Privacy Statement

RiskChallenger B.V., located at Hardwareweg 3, in Amersfoort, is responsible for processing personal data via the website www.riskchallenger.nl, as shown in this privacy statement. RiskChallenger respects the privacy of visitors to the website and ensures that the personal information you provide to us is treated confidentially. Personal data is processed in a way that is in accordance with the requirements of the General Data Protection Regulation.

What personal data do we process?

- Name and email address, if you sign up for one of our newsletters;

- Name, email and organization if you sign up to participate in a knowledge meeting organized by RiskChallenger or co-organized by RiskChallenger. In some cases, including your mobile phone number.

RiskChallenger processes your personal data because you use our services and/or because you provide them to us yourself.

Why and how do we use Google Analytics?

RiskChallenger uses Google Analytics to track how users use the website. The information, including the address of your computer (IP address), is transferred to and stored by Google on servers in the United States. Read it Google privacy policy for more information. You can also find the Google Analytics Privacy Policy here.

RiskChallenger has concluded a processing agreement with Google. No traceable personal data is shared with Google. All data is encrypted and processed anonymously. Google Analytics cookies are not used in combination with other Google services, such as DoubleClick and AdWords. User IDs are disabled.

Google uses the information to track how our website is used, to provide reports about the Website to RiskChallenger and to provide its advertisers with information about the effectiveness of their campaigns. Google may provide this information to third parties if Google is legally required to do so, or insofar as these third parties process the information on Google's behalf. RiskChallenger has no influence on this.

RiskChallenger has not authorized Google to use Analytics information obtained via RiskChallenger for other Google services.

Why and how do we use HubSpot?

RiskChallenger uses HubSpot as a CRM platform. To do this, HubSpot uses cookies that are described in the cookie statement. For more information, please refer to the HubSpot privacy statement.

Why and how do we use reCAPTCHA?

RiskChallenger uses the reCAPTCHA service from Google Inc. (Google) to protect the website against spam and abuse. In order for Google reCAPTCHA to work, a website visitor's IP address, mouse movements and possibly other data are collected. For this purpose, this information is sent to and processed by Google. By analyzing this information, Google can determine whether we are dealing with a real website visitor or a robot. For more information, please refer to the Google privacy statement.

Why and how do we use LeadInfo?

RiskChallenger uses the Leadinfo service from Rotterdam to measure business use of the website. This service shows company names and addresses based on the IP addresses of website visitors. The IP address is not stored here and only the general business information of companies is provided to RiskChallenger. All data is encrypted and processed anonymously. The collected data cannot be traced back to a specific person or computer.

Why and how do we use Hotjar?

RiskChallenger uses Hotjar to see how users use the website. Hotjar uses cookies that are described in the cookie statement. For more information, please refer to the Hotjar privacy statement.

Social media buttons

On our website, we use social media buttons, which redirect you to the social media platforms. The buttons work on the basis of code from the social media networks. If you want to know what personal data is processed and what the social media platforms do with your data, please read the relevant privacy statement:

How long do we keep your personal data?

RiskChallenger does not store your personal data longer than is strictly necessary to achieve the purposes for which your data is collected. We use the following retention periods for the following (categories) of personal data:

Newsletters:
We keep your name and email address until you indicate that you no longer want to receive the newsletters. We do this to keep sending our newsletters. We use Mailchimp to create and send newsletters and process registrations. Each newsletter contains a link that allows you to unsubscribe. The newsletter subscriber files are not provided to third parties.

Knowledge meetings:
We keep your name, email address, organization and mobile number for a maximum of two years after the end of the event, or after a request for deletion on your part. RiskChallenger uses the collected data to make it possible for you to organize this knowledge meeting.

We keep this information so that we can inform you afterwards about the results of the meeting and to inform you personally about future meetings on the same topic.

Sharing personal data with third parties

RiskChallenger does not sell your information to third parties and only provides it to comply with a legal obligation. We conclude a processing agreement with companies that process your data on our behalf to ensure the same level of security and confidentiality of your data. RiskChallenger remains responsible for these processing operations.

Cookies, or similar techniques, that we use

RiskChallenger uses cookies from ourselves and third parties. Cookies are information files that can be automatically stored on or read from the website visitor's device (such as PC, tablet or smartphone) when you visit a website. This is done via the web browser on the device. We and third parties use cookies to:

· Making the functionality of the website possible (technical and functional cookies);

· Analyze the use of the website and, based on that, make the website more user-friendly (analytical cookies);

· To be able to show personalized ads (marketing cookies).

These cookies collect the following information from you:

· IP address

· Cookie ID

· Application and click behavior

· Referrer URL

When you visit our website for the first time, we show a message explaining cookies. Insofar as we are obliged to do so, we will ask for your consent to the use of cookies.

The table below provides an overview of the cookies we use.

Essential

Analytical

Nom

Provider

Purpose

Expiry

_ga

Google Analytics

Used to distinguish users on the website to see for example the number of visitors or clicks.

2 years.

_ga_

Google Analytics

Used to store and count page views.

2 years.

_guide

Google Analytics

Used to store and count page views.

1 day.

ajs_anonymous_id

Hotjar

Used for analytics and help count how many people visit a certain site by tracking if you have visited before.

1 year.

__hssc

HubSpot

Collects statistical data related to the user's website visits, such as the number of visits, average time spent on the website and what pages have been loaded. The purpose is to segment the website's users according to factors such as demographics and geographical location, in order to enable media and marketing agencies to structure and understand their target groups to enable customised online advertising.

1 day.

__hssrc

HubSpot

Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.

It expires at the end of the session.

__hstc

HubSpot

The main cookie for tracking visitors.

6 months.

hubspot.tk

HubSpot

This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.

6 months.

Marketing

Nom

Provider

Purpose

Expiry

_hjAbsoluteSessionInProgress

Hotjar

Used to detect the firstpageview session of a user.

30 minutes, extended on user activity.

_hjIncludedInSessionSample_ {site_id}

Hotjar

Set to determine if a user is included in the data sampling defined by your site's daily session limit.

2 minutes, extended every 30 seconds.

_hjSessionUser_ {site_id}

Hotjar

Set when a user first lands on a page. Persists the Hotjar User ID which is unique to that site. Hotjar does not track users across different sites.

1 year.

_hjSession_ {site_id}

Hotjar

Holds current session data. Ensures subsequent requests in the session window are attributed to the same session.

30 minutes, extended on user activity.

_hjFirstSeen

Hotjar

Identify a new user's first session, used by recording filters to identify new users sessions.

30 minutes.

hubspot api

HubSpot

This cookie allows the user to access the app with the correct permissions.

The cookie itself is short-lived (5 mins), but the authorization will persist for 28 days if “remember me” is checked, or for 7 days if not checked. After that, we make the user login again.

hubspotapi prefs

HubSpot

This is used with the hubspotapi cookie to remember whether the user checked the “remember me” box (controls the expiration of the main cookie's authentication).

1 year.

hubspotapi-csrf

HubSpot

This is used for CSRF prevention — preventing third party websites from accessing your data.

1 year.

NID

google.com

The “NID” cookie is used to play YouTube videos embedded on the website.

Expires anytime between 6 months to 10 years.

SSID

google.com

Google collects visitor information for videos hosted by YouTube on maps integrated with Google Maps.

Persistent.

SAPISID

google.com

Google collects visitor information for videos hosted by YouTube on maps integrated with Google Maps.

Persistent.

SIDCC

google.com

Security cookie to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data form unauthorized access.

2 years.

SID

google.com

Security cookie to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data form unauthorized access.

2 years.

HSID

google.com

Security cookie to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data form unauthorized access.

2 years.

OTZ

google.com

The “OTZ” cookie is used by Google Analytics to track website traffic information.

1 month.

APISID

google.com

Personalizes Google ads on websites based on recent searches and interactions.

Expires anytime between 6 months to 10 years.

DV

google.com

Used to provide ad delivery or retargeting.

1 day.

1P_JAR

google.com

These cookies are used to gather website statistics, and track conversion rates.

1 month.

_Secure-3PSIDCC

google.com

Targeting cookie. Used to create a user profile and display relevant and personalized Google Ads to the user.

2 years.

_Secure-3PSID

google.com

Targeting cookie. Used to profile the interests of website visitors and display relevant and personalized Google Ads.

2 years.

_secure-3PAPisId

google.com

Profiles the interests of website visitors to serve relevant and personalized ads through retargeting.

2 years.

_Secure ID

google.com

Used by Google to prevent fraudulent login attempts. This also contains a Google user ID which can be used for statistics and marketing purposes following a successful login.

13 months.

View, modify or delete data

You have the right to view, correct or delete your personal data. In addition, you have the right to withdraw your consent to data processing, or to object to the processing of your personal data by RiskChallenger. You also have the right to data portability. This means that you can submit a request to us to send the personal data that we hold about you in a computer file to you or another organization mentioned by you.

You can send a request for access, correction, deletion, data transfer of your personal data or request for cancellation of your consent or objection to the processing of your personal data to privacy@riskchallenger.nl.

If you make a request invoking any of these rights, we will need to verify your identity. We will do this by asking a number of verification questions in a way that is privacy-friendly. We will respond to your request as soon as possible, but within four weeks at the latest.

RiskChallenger points out that you have the opportunity to file a complaint with the national supervisory authority, the Data Protection Authority.

How do we protect your personal data?

RiskChallenger takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. Our applications and systems are secured in accordance with the requirements of current laws and regulations. If you have the impression that your data is not properly secured or there are indications of abuse, please contact us at privacy@riskchallenger.nl.

Age

Our website does not intend to collect information about website visitors who are under 16 years of age, unless they have permission from parents or guardians. If you are convinced that we have collected personal information about a minor without that consent, please contact us at privacy@riskchallenger.nl, then we will delete this information.

Modify the privacy statement

We reserve the right to amend this privacy statement. Changes will be published on this website.

By clicking “Accept”, you agree to the storage of cookies on your device for website improvement, usage analysis and marketing purposes. See our Privacy Statement for more information.

Refuse
Accept