Privacy Notice

We may collect the following information:

• Account information, such as name, work email address, organization name, and login details.
• Work email domain, used to reduce fake accounts and misuse.
• Vendor information submitted by users, such as vendor names, domains, URLs, notes, questionnaire answers, or related business context.
• Evidence uploaded or submitted by users, if evidence upload is enabled.
• AI prompts, questions, answers, generated summaries, and risk explanations.
• Usage data, such as pages visited, actions taken, feature usage, and beta feedback.
• Security and technical logs, such as IP address, browser type, device information, timestamps, and error logs.
• Cookie and analytics data, where applicable.

We use collected information to:

• Provide and operate NetRisk.
• Create and manage user accounts.
• Limit access to work email users during the beta.
• Analyze vendor domains, public signals, submitted evidence, and risk context.
• Provide AI-assisted summaries, recommendations, and trust intelligence.
• Improve product quality, accuracy, usability, and reliability.
• Prevent abuse, spam, unauthorized scanning, or misuse.
• Monitor platform security and troubleshoot errors.
• Respond to user requests and feedback.
• Comply with legal, security, or operational requirements.

NetRisk free beta access may require registration with a work email address. This is used to reduce fake accounts, spam, misuse, and unauthorized activity. Public or personal email domains may be blocked.

The work email requirement does not mean NetRisk verifies that the user is authorized to act on behalf of the entire organization. Users remain responsible for using NetRisk only for lawful business purposes.

Users may submit vendor names, domains, URLs, notes, documents, or other business information for analysis. Users are responsible for ensuring they have a lawful business purpose, authorization, or legitimate third-party risk management interest before submitting this information.

Do not submit secrets, passwords, private keys, unnecessary personal data, regulated sensitive data, or confidential third-party information unless you are authorized to do so.

NetRisk may use AI-assisted features to summarize evidence, classify risks, identify missing context, generate explanations, and support vendor risk analysis.

AI outputs may be incomplete, inaccurate, outdated, or based on limited evidence. Users should review important findings before relying on them.

Where third-party AI providers are used, relevant providers will be listed on the Subprocessors page.

If you submit feedback, comments, screenshots, suggestions, ideas, or improvement requests, we may use them to improve, develop, and refine NetRisk. Please do not submit confidential information in feedback unless you are comfortable with us using it for product improvement.

NetRisk may use cookies and analytics tools to operate the website, understand usage, improve performance, and detect abuse. More information is available in the Cookie Notice.

We may use third-party service providers for hosting, storage, authentication, analytics, email delivery, AI processing, monitoring, and security. A list of relevant subprocessors is available on the Subprocessors page.

We keep information only as long as needed to provide the beta service, improve the product, maintain security, comply with legal obligations, or resolve disputes.

During the free beta, submitted vendor data, usage logs, and AI outputs may be retained for a limited period unless deletion is requested or longer retention is needed for security, abuse prevention, or legal reasons.

More information is available in the Data Retention page.

We use reasonable technical and organizational measures to protect information, including access controls, encryption where appropriate, logging, monitoring, and abuse-prevention controls.

No online service can be guaranteed to be fully secure.

Depending on your location, you may have rights to access, correct, delete, or restrict use of your personal data. You may contact us to request access or deletion of your account or submitted information.

Contact: privacy@netrisk.io

NetRisk and its service providers may process information in different countries. Where applicable, we use appropriate safeguards for international data transfers.

We may update this Privacy Notice as NetRisk evolves. If we make material changes, we may notify users or request renewed acceptance.

For privacy questions, contact NetRisk.io at privacy@netrisk.io.