Risely Privacy Policy
Risely is a cloud-based platform that uses artificial intelligence to help colleges and universities streamline administrative and manual processes. This Privacy Policy applies to the Risely website (www.risely.ai) and the Risely platform.
This Policy explains what personal information we collect from visitors to the Risely website and platform, how we use and share that information, and the rights and choices you have in connection with that information, including how you can limit certain uses and sharing of your information. When we refer to "personal information," we mean information about an identified individual or about an individual whom we could identify. Subject to applicable law, personal information generally does not include publicly available information or anonymized or de-identified data.
This Privacy Policy does not apply to third-party websites, products or services, even if they link to the Risely site or platform. We recommend you review the privacy practices of those third parties before connecting or accessing third party websites and sharing any personal information.
Who You Are
| Role | Definition |
|---|---|
| Site Visitor | Anyone who views our public marketing website without logging in. |
| Advisor | Faculty or staff member who accesses the Risely platform under an institutional contract. |
| Admin | Staff member who access the Risely platform under an institutional contract with administrative privileges. |
Site Visitor Privacy
Types of Information We Collect About Risely Site Users and Why
We may collect the following categories of personal information about Risely Site Visitors, for the purposes stated in the chart.
| Category of Personal Information Collected | Examples | Purpose of Collection and Use |
|---|---|---|
| Device & Network Identifiers | IP address, browser type & version, operating-system string | • Establish secure connection (TLS handshake). • Detect fraud or malicious traffic. • Diagnose performance issues and errors. |
| Internet / Web Activity | Pages viewed, time on page, clicks, referring/exit URLs | • Measure site performance and content effectiveness. • Improve navigation and user experience. |
| Approximate Geolocation | City-level location inferred from IP | • Tailor website language or regional content. • Generate aggregate traffic analytics by geography. |
| Cookie & Tracking IDs | First-party session cookie, analytics token, session-replay ID | • Maintain session state (e.g., keep notification banner dismissed). • Produce aggregated, de-identified usage metrics. • Replay anonymized sessions to debug UX issues (auto-deleted in 30 days). |
| Voluntary Contact Data (webforms only) | Name, email address, school/organization, phone (optional) | • Respond to demo requests or support inquiries. • Send product updates or newsletters when opted-in. • Create a business contact record for sales or partnership discussions. |
Risely does not collect sensitive categories such as Social Security numbers, student records, biometric data, or precise GPS location from Site Visitors.
Sources of Personal Information from Risely Site Users
| Source of Personal Information | How | Categories Captured |
|---|---|---|
| Directly from You | • You type data into a webform (e.g., "Request a Demo"). • You email us or engage in a live-chat widget. | Voluntary Contact Data (name, email, organization, phone) |
| Automatically from Your Browser / Device | • Standard HTTPS requests log IP, user-agent. • First-party cookies set a unique session ID. • HTML5 local-storage stores your banner-dismiss preference. | Device & Network Identifiers · Internet / Web Activity · Cookie & Tracking IDs |
| Embedded Analytics Script (1st-party) | • Lightweight JavaScript records page views, click paths, and approximate geolocation via IP at page load. | Internet / Web Activity · Approximate Geolocation |
| Cloud Hosting & Security Logs | • Reverse-proxy and firewall services log request headers for threat detection and rate-limiting. | Device & Network Identifiers |
Risely does not source Site-Visitor data from data brokers, social-logins, or third-party advertising networks.
Parties To Whom We May Disclose Information About Risely's Site Visitors
We disclose personal information about Risely's Site Visitors as follows, and we may have done so in the past 12 months:
We do not sell personal information about Risely's Site Visitors for money.
| Category of Third Party Recipient | Purpose for Disclosure | Categories of Personal Information Shared |
|---|---|---|
| Service Providers (cloud hosting, error-logging, first-party analytics) | • Host and deliver our website content. • Monitor uptime, diagnose bugs, and compile aggregate traffic metrics. | Device & Network Identifiers · Internet / Web Activity · Cookie & Tracking IDs |
| Government of Law-Enforced Entities | • Comply with subpoenas, court orders, warrants, or other applicable law. | Any category required by the legal request (typically Device & Network Identifiers and basic log data). |
| Successor Entities | • Transfer company assets while maintaining continuity of service under this Policy. | All categories held at the time of the transaction, subject to same privacy commitments. |
Risely does not share Site-Visitor information with advertising networks, data brokers, or social-media "look-alike" partners.
Risely Platform User Privacy (Advisor and Admin)
Risely Platform Users are individuals who have signed up to use Risely, and who are using the Risely Platform when logged into their account. For example, a Risely Platform User is an individual who visits the Risely platform when logged into their account.
