Privacy Policy

Our Privacy Commitment

RisksRadarAI is built on a fundamental principle: your data belongs to you. We designed every aspect of our platform — from self-hosted deployment to on-premises AI inference — to ensure organizations maintain complete control over their sensitive data.

Data We Collect

For Self-Hosted Customers

We collect zero data from your deployment. Everything runs on your infrastructure. We have no access to your signals, alerts, cases, or any organizational data.

For Managed SaaS Customers

We process the data you connect through integrations (HR metadata, financial transaction logs, security events, communication metadata). This data is stored in your dedicated, isolated tenant environment. We never access customer data without explicit written authorization.

For All Visitors

Our marketing website collects standard analytics (page views, referral source) via privacy-respecting analytics. We do not use third-party tracking pixels or sell visitor data.

AI & Data Processing

• Local inference mode: All AI processing happens on your hardware. No data is transmitted to external services.
• Cloud inference mode: Queries to external AI APIs are stripped of PII before transmission via the Privacy Router.
• Hybrid mode: Routine analysis uses cloud APIs (PII-stripped). Deep reasoning stays local.
• Communication monitoring: We analyze metadata only (frequency, timing, response latency). We never read message content.

Data Retention

Configurable per tenant. Default: 365 days for signals, 7 years for audit logs (BSA/AML requirement). Automated purging with audit proof.

GDPR, HIPAA, and Regulatory Compliance

RisksRadarAI supports GDPR Article 88 (employee data in employment context), HIPAA (on-premises deployment for PHI), and CCPA/CPRA data subject rights. For self-hosted deployments, you are the data controller and processor.

Contact

Privacy inquiries: privacy@aigovhub.io