Data confidentiality and compliance
Privacy and security of Customer’s information, including personal data, are a primary concern for RISC Networks. RISC Networks’ data centers adhere to strict regulatory compliance standards such as:
- PCI DSS Level 1
- SAS 70
- ISO 27001
At the end of any engagement, RISC Networks anonymizes data for aggregation reporting.
RISC Networks does not collect personal user data such as:
- User logins or passwords
- Data Files (office documents, text files, etc)
- Email Files
- Database Files
- Any files containing user information
- Application payload information
To the extent that any particular engagement requires the processing of personal data in the EU and their subsequent transfer outside of the EU, RISC Networks, will, as a data processor, upon request, enter into the EU Standard Contractual Clauses for the transfer of personal data to third countries. In addition, RISC Networks is classified as a “Data Processor” under EU privacy laws and shall act only on instructions from its Customer and will have adequate technical and organizational security measures in relation to the processing of any personal data.