Types of Information We Collect About Risely's Platform Users
We may collect the following categories of personal information about Risely Platform Users, for the purposes stated in the chart. We may have done this in the past 12 months.
| Category of Personal Information Collected | Examples | Purpose of Collection and Use |
|---|---|---|
| Account Profile | Name, institutional email, role (Advisor/Admin), SSO identifier, hashed password (if not SSO) | • Authenticate and authorize access. • Personalize workspace and notifications. |
| Institutional Assignment | Caseload roster, department/program affiliation, primary campus location | • Populate Cases Agent • Route alerts and tasks to the correct advisor or team. |
| Platform-Generated Content | Chat prompts, AI snapshots, meeting notes, success-plan documents | • Deliver core product functionality. • Maintain an auditable advising record for the institution. |
| Integration Data (Student Records) | Student ID, grades, attendance, alerts, holds, degree-audit status (pulled from SIS/LMS) | • Generate snapshots, risk alerts, success plans, and automated outreach on behalf of the institution. |
| Usage & Audit Logs | Login timestamps, API calls, actions taken (e.g., "sent nudge"), IP address | • Security monitoring, compliance audits, feature usage analytics. |
| Device & Network Identifiers | IP address, browser/OS user-agent, cookie/session ID | • Maintain secure sessions, detect fraud, optimize performance. |
Sources of Personal Information from Risely Platform Users
| Source of Personal Information | How We Collect | Categories Captured |
|---|---|---|
| Directly from User | Account creation, profile edits, chat inputs, uploaded files | Account Profile · Platform-Generated Content |
| Institution / Admin Provisioning | Bulk CSV import, SCIM, or SSO attribute mapping | Account Profile · Institutional Assignment |
| Connected Systems | API syncs from SIS, LMS, Financial-Aid, CRM | Integration Data (Student Records) |
| Automatic Collection | Browser session cookies, secure server logs | Device & Network IDs · Usage & Audit Logs |
| Co-Pilot Output | AI agents create summaries, success plans, automated emails | Platform-Generated Content (derived from Integration Data) |
How and With Whom We Disclose Platform-User Information
| Category of Third-Party Recipient | Purpose for Disclosure | Categories of Personal Information Shared |
|---|---|---|
| Institutional Administrators | • Provide oversight, audit trails, and reporting within the customer's tenancy. | Account Profile · Institutional Assignment · Platform Content · Usage Logs |
| Service Providers (cloud hosting, AI inference, error logging) | • Host the platform, run AI models, store backups, monitor performance. | All categories as needed, subject to data-processing agreements (DPAs); no selling or advertising use. |
| Government / Law Enforcement | • Comply with subpoenas, warrants, or other legal obligations. | Any category required to satisfy the legal request. |
| Successor Entity (merger, acquisition, bankruptcy) | • Enable continuity of service under equivalent privacy safeguards. | All categories held at transfer, governed by this Policy. |
We do not disclose Platform-User or student data to advertising networks, data brokers, or social-media companies.
Cookies, Pixels, and Session Replay
We use first-party cookies for site performance, authentication, and aggregate analytics. We do not place third-party advertising cookies. We employ lightweight session-replay only to debug site errors; recordings are auto-deleted within 30 days.
Aggregated, De-Identified, or Anonymized Data
We may combine or strip identifying details from collected data to create statistics (e.g., "20% of visitors read our AI whitepaper"). This aggregated information cannot reasonably be used to identify you and may be shared publicly for research or marketing.
Your Privacy Choices
Site Visitors can:
- Access or delete their contact data submitted via webforms by emailing privacy@risely.ai.
- Update communication preferences through the unsubscribe link in emails.
- Control cookies via browser settings; disabling cookies may limit site functionality.
- Exercise state-specific rights (e.g., CCPA, GDPR)
Data Localization
Risely hosts Site-Visitor data in the United States. If you access the site from outside the U.S., you consent to such transfer.
Data Retention
Site-Visitor logs are retained for 12 months; form submissions are stored until you withdraw consent or the business purpose lapses.
Data Security
We employ TLS encryption in transit, encryption at rest, least-privilege access controls, and periodic third-party penetration tests.
Links to Other Websites & AI Technologies
Our site may link to external sites and AI demos. We are not responsible for the privacy practices of those third parties. Please review their policies separately.
Children's Policy
Risely's website is not directed to children under 13. We do not knowingly collect personal information from children.
Notice to California Residents
California residents may request (i) categories of personal information collected, (ii) sources, (iii) business purpose, (iv) categories of third parties shared with, and (v) specific pieces of information collected. We do not sell personal information. See below for how to submit a request.
How to Submit a Request
Email our Privacy Team at privacy@risely.ai. We will verify your identity (email confirmation or signed statement) before processing.
Updates to This Policy
We may update this Policy periodically. Material changes will be posted with a revised "Last updated" date and, where appropriate, notified via email or banner.
Contact Us
Questions? Reach us at privacy@risely.ai