Request a Meeting

Lowers Risk Group: Global Privacy Notice

We are Lowers Risk Group, LLC. We take data privacy very seriously and this privacy notice is designed to help you understand how and why we use your personal information.  

We encourage you to read the whole notice. Alternatively, if you wish to read about specific privacy practices that interest you, please click on the relevant links below.

Table of Contents

1. The purpose of this privacy notice

1.2   Our use of personal information

We will collect, use and share information, including personal information, in connection with providing our services and operating our business.

1.1   Identity

Lowers Risk Group, LLC is incorporated in the Commonwealth of Virginia in the United States of America. Our address is 125 East Hirst Road, Purcellville, VA 20132, United States.   

The Lowers Risk group of companies (Lowers Risk Group) consists of Lowers Risk Group, LLC its subsidiaries and related companies.   

The Lowers Risk Group provides comprehensive enterprise risk management solutions to organizations operating in high-risk, highly regulated environments and organizations that value risk mitigation.  

This privacy notice applies to each member of the Lowers Risk Group.

1.3   This privacy notice

This is our main general privacy notice that applies across our business, although we may publish additional privacy statements that apply to:

  • our operations in specific countries in order to help ensure our compliance with local data protection requirements; or
  • specific services that we offer from time to time.

If an additional privacy statement is relevant to you because of the way in which you engage with us and there is a conflict between the information set out in this privacy notice and the additional privacy statement, then the additional privacy statement will take precedence over the information set out in this privacy notice.

We have a separate privacy notice that sets out how we process the personal information of our staff, which prospective, current and former members of staff should refer to.

For the purposes of this privacy notice, references to our website include the Lowers Risk Group LLC website (www.lowersriskgroup.com) and the websites of other Lowers Risk Group members.

1.4   Updating this privacy notice

We may update this privacy notice at any time. We will take reasonable measures to communicate any substantial changes that we make to this privacy notice to you – for example, by posting an updated version of this privacy notice on our website, or by sending you an updated version of this privacy notice by email. We also encourage you to check this page from time to time for any changes.

This privacy notice is dated October 2024.

1.5   What is personal information?

Personal information is any data relating to an identified or identifiable natural person who can be directly or indirectly identified from that data. This includes obvious things like your name, address and telephone number but can also include less obvious things like analysis of your use of our website. There are different types of personal information. The most important types for you to know about are:

  • Special categories of personal information – these categories of personal information often have additional protection under data protection laws around the world. These categories include information about your health, racial or ethnic origin, political opinions, religious or philosophical beliefs and trade union membership, your genetic data and biometric data, and information concerning your sex life or sexual orientation. Local data protection laws may limit the way in which we can use this information when compared to, for example, your name and address.

  • Criminal convictions information – this is information relating to your criminal convictions and offences. Local data protection laws may restrict the way in which we can use this information when compared to, for example, your name and address.

1.6   Our responsibility to you

We process your personal information in our capacity as a controller. This means that we are responsible for deciding how we hold and use your personal information and ensuring that we comply with relevant data protection laws when processing your personal information.

2. Your personal information

2.1   Why are we collecting personal information about you?

We collect personal information about you in connection with our provision of services and the running of our business more generally. We may hold information about you if:

  • you are (or you represent, work for, or own) a prospective, current, or former investor of a member of the Lowers Risk Group;
  • you are (or you represent, work for, or own) a prospective, current or former customer of a member of the Lowers Risk Group;
  • you are (or you represent, work for, or own) a supplier of products or services to a member of the Lowers Risk Group;
  • you represent a regulator, certification body or government body which has dealings with the Lowers Risk Group; or
  • you attend our events, subscribe to our mail alerts or visit our website (including where you contact us through our website).

2.2   What personal information do we collect about you?

The types of information we process about you may include:

Types of personal information

Details

Individual details

Your name, address, other contact details (for example, email address and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and job category.

Identification details

Identification numbers issued by government bodies or agencies, such as your passport number, tax identification number and driving license number.

Financial information

Bank account or payment card details, income or other financial information.

Credit, anti-fraud and sanctions data

Credit history, credit score and information received from various anti-fraud and sanctions databases relating to you.

