Website Policy

Ravelin helps businesses detect and address online fraud and other malicious behaviours through integrating our fraud prevention and authentication services (the “Services”) into their websites and mobile applications.

This Policy does not describe our collection and use of data when we provide the Services. For details on how we collect and use information in relation to the Services, see our Privacy Policy.

Information which is collected automatically

Certain information is automatically collected when you visit our Website, this information is needed to help us to operate our Website, for marketing purposes and for improving the user experience on our Website. This information may include:

IP address, device type, browser type, geographic location, referring website, pages visited, and the time(s) that you visited.

Information which is directly provided to us

Our Website may ask you to provide personal information voluntarily, for example in order to access content, subscribe to marketing communications or mailing lists, or to contact us to find out more information about the Services or Ravelin. We may also collect information from you at an event where you have expressed an interest in the Services or in other opportunities to work with Ravelin. This Information may include:

Your name, address, telephone number, email address, company name, job title, company address, marketing preferences, and any other information you choose to provide to us.

We use the data we collect to provide our Website, make improvements to it and analyse information about how it is used. We may also use the information to respond to requests for Ravelin to contact you and to send you content, such as newsletters. We may use the information we collect to:

• Send you marketing communications in accordance with the preferences you have selected, where you have provided your contact details expressly for this purpose or on rare occasions where we legitimately believe you may benefit from further communication.

• Consider, investigate and communicate with you in relation to any requests, concerns or complaints you contact us about.

• Promote our business.

• Measure and understand the effectiveness of the advertising we serve and provide relevant advertising to you.

• Enhance, customise, and improve our Website and Services.

• Administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

• Ask your opinion about our Services.

• For any other reasons which you have explicitly consented to.

Ravelin relies on valid legal reasons for using personal data, depending on how you are interacting with Ravelin or the Website, our legal basis will be one of the following:

Legitimate interest - where we collect and use your personal data, or share it as outlined in this Policy because we have a legitimate reason to do so, such as our legitimate interest in direct marketing or developing our business activities.

Legal obligation - where we are required to do so by law or where we believe it is necessary to protect or enforce our legal rights.

Consent - where we use information about you where you have consented to do so for a specific purpose, such as receiving marketing communications from Ravelin or featured testimonials published with your permission.

Opting out of marketing communications

You can adjust your marketing preferences, or tell us you don't want to hear from us, at any time by clicking the unsubscribe links on any marketing message we send you.

We will always keep your data safe and never sell your information to third parties. There may be circumstances where the information detailed in this Policy is shared with others for the following reasons:

Service providers

We may share limited information about you with our third party service providers, vendors, or other contractors who provide services to us and with whom the sharing information is necessary in order for them to provide their services.

Professional advisors

We may disclose your personal data to our professional advisors, such as lawyers, bankers, auditors and insurers but only where strictly necessary in the course of the professional services they are providing to us - for example, in response to a legal process.

Legal purposes

We may disclose your information where we believe it is required by law or in order to exercise our legal rights - for example, to establish or defend a legal claim.

Corporate affiliates

We may share your information with Ravelin affiliates (any subsidiary, parent company or company under common control) as necessary to provide the Website and only for the purposes described in this Policy. If Ravelin is involved in an acquisition, merger or sale of its business or assets, your information may be shared or transferred as part of that transaction.

What are cookies and what do they do?

Cookies are small text files that are used to store small pieces of information. Each cookie includes the name of the website and a unique ID. They are stored on your device when the Website is loaded on your browser.

These cookies help the Website function properly, make it more secure, provide a better user experience, help us understand how the Website performs and analyse what works and where it needs improvement.

How do we use cookies?

Like most online services, our Website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function in the right way, and they do not collect any personally identifiable data.

The third-party cookies used on our Website are mainly for understanding how the website performs, how you interact with our Website, keeping our services secure, providing advertisements that are relevant to you, and for providing you with a better and improved user experience on our Website.

What cookies do we use?

These are the categories of cookies that we use:

Necessary - Necessary cookies are crucial for the basic functions of the Website and the Website will not work in its intended way without them.These cookies do not store any personally identifiable data.

Functional - Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

Analytics - Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

Advertisement - Advertisement cookies are used to deliver visitors with customised advertisements based on the pages they visited before and analyse the effectiveness of the ad campaign.

Can I change my cookie preferences?

You have the right to refuse or delete cookies. If you wish to see a list of cookies that we use or refuse the use of any cookies, you can change your preferences by clicking on the cookie symbol in the bottom right of the page.

Most browsers also allow you to refuse or delete cookies at any time. If you choose to refuse cookies, you may still use our Website but some functionality and areas may be restricted. How to refuse cookies through a web browser varies between different providers, you should visit your browser's help menu for more information.

You can opt out of being tracked by Google Analytics across all of the websites here.

