Privacy Policy
Last updated: June 4, 2026
1. Introduction
RISK IRIS LIMITED ("Risk Iris", "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, process, and protect personal data in connection with our compliance screening services, website, and business relations.
2. The Types of Data We Process
We process data under two main categories:
A. Account and Administrative Data: Information about our users (compliance officers, clients, waitlist registrants), including name, business email address, company affiliation, billing details, and interaction logs.
B. Screening Data: Information inputted by our users for screening purposes (e.g., search target names, aliases) and the resulting screening profiles compiled from publicly available sanctions watchlists, regulatory enforcement lists, Politically Exposed Persons (PEP) registers, and open-source media articles.
3. Legal Basis and Purposes of Processing
We process personal data to fulfill our contractual obligations with clients, to comply with legal responsibilities, and for our legitimate business interest in providing anti-money laundering (AML) and compliance risk management tools.
We use the data to:
- Manage accounts, verify users, and provide access to the platform.
- Execute queries against sanctions databases and analyze public news for adverse media mentions.
- Optimize and improve our NLP categorization, noise reduction filters, and search capabilities.
4. Data Retention and Security
We prioritize data security. All data transmitted to or from our servers is encrypted in transit (TLS) and at rest. Screening logs and inputs are stored securely and kept only as long as necessary to perform the screening service, satisfy client contract requirements, or meet statutory storage obligations.
5. Sharing of Data
We do not sell, rent, or trade your personal data. We may share data with trusted third-party service providers (such as hosting, database, and payment processing partners) who operate strictly under data protection agreements in compliance with UK GDPR and relevant regulations.
6. Your Rights Under UK GDPR / GDPR
Depending on your location, you have rights regarding your personal data, including the right to request access, rectification, erasure, restriction of processing, and portability of your personal data. To exercise any of these rights, please contact our data compliance officer at the email address listed below.
7. Contact Information
If you have any questions or complaints about our privacy practices, please contact us at:
RISK IRIS LIMITED
14859, 182-184 High Street North, London, United Kingdom, E6 2JA
Email: info@riskiris.com