Special categories of personal information

Information about your health, racial or ethnic origin, political opinions, religious or philosophical beliefs and trade union membership; your genetic and biometric data; and information about your sex life or sexual orientation.

Criminal convictions information

Information relating to your criminal convictions and offences.

Identifiers

Information which can be traced back to you, such as an IP address, a website tracking code or electronic images of you.

2.3   Where do we collect your personal information from?

We may collect your personal information from various sources, including:

  • directly from you;
  • your employer or the organisation that you represent, work for or own;
  • our customers and service providers;
  • credit reference agencies;
  • anti-fraud databases, sanctions lists, court judgements and other databases;
  • government agencies and publicly accessible registers or sources of information; and
  • by actively obtaining your personal information ourselves, for example through the use of website tracking devices.

The sources that apply to you will depend on why we are collecting your personal information. Where we obtain your information from a third party – in particular, your employer or the organisation that you represent or work for – we may ask them to provide you with a copy of this privacy notice (or, if applicable, a shortened version of it) to ensure you know we are processing your information and the reasons why.

3. Our use of your personal information

3.1   How do we use your personal information and what are our legal grounds for doing so?

We may process your personal information in many different ways – including by collecting, recording, organising, storing, analysing, modifying, extracting, sharing, deleting and/or destroying it.

In this section we set out in more detail:

  • the main purposes for which we process your personal information; and
  • the legal bases upon which we are processing your personal information.

Purpose

Legal bases

For special category and criminal data – preventing or detecting unlawful acts, and suspicion of terrorist financing or money laundering

Know Your Customer and other legal obligations

We may obtain information about our customers and their representatives and beneficial owners and others to help us comply with legislation on money laundering, terrorist financing, and sanctions.

We also collect and disclose personal information under applicable legislation and under orders from courts and regulators. Our disclosures will be to those bodies and persons who are entitled to receive the required information.

In some cases, this information will include special categories of personal information and criminal convictions data.

Legitimate interests.
We have a legitimate interest in using your information where this is necessary or appropriate to operate our business, including to provide our customers with our products and services.

Performance of contract
The processing of your personal information may be necessary in relation to the contract we have entered into with you.

Operating our business

We may collect your personal information in order to operate our business, for example where you are (or where you are employed by or represent) a customer, investor or other business partner of the Lowers Risk Group.

Legitimate interests.
We have a legitimate interest in using your information where this is necessary or appropriate to respond to your enquiries or provide you with information about our business.

Responding to enquiries

We may collect your personal information to respond to enquiries from you and to provide you with information about our business.

Legitimate interests.
We have a legitimate interest in contacting and dealing with individuals involved in providing services to us.

Service providers

We collect information about you in connection with your provision of products and services to us or your position as a representative or worker of a provider of products or services to us.

Legitimate interests.
We have a legitimate interest in processing your information in order to communicate with you about events that you attend and to understand who is attending our events or industry events organised by third parties.

Events

If you wish to attend one of our events, we ask you to provide us with a limited amount of information including your contact details and details about your business or employer, as applicable. We may also collect these types of personal information from other attendees where we attend third party events such as conferences and seminars.

Legitimate interests.
We have a legitimate interest in promoting our business and understanding our relationship with our customers and potential customers. Analysing how you interact with our marketing activities is a reasonable means of doing so.

Consent.
We will comply with applicable marketing legislation when carrying out marketing activities and we will obtain your consent when this is required.

Marketing

We may use your personal information to send you marketing communications such as newsletters, whitepapers or other literature. We may also track how you interact with our marketing activities – in particular whether you click on any of the links in our marketing materials.

Legitimate interests.
We have a legitimate interest in providing to you the facilities on our website that you have requested and in understanding how our website is used and the relative popularity of the content on our website.

Visitors to our website

Our website may invite you to provide us with your personal information such as your name and contact details for example, if you submit a contact form via the website. Where you provide us with your information, we will only use it for the purpose for which it has been provided by you.

Our website uses cookies to help it work more efficiently and to provide us with information on how the website is being used. You can control cookies through the settings or preferences of your browser, as well as through dedicated browser extensions or add-ons.

