RSK LogoRSK SYSTEM
Contact Us
← Return to Home

Privacy Policy & GDPR Rights

Detailed definitions of data processor scopes, user rights under GDPR, segregation rules, and telemetry tracking details.

Privacy Policy and GDPR Brain network data flow

1. Data Processing and Controller Scope

Under EU GDPR regulations, RSK System acts primarily as a Data Processor. The client company purchasing the license acts as the Data Controller. We process database entries, customer records, and operational logs solely under the direct instruction of the controller. No cross-tenant profiling, data selling, or unauthorized marketing operations are performed.

2. Database Segregation & Isolation

To prevent data leaks, each tenant operates inside a logically isolated virtual container. Databases are decoupled using separate encryption keys and partition structures. Physical backups are encrypted at rest using AES-256 standards, preventing lateral security vulnerabilities from crossing tenant boundaries.

3. GDPR Data Subject Rights

All data subjects whose records are processed on our servers retain full rights under Chapter III of the GDPR: the Right of Access (Article 15), Right to Rectification (Article 16), Right to Erasure / To Be Forgotten (Article 17), Right to Restriction of Processing (Article 18), and Right to Data Portability (Article 20). Requests to export or erase contact records can be initiated via secure API channels by the tenant administrator.

4. Telemetry, Analytics, and Cookies

We collect limited technical telemetry to monitor system health and resolve operational bottlenecks. No personal identifiers or CRM conversational logs are used for analytical profiling. Cookies are restricted to functional configuration utilities (such as maintaining the selected language or theme state in the user's local storage).