Privacy Policy

This Privacy Policy applies to the public RiskReady Community Edition website at riskready.dev.

It does not govern the data inside a self-hosted RiskReady Community Edition deployment. If you self-host the software, you control that application data and are responsible for how it is stored, processed, and secured.

We may receive basic technical data that is normally generated when you visit a website, such as IP address, browser information, request metadata, and approximate timestamps.

If you contact us directly or interact with the project through linked services such as GitHub, we receive the information you choose to send.

We use limited website information to operate riskready.dev, keep the site available, understand operational issues, and respond to direct enquiries.

We do not use the website as a commercial sign-up funnel, and we do not collect self-hosted community data from your deployment by default.

When you self-host the Community Edition, your risks, controls, policies, evidence, incidents, and other operational records stay under your administration unless you separately connect third-party services.

If you enable AI providers, storage services, or other integrations in your own deployment, their privacy and data-processing terms apply to those integrations.

We do not sell personal data collected through riskready.dev.

Website hosting, GitHub, and similar infrastructure providers may process normal operational data as part of delivering the site and repository services.

You can stop using the website at any time and can choose not to send direct communications to us.

For self-hosted deployments, you control your own retention, deletion, backup, and access policies.

If you have a privacy question about the community website, use the project links on the docs page or the public repository at github.com/riskreadyeu/riskready-community.