Legitimate interests.
We have a legitimate interest in making sure our offices, and the people that visit and work at our offices, are safe and secure.

Visitors to our offices

We have security measures in place at our offices, which include building access controls and may include CCTV. Images captured by CCTV are securely stored and only accessed on a need to know basis (e.g. to look into an incident). CCTV recordings are typically automatically overwritten after a short period of time unless an issue is identified that requires investigation (such as a theft).

We require visitors to our offices to sign in at reception and we keep a record of visitors for a short period of time.  Our visitor records are securely stored and only accessible on a need to know basis (e.g. to look into an incident).

We do not generally look to collect special categories of personal information and criminal convictions data for this purpose.

For all information – legitimate interests.
We have a legitimate interest in understanding and establishing our legal rights and obligations.

For special category and criminal convictions data – the establishment, exercise, or defence of legal claims.

Establishing our legal position

We may use and/or release your personal information – including sharing it with our legal advisers – when looking to establish our legal position (including with respect to the data protection authorities that regulate our business).

In some cases, this information may include special categories of personal information and criminal convictions data.

3.2   Failure to provide your personal information to us

We cannot force you to provide your personal information to us and you can choose not to provide us with your personal information. Where we need to collect your personal information by law or in order to process your instructions, provide you with our services or perform a contract we have with you and you decide not to provide that information when requested, we may not be able to carry out your instructions, provide our services or perform the contract we have or are trying to enter into with you. In other circumstances where you choose not to provide us with your personal information we request, your decision not to provide us with your personal information may affect our ability to provide certain of our products and services.

3.3   Consent

We do not generally process your personal information based on your consent (as we can usually rely on another legal basis). Where we do process your personal information based on your consent, you have the right to withdraw your consent at any time. To withdraw your consent please email us at information@lowersrisk.com or, to stop receiving our marketing emails or updates, please click on the unsubscribe link in the relevant email you receive from us. Once we have received notification that you have withdrawn your consent, we will no longer process your personal information for the purpose(s) to which you originally consented unless there is another legal ground for the processing. Please note that where we rely on your consent to process your personal information and you choose to withdraw your consent, your decision may affect our ability to provide certain of our products and services.

3.4   Do we share your information with anyone else?

We do not sell your information. However, we may share your information in the following circumstances:

  • the Lowers Risk Group operates in different jurisdictions worldwide. Where it is necessary or appropriate for the purposes for which we hold your information and we have a lawful basis for doing so, we share your relevant information between members of the Lowers Risk Group. All members of the Lowers Risk Group are covered by this notice and manage your personal information in the manner and to the standards set out in this notice, subject to any local jurisdictional compliance requirements; 

  • in order to operate our business efficiently, we require the assistance of various external service providers, particularly in relation to our IT systems. Some of these services (such as email hosting and data backups) involve the service provider holding and using your personal information. In each case where we share your information with one of our service providers, the service provider is required to keep it safe and secure and make sure it is properly protected. They are also not permitted to use your information for their own purposes;

  • in connection with a sale or business transaction. If we sell our business or undergo another business transaction (such as a reorganisation, merger, joint venture, assignment, transfer, or other disposition of any or all portion of our business, assets, or stock, including in connection with any bankruptcy or similar proceedings), then your information may be shared with, or transferred to, a third party;

  • to protect the rights, property and safety of members of the Lowers Risk Group and others. Such information will be disclosed in accordance with applicable laws and regulations. This includes where we share information with other parties in the context of litigation discovery and in response to subpoenas and court orders; and

  • we share your personal information with other third parties, such as relevant public and government authorities, including regulators and law enforcement bodies, where we are required or requested to do so to comply with legal or regulatory requirements.

4. Other important things you should know

4.1   Keeping your personal information safe

We take security issues seriously. We implement appropriate steps to help maintain the security of our information systems and processes and prevent the accidental destruction, loss, or unauthorised disclosure of the personal information we process.

4.2   Profiling and automated decision making

We do not use profiling (where an electronic system uses personal information to try and predict something about you) or automated decision making (where an electronic system uses personal information to make a decision about you without human intervention).

4.3   How long do we keep your personal information?

We keep your personal information for no longer than is necessary for the purposes described in this privacy notice and, in any event, no longer than we are permitted to under applicable law.