Your personal data may be transferred, processed and stored in the United Kingdom, United States, Belgium and other countries. We may also process information using cloud services. These countries may have different data protection and privacy laws to the laws of your country and may provide a different level of protection than in your jurisdiction, however Ravelin takes the necessary steps to ensure that your data is always processed in accordance with this Policy and in line with the requirements of applicable law.

If you are a resident in the EEA, UK or Switzerland, we will protect your personal data when it is transferred out of your jurisdiction by ensuring that the third party receiving the data is either based in a territory which has an adequate level of protection as determined by the relevant authority or using appropriate safeguards to protect your personal data, such as standard contractual clauses.

We will retain your personal data where we have an ongoing legitimate legal reason to keep it and for a length of time consistent with the original purpose it was collected for. The appropriate retention period for personal data will depend on a number of factors including, the reason why it was collected, the amount, nature and sensitivity of the data. We will also consider any applicable legal requirements in relation to data retention.

After data is no longer required for the purpose it was collected for or where you have requested for us to delete the data that we hold about you (unless it is still required to be kept by us and a valid exemption applies), we will either delete or anonymise your personal data. If this is not possible (for example, where the data has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until it is possible to delete it.

Depending on where you are a resident, you may have certain rights in relation to the personal data which is held about you. Subject to legal limitations and exemptions that may apply, you may have the right to:

• Access the personal data we hold about you (a “data subject access request”).

• Correct incomplete or inaccurate data we hold about you.

• Ask us to erase the personal data we hold about you.

• Ask us to restrict the handling of your personal information.

• Ask us to transfer your personal information to a third party.

• Object to how we are using your personal information.

Details on how to contact us to exercise any of these rights can be found below in the Exercising Your Rights section of this Policy .

Residents of the EEA, UK or Switzerland

If we have collected and processed your personal information with your consent for a specific purpose, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing which occurred prior to your withdrawal and it will not affect the processing of your personal data on lawful grounds other than consent. To withdraw your consent, all you need to do is follow the instructions in the Exercising Your Rights section of this Policy.

You have the right to complain to a data protection authority about our collection or use of your personal data. You can contact your local data protection authority for more information. The contact details for the data protection authorities for residents in:

• EEA jurisdictions are available here;

• the UK are available here; and

• Switzerland is available here.

Residents of California

The California Consumer Privacy Act (“CCPA”) provides California residents with specific rights regarding their personal information. This section describes your rights and explains how to exercise them.

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the previous 12 months ("right to know"). Once we receive your request and confirm your identity (see Exercising Your Rights), we will disclose to you:

• The categories of personal information we collected about you.

• The categories of sources for the personal information we collected about you.

• Our business or commercial purpose for collecting or selling that personal information.

• The categories of third parties with whom we share that personal information.

• The specific pieces of personal information we collected about you.

You have the right to request that we delete any of your personal information that we have collected and retained (the "right to delete"), subject to certain exemptions. Once we receive your request and confirm your identity (see Exercising Your Rights), we will review your request to see if an exemption allowing us to retain the information applies. We may deny your deletion request if an exemption applies and retaining the information is necessary for us or our service provider(s), for example to detect fraudulent activity or comply with a legal obligation.

You may authorise an agent to submit a request to us on your behalf. Please note that before completing any requests, and in addition to our identification verification process, we will need to verify that your agent has been properly authorised to request information on your behalf which means it may take longer to complete your request.

We will delete or de-identify personal information not subject to an exemption from our records and will direct our service providers to take similar action.

We do not “sell” information, as sales are defined under applicable laws. We will not discriminate against you for exercising any of your CCPA rights.

To exercise any of the rights or options described above, please submit a request to us by emailing us at privacy@ravelin.com.

The request should include your contact information and describe your request in enough detail to allow us to understand, evaluate, and respond to it. You should provide sufficient information that allows us to verify that you are the person about whom we collected the personal data or that demonstrates you are a properly appointed representative. We may need to request additional information in order to verify your identity and we will not be able to honor a request if we cannot verify your identity or authority to make the request.

We will respond to all requests we receive from data subjects wishing to exercise their rights and treat each request according to the requirements of the applicable jurisdiction.

We may update this Policy from time to time in response to changing legal, technical or business developments. Any changes we make to this Policy in the future will be posted on this page and if necessary, notified to you. You can see when this Policy was last updated by checking the “last updated” date displayed at the bottom of this Policy.

You can contact our Data Protection Officer with any questions or concerns about this Policy or our practices at:

Ravelin Technology Ltd

Attn: DPO

5th Floor, 174 - 180 Old Street

London, England

EC1V 9BP

Email: privacy@ravelin.com

We have appointed Ravelin Technology Ireland as our EU Representative, who you can contact at eu.representative@ravelin.com

This Policy was last updated:

July 6th, 2022

Useful links

Privacy Policy