify you of any changes by posting the new policy on this page. You are advised to review this Privacy Policy periodically for any changes.
Contact Information
Depending on your location, the Risepoint entities responsible for handling your personal information include:
| Risepoint UK Holdings Ltd | 1 St. James Court, Whitefriars, Norwich, Norfolk, United Kingdom, NR3 1RU |
| Risepoint Australia Holdings Pty Ltd | Level 4, 600 Bourke Street Melbourne, Victoria, 3000 |
| Risepoint LLC | 2803 Philadelphia Pike, Suite B PMB 7250, Claymont, Delaware 19703 |
If you have any questions about this Privacy Policy, please contact us via email at info@risepoint.com.
To report a security issue or discovered vulnerability, please email
securityrp@risepoint.com with a description of the issue, the steps you took to create the issue, and if known, mitigations for the issue. Our vulnerability management team will review all reports and acknowledge receiving your email.
To exercise your rights or choices regarding data access, correction, or deletion you may submit a request to privacy@risepoint.com.