Last updated: June 2026
When you submit the contact form on risksignal.io, we collect:
If you pay for a pilot or retainer, PayPal collects and processes your payment details directly. RiskSignal does not see or store your card or billing information, that's handled entirely by PayPal.
Form submissions are used to respond to your inquiry, run a sample batch, or fulfill a paid engagement. Nothing you submit through the form is used for any other purpose, sold, or shared with third parties beyond what's needed to operate the service.
If you submit a domain list for scanning, that list is processed by the Ægis engine and the resulting scan data is added to our benchmark database, used only to score and rank domains, never shared externally as raw data. We do not collect or use client contact data (names, emails, phone numbers, CRM records) as scan input, submitted domains are used solely to direct scan targeting.
Exposure Scores, Priority Ranks, and other scored output are produced by RiskSignal's own scoring and calculation methodology applied to publicly observable signals. They reflect RiskSignal's assessment, not an independent or absolute measure of a domain's true risk or revenue condition.
Deliverables and scan artifacts from paid engagements are retained for 180 days from delivery, then permanently deleted. Invoice records and engagement metadata are retained separately for accounting purposes.
Contact form submissions that don't result in a paid engagement are retained only as long as needed to respond to the inquiry.
To request a copy of what we hold about you, or to request deletion, email contact@risksignal.io. We'll respond within 12 hours.