Privacy Policy for Questionnaire Participants
Last updated: October 2025
1. Introduction
Risqly (“we”, “our”, “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard the information you provide when participating in our Customer Health Review or other related questionnaires and research activities.We are the data controller responsible for the personal information collected through this process and ensure that it is handled in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data We CollectWhen you take part in our questionnaire, we may collect and process the following personal data:
Email address – used to communicate with you regarding participation, next steps, and incentives.
Questionnaire responses – your answers, opinions, and feedback shared during the process.
Optional information – any additional details you voluntarily provide.
We do not collect any special category (sensitive) data unless explicitly stated and with your prior consent.
3. How We Use Your DataWe use your personal data for the following purposes:To administer and manage the questionnaire process.
To contact you regarding selection, interviews, demonstrations, or rewards related to participation.
To analyse feedback and improve our products, services, and customer experience.
To fulfil any legal or regulatory obligations.
Your information will not be used for marketing purposes unless you have explicitly opted in to receive marketing communications.
4. Legal Basis for ProcessingWe rely on the following lawful bases under the UK GDPR to process your personal data:Consent – by completing the questionnaire, you give us permission to collect and use your data for the stated purposes.
Legitimate interests – we may process your information to help us improve our services, provided this does not override your fundamental rights and freedoms.
5. Data Storage and SecurityWe take data security seriously and have implemented appropriate technical and organisational measures to protect your personal data from unauthorised access, alteration, disclosure, or destruction.Your data is stored securely within the United Kingdom or, where necessary, in countries that provide an adequate level of data protection as determined by the UK government.
6. Data RetentionWe will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law.In most cases, questionnaire and communication data will be retained for up to 12 months following collection. After this period, your personal data will be securely deleted or anonymised.
7. Sharing Your DataWe will never sell or rent your personal data to third parties.We may share your data only with trusted third-party service providers who assist us in managing the questionnaire process, data storage, or communications. All third parties are contractually required to handle your data in compliance with the UK GDPR and this Privacy Policy.In certain limited circumstances, we may disclose your data where required to comply with legal obligations or protect our rights.
8. International Data TransfersIf we transfer your personal data outside of the United Kingdom, we will ensure that appropriate safeguards are in place — such as UK-approved Standard Contractual Clauses (SCCs) — to protect your information and maintain compliance with data protection laws.
9. Your Data Protection RightsUnder the UK GDPR, you have the following rights regarding your personal data:
Right of access – to request copies of the personal data we hold about you.
Right to rectification – to have inaccurate or incomplete data corrected.
Right to erasure – to request the deletion of your personal data (“right to be forgotten”).
Right to restrict processing – to limit how your data is used in certain situations.
Right to object – to object to processing based on legitimate interests.
Right to data portability – to request a copy of your data in a structured, commonly used, and machine-readable format.
To exercise any of these rights, please contact us using the details below.
10. Contact UsIf you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact:
Data Protection Officer
Your Name: Nicola Towse
Email: nicola@risqly.com
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection:
Website: https://ico.org.uk
Telephone: 0303 123 111311.
Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with an updated “last revised” date.We encourage you to review this policy periodically to stay informed about how we protect your information.
11. Waitlist Sign-Up
11.1 Purpose of Collection
If you choose to join our waitlist (for example, by submitting your email address to be notified when Risqly becomes available), we collect and use your information solely to:
Notify you when our platform launches or becomes available to you.
Share occasional updates about the product and relevant features.
Offer you the option to participate in early-access or beta programmes.
We process this information on the lawful basis of consent (you voluntarily provide your details) and legitimate interest (to communicate about the service you expressed interest in).
11.2 Data Storage and Security
Your email address is stored securely and accessible only to authorised members of our team and trusted third-party service providers who assist with email delivery and waitlist management.
We apply appropriate technical and organisational measures to protect your information against unauthorised access, alteration, or deletion.
11.3 Data Retention
We retain your email address only for as long as necessary to fulfil the purposes described above. Once you have been notified and either become a customer or request removal, we will securely delete or anonymise your details. If you remain inactive after notification, your information may be removed after 12 months unless you request to stay on the list.
11.4 Sharing and Third Parties
We do not rent, sell, or lease your email address to any third party.
Your information may be shared with service providers (for example, our email delivery platform) who process it strictly under our instructions and in compliance with data protection laws.
Where data is transferred outside of the UK or EEA, appropriate safeguards such as Standard Contractual Clauses (SCCs) are applied.
11.5 Your Rights
You have the right to:
Access, correct, or request deletion of your personal information.
Withdraw consent or unsubscribe from waitlist updates at any time by following the link in our emails or contacting us directly.
Lodge a complaint with a supervisory authority if you believe your data is being processed unlawfully.