LlamaRisk

Privacy Policy

Privacy Policy

LlamaRisk ("LlamaRisk", "the Organization", "we", "us", "our") is an independent risk analysis group.

This Privacy Policy applies to the website ("LlamaRisk") and its associated subdomains (collectively the "Services"). By accessing or using our Services, you acknowledge that you are at least 16 years old and have read, understood, and agree to the collection, storage, use, and disclosure of your personal information as described herewith. If you disagree with the terms of this privacy policy, please do not access the website.

In the capacity of a personal data controller, the Organization carries out its activities in strict compliance with the legal requirements regarding the users’ personal data protection. Pursuant to the provisions of Art. 13 and Art. 14 of the General Data Protection Regulation (GDPR), LlamaRisk hereby provides the necessary information regarding the collection and processing of your personal data while using this website.

This privacy policy is compliant with the EU General Data Protection Regulation (GDPR), which can be considered a world standard for privacy compliance.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. Any changes or modifications will be effective immediately upon posting the updated Privacy Policy on the Website, and you waive the right to receive specific notice of each such change or modification. You are encouraged to periodically review this Privacy Policy to stay informed of updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes in any revised Privacy Policy by your continued use of the Website after the date such revised Privacy Policy is posted.

1. Definitions and key terms

For the purposes of this Privacy Policy:

  • Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Data subject: a natural person identified or identifiable whose personal data are processed by the controller.
  • IP address: a number assigned to a device connected to the Internet, often identifiable to a geographic region.
  • Personal data: any information relating to an identified or identifiable natural person.
  • Processing: any operation performed on personal data, whether or not by automated means.
  • Processor: a natural or legal person that processes personal data on behalf of the controller.
  • Website: LlamaRisk’s website accessible at https://www.llamarisk.com/.
  • You: a person who accesses, views and navigates the Website.

2. Identity and contact details of the Controller

Controller: LlamaRisk

Contact details: info@llamarisk.com

3. Categories of collected and processed personal data

The categories of personal data we collect depend on how you interact with us, our services, and the requirements of applicable law. Also, if you decide to send emails or other communication to LlamaRisk you may include in that communication some personal data which will therefore be processed by LlamaRisk.

The personal information collected from you generally may include:

  • Network information regarding web activities, including device type, access times, hardware model, operating system and version, and unique device identifiers.
  • Information about plugins you might be using, including those related to the management of cryptocurrency assets and any information provided by them.
  • E-mail address.
  • Standard data provided by your browser (e.g., IP address, browser type and version, and geolocation data).

4. Purposes and legal basis of processing

4.1 Purposes

LlamaRisk collects and processes your personal data to fulfill your request to become a Website user and later manage your profile.

LlamaRisk collects and processes your personal data in compliance with our statutory obligations, including anti-money laundering laws, financial services laws, corporation laws, privacy laws, and tax laws. For the purpose of auditing our internal processes, fraud prevention, and security monitoring (e.g., to detect and prevent cyberattacks or identity theft), processing may include identity verification, payment processing, compliance with court orders, tax laws or other reporting obligations and anti-money laundering controls.

When receiving emails and other communication, LlamaRisk collects and processes your personal data to examine and answer your request.

4.2 Legal basis

If you are in the EEA, we collect and process information about you only where we have a legal basis under EU laws. The legal basis for handling your signup application, managing your personal data as the Website user, and answering emails and other communication is performance of a contract or steps prior to entering into a contract (Article 6(1)(b) GDPR).

5. Storage period

LlamaRisk stores your personal data for a reasonable period of time and never longer than absolutely necessary. In contractual relations, we store your personal data throughout the relationship. Normally, we store personal data for five (5) years, starting from the beginning of the calendar year following the year of termination of the relationship. We may store data longer for reporting, tax and accounting purposes, and to protect legitimate interests. After the expiration of the stipulated terms and if there is no other legal basis, the data will be deleted.

6. Disclosure and transfer of personal data

In strict compliance with legal requirements, LlamaRisk may disclose or transfer your personal data to the following recipients:

  • Service providers: to assist in providing, delivering, and improving the Services.
  • Compliance and legal obligations: in litigation, regulatory proceedings, or when compelled by lawful process; to prevent harm and enforce agreements and policies.
  • Safety and security: to protect against fraudulent, unauthorized, or illegal activity, address security risks and enforce agreements.
  • Business changes: in the event of merger, acquisition, bankruptcy, dissolution, reorganization, or similar transactions.
  • With your consent: where you provide consent.

We may transfer personal data outside the EEA. Where transfers are to countries without an adequacy decision, we will implement appropriate safeguards to ensure your data is treated securely and in accordance with this Policy.

We do not share your information with any third parties for any marketing purposes.

7. Cookie policy

We use cookies to improve your experience on the Website. Cookies are small text files stored on your device. Using traffic log cookies, we can identify frequently used pages to improve the Website. Most browsers accept cookies by default, but you can modify your browser settings to disable cookies. Cookies do not provide personal information unless you choose to provide it. We do not share your personal information with third parties unless we have your permission or are required by law. Cookies help personalize your web experience and content.

8. Your privacy rights

As a data subject under the GDPR, you have the following rights:

  • Right to be informed: receive transparent information about processing activities.
  • Right of access: access your personal data and request a copy.
  • Right to rectification: request correction of incomplete or inaccurate data.
  • Right to erasure: request deletion under certain circumstances.
  • Right to object: object to processing of your personal data.
  • Right to restrict processing: withdraw consent at any time where applicable.
  • Right to data portability: request transfer of your data to another controller when technically feasible.
  • Right of protection: seek judicial or administrative remedy if you believe your rights have been infringed.
  • Rights related to automated decision-making and profiling.

9. Exercising rights related to personal data

You can withdraw consent or object to processing and exercise your other rights at any time by contacting us using the details below. We will respond within one month of receipt; this may be extended by two months where necessary due to complexity or number of requests. We may request additional information to verify your identity.

Contact: info@llamarisk.com

If you are a resident of the EEA, you may direct questions or complaints to your local supervisory authority. UK residents may contact the Information Commissioner’s Office (ICO).

10. Supplemental Notice for California residents

10.1 Applicability

This notice applies to personal data subject to the California Consumer Privacy Act of 2018 (CCPA). California residents can find categories of personal data and disclosures in Sections 3 and 6 above.

10.2 Sales of Personal Information

For purposes of the CCPA, LlamaRisk does not sell personal data, nor do we have actual knowledge of any sale of personal data of minors under 16.

10.3 Additional Privacy Rights

  • Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights.
  • Authorized Agent: You may designate an authorized agent to make requests on your behalf.
  • Verification: We may request sufficient information to verify your identity when you make a request.
  • California Shine the Light: California residents may request, once per year, a list of third parties to whom we disclosed personal data for direct marketing in the prior year, if any.

11. Supplemental Notice for Nevada residents

Nevada residents may opt out of the sale of certain personal data by contacting us with the subject line "Nevada Do Not Sell Request" at info@llamarisk.com. We do not currently sell your personal information as sales are defined in Nevada law.

12. Contact Us

If you have any questions about our privacy practices or this Privacy Policy, or to exercise your rights, please contact us at: info@llamarisk.com