Skip to main content

Privacy Policy

Last Updated: January 27, 2025

1. Introduction

Insider Risk Index ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and assessment tools at insiderisk.io (the "Service").

2. Information We Collect

2.1 Assessment Data

When you complete our insider risk assessment, we collect:

  • Organization size and industry (optional)
  • Assessment responses and scores
  • Generated risk index and recommendations

Important: We do not require personally identifiable information to complete the assessment. All assessment data is stored locally in your browser unless you choose to share results.

2.2 Contact Information

If you choose to contact us or subscribe to updates, we may collect:

  • Email address
  • Name (optional)
  • Organization name (optional)
  • Message content

2.3 Analytics Data

We use PostHog for privacy-focused analytics to improve our service. This includes:

  • Page views and navigation patterns
  • Feature usage statistics
  • Device and browser information
  • General geographic location (country/region level)

PostHog is configured to respect Do Not Track settings and does not collect personally identifiable information.

3. How We Use Your Information

We use collected information to:

  • Generate your insider risk assessment results
  • Provide industry benchmarking comparisons
  • Improve our assessment methodology and recommendations
  • Respond to your inquiries and support requests
  • Send updates about new features or research (if subscribed)
  • Analyze usage patterns to enhance user experience

4. Data Storage and Security

We implement appropriate technical and organizational security measures to protect your data:

  • Assessment data is primarily stored in your browser's local storage
  • Server infrastructure is hosted on secure, encrypted platforms
  • We use HTTPS encryption for all data transmission
  • Access to user data is restricted to authorized personnel only
  • We regularly review and update our security practices

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share data only in these circumstances:

  • With your explicit consent
  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety
  • In connection with a business merger or acquisition (with notice)

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

  • Access your personal data we hold
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Export your data in a portable format

6.2 Opt-Out Options

  • Analytics: You can disable JavaScript or use browser privacy settings
  • Email: Unsubscribe links are included in all marketing emails
  • Cookies: Manage preferences through your browser settings

7. Cookies and Tracking

We use minimal cookies and similar technologies:

  • Essential Cookies: Required for site functionality
  • Analytics Cookies: Help us understand usage patterns (PostHog)
  • Local Storage: Stores assessment progress and results locally

You can control cookies through your browser settings. Note that disabling cookies may affect site functionality.

8. International Data Transfers

Our services are primarily hosted in the United States. If you access our Service from outside the US, please be aware that your data may be transferred to and processed in the US, which may have different data protection laws than your jurisdiction.

9. Children's Privacy

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 16, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Information

For questions about this Privacy Policy or to exercise your rights, please contact us:

12. Sponsorship Disclosure

This free assessment tool is sponsored by Above Security. Above Security does not receive or access individual assessment data unless explicitly shared by users through separate business engagement.

← Back to Home