Our retention periods are based on the requirements of relevant data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes.

If you would like further details regarding applicable retention periods, please email us at information@lowersrisk.com.     

4.4   Cross border transfers of your personal information

We are a global business that operates in a number of jurisdictions, including the UK and the USA.  

The global nature of our business means that your personal information may well be transferred across national boundaries, including, potentially, to countries that do not require organisations by law to look after your personal information in the way in which you have come to expect in your own country. Where we transfer your personal information across national boundaries, we will protect your personal information by ensuring that those transfers are made in compliance with all relevant data protection laws. For example, where we transfer your personal information from the UK to a third party that is located in a country that is not recognised by the UK Government as providing an adequate level of data protection, we normally do so subject to safeguards that assure the protection of your personal information, such as standard contractual clauses approved by the UK Government.

If you would like further details of how your personal information is protected when transferred from one country to another then please email us at information@lowersrisk.com

5. Your rights

5.1   Contacting us and your rights

If you have any questions or complaints in relation to our use of your personal information, please email us at information@lowersrisk.com.  

Under certain conditions you may have the right to require us to:

  • provide you with further details on the use we make of your personal information;
  • confirm whether we process personal information about you and (where this is the case) provide you with access to the personal information we hold about you;
  • update any inaccuracies in the personal information we hold about you;
  • delete any of your personal information that we no longer have a lawful ground to use;
  • where processing is based on consent, stop that processing by withdrawing your consent (which you may do at any time);
  • object to any processing based on our legitimate interests unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights;
  • restrict how we use your personal information whilst a complaint is being investigated; and/or
  • transfer your personal information to you or to a third party in a standardised machine-readable format.

In certain circumstances, we may need to restrict your rights to safeguard the public interest (for example, the prevention or detection of crime) and our interests (for example, the maintenance of legal privilege). 

To exercise any of your rights, please email us at information@lowersrisk.com. We will assess any request to exercise your rights on a case-by-case basis and we may ask you for proof of identity or other information before doing so.  

We also are obliged to keep your personal information accurate and up to date. Please help us to do this by advising us of any changes to your personal information.

Please note that if you ask us to delete your personal information, it may take us more time to delete your information from our back-up systems than it does from our active servers. 

Please also note that if you ask us not to process your personal information and unsubscribe from our services such as mail alerts, we may need to keep some information in order to fulfil your request, for example, we will retain enough information about you to ensure that your preference not to receive direct marketing is respected in the future.

5.2   Your right to complain

If you are not satisfied with our use of your personal information or our response to any request by you to exercise your rights, or if you think that we have breached any relevant data protection laws, then you have the right to complain to the authority that supervises our processing of your personal information. 

If you are unsure of the authority that supervises our processing of your personal information then please email us at information@lowersrisk.com.

United Kingdom

Where our operations in connection with the United Kingdom mean that we are subject to the data protection laws in the United Kingdom, our main general privacy notice together with the information set out on this page constitutes our privacy notice for the purposes of our compliance with the data protection laws in the United Kingdom.

This page sets out the additional information, over and above the information set out in our main general privacy notice, that we are obliged to provide to you to comply with local data protection laws in the United Kingdom. It also sets out how our data protection practices differ in the United Kingdom compared to the practices described in our main general privacy notice.

Differences/Additional Information

The authority that supervises our processing of personal information under the data protection laws in the United Kingdom is the UK Information Commissioner’s Office (ICO). Details of the ICO can be found at https://ico.org.uk.

Contact us

If there are any questions regarding this privacy policy you may contact us using the information below.

Lowers Risk Group, LLC
125 E Hirst Road, Suite 3C
Purcellville, VA, 20132
information@lowersrisk.com
Phone (540) 338-7151

Effective date: October 2024

Request a Meeting

Let’s discuss your risk management needs. Please complete the form below and one of our consultants will be in touch to schedule a meeting with you.

For employment-related inquiries view current openings here.

Know Risk

Sign up for The Risk Mitigator and other risk-related news and updates from Lowers Risk Group.

Subscribe Today

Get our latest posts delivered to your inbox: