Home / Legal
Legal

Privacy Policy

How we collect, use, share, and protect your personal information when you use the Remedy platform and website.

Effective / Last Updated: March 10, 2026 | RiskCognition Corporation | Suite 301, 100 Enterprise Drive, Rockaway, NJ 07866 USA

This Privacy Policy applies to RiskCognition Corporation ("we," "us," or "our"), the operator of the Remedy platform and www.goremedy.ai. We are committed to protecting your privacy and handling your personal information transparently and responsibly.

1. Information We Collect

1.1 Information You Provide Directly

  • Account information: Name, business email address, job title, company name, and phone number when you register or request a demo.
  • Communications: Messages, support tickets, and feedback you send to us.
  • Platform data: Content you input into the Remedy platform, including risk registers, audit findings, compliance data, and workflow information.

1.2 Information Collected Automatically

  • Usage data: Pages visited, features used, time spent, clicks, and navigation patterns.
  • Device and technical data: IP address, browser type and version, operating system, screen resolution, and referring URL.
  • Cookies and tracking technologies: See our Cookie Policy for full details.

1.3 Information from Third Parties

  • Business contact data from data enrichment providers for sales and marketing purposes.
  • Integration data when you connect third-party systems to the Remedy platform.

2. How We Use Your Information

  • Providing, operating, and improving the Remedy platform and website.
  • Processing demo requests, onboarding, and customer support.
  • Sending product updates, security notices, and administrative communications.
  • Marketing communications (with your consent, or where permitted by law).
  • Analytics to understand usage patterns and improve user experience.
  • Compliance with legal obligations and enforcement of our Terms of Service.
  • Fraud prevention and platform security.

3. Legal Bases for Processing (GDPR)

For individuals in the European Economic Area (EEA) and UK, we process personal data under the following legal bases:

  • Contract: Processing necessary to perform our agreement with you (e.g., delivering the platform).
  • Legitimate interests: Fraud prevention, security, and improving our services.
  • Consent: Marketing communications and non-essential cookies (where required).
  • Legal obligation: Compliance with applicable laws and regulations.

4. Sharing Your Information

We do not sell your personal information. We may share information with:

  • Service providers: Cloud infrastructure, analytics, customer support, and payment processors acting under data processing agreements.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate protections.
  • Legal requirements: When required by law, court order, or regulatory authority.
  • With your consent: For any other purpose with your explicit consent.

5. Data Retention

We retain personal data for as long as necessary to provide our services and comply with legal obligations. Typical retention periods:

  • Account data: Duration of the business relationship, plus up to 3 years after termination.
  • Marketing data: Until you unsubscribe or withdraw consent.
  • Log and audit data: Up to 7 years for compliance purposes.

6. International Data Transfers

We are headquartered in the United States. If you are accessing our services from outside the US, your information may be transferred to and processed in the US or other countries. For transfers from the EEA/UK, we rely on Standard Contractual Clauses (SCCs) or adequacy decisions as the legal mechanism.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data ("right to be forgotten").
  • Portability: Receive your data in a machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request that we limit how we use your data.
  • Withdraw consent: At any time, where processing is based on consent.

To exercise any of these rights, submit a request through our Contact page. We will respond within 30 days (GDPR) or 45 days (CCPA).

8. Security

We implement industry-standard technical and organizational measures to protect your personal data, including encryption at rest and in transit, access controls, and regular security assessments. See our Security page for details.

9. Children's Privacy

The Remedy platform is not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised effective date. Continued use of our services after changes constitutes acceptance.

11. Contact Us

RiskCognition Corporation — Privacy Team
Suite 301, 100 Enterprise Drive, Rockaway, NJ 07866 USA
Website: www.goremedy.ai

For GDPR-related inquiries, please identify your request as a "Data Subject Request" via our Contact page.

Questions about this policy? Contact our Legal team.

Contact Us