1. Who We Are

RecallRisk is operated by Perjan ProfessionalProductPartners FlexKapG, Heiligenstädter Lände 29/2.OG, 1190 Vienna, Austria ("RecallRisk", "we", "us"). For privacy-related enquiries, contact us at info@recallrisk.com.

For personal data processed through our public website, account management, authentication, security, operations, contact handling, Safety Gate monitoring, reports, and notifications, we act as the controller under the EU General Data Protection Regulation ("GDPR").

Where a customer provides catalogue or business data for RecallRisk to process only on that customer's instructions, we generally act as the customer's processor. In that case, the customer remains responsible for its own legal basis, notices, and instructions, and the applicable customer agreement or data processing agreement governs that processing.

2. Scope of This Policy

This Privacy Policy applies to recallrisk.com, app.recallrisk.com, the RecallRisk application, contact and demo forms, customer catalogue uploads, alert monitoring, match review workflows, report exports, notification emails, and related support or operational communications.

RecallRisk is a B2B product safety monitoring service. The platform monitors official public EU Safety Gate data and compares it with customer catalogue information to identify candidate matches that require human verification against official/source data. RecallRisk is not intended for children or for household use.

3. Personal Data We Process

Depending on how you interact with RecallRisk, we may process the following categories of personal data:

  • Contact and lead data, such as name, work email address, company, country, website, catalogue size, source page, campaign parameters, and messages submitted through a form.
  • Account data, such as user name, work email address, company account, account role, active status, plan information, and authentication/session data.
  • Customer catalogue and product data, such as SKU, title, description, brand, category, product URL, image URL, barcode, GTIN/EAN, model number, manufacturer part number, batch number, supplier, import metadata, and review notes. This data is usually business/product data, but it may contain personal data if a customer includes it.
  • Public Safety Gate data, such as official alert identifiers, source URLs, product descriptions, brand, category, risk information, country information, recall URLs, images, and source payloads imported from official public endpoints.
  • Matching, report, and notification data, such as scan jobs, candidate matches, evidence, review decisions, exported reports, recipient names and email addresses, notification status, message bodies, approval metadata, provider IDs, and delivery attempts.
  • Outbound and operator workflow data, such as company names, websites, listing URLs, researched business contact names or email addresses, lead statuses, evidence summaries, email draft fields, activity notes, sync metadata, and operator decisions used to manage product-safety outreach workflows.
  • Technical, security, and usage data, such as IP-derived request context, browser or device information, API paths, login timestamps, session timestamps, operational events, error events, account identifiers, and sanitized analytics properties.

4. Purposes and Legal Bases

We process personal data for the following purposes and legal bases:

  • To respond to demo, pricing, contact, and catalogue scan requests. Legal basis: pre-contractual steps, contract, and our legitimate interest in handling business enquiries.
  • To create and administer user accounts, authenticate users, manage roles, operate customer workspaces, and provide the RecallRisk service. Legal basis: contract and legitimate interest.
  • To import official public Safety Gate data, monitor alerts, compare them with customer catalogue data, create candidate matches, support review workflows, export reports, and send approved notifications. Legal basis: contract and our legitimate interest in providing product safety monitoring and operational review tools.
  • To research, queue, review, and log outbound product-safety lead workflows for operator use, including matching Safety Gate alerts to public listings and preparing copyable outreach drafts. Legal basis: legitimate interest in product safety monitoring, business development, and operational review, and contract where the workflow relates to a customer engagement.
  • To secure, debug, maintain, and improve the website, application, Worker, database, queues, and email workflows. Legal basis: legitimate interest and, where applicable, legal obligation.
  • To send service emails, operational notifications, support replies, and customer communications. Legal basis: contract, legitimate interest, and legal obligation where applicable.
  • To use optional analytics and error capture when configured. Legal basis: legitimate interest for privacy-preserving operational analytics or consent where required for non-essential tracking.
  • To comply with legal, tax, accounting, security, and regulatory obligations, and to establish or defend legal claims. Legal basis: legal obligation and legitimate interest.

We do not use RecallRisk match results to make decisions that produce legal effects concerning individuals solely by automated means. Candidate matches are informational and require human verification against official/source data.

5. Public Sources and Customer-Provided Data

RecallRisk monitors official public EU Safety Gate information. Public availability does not remove data protection obligations where a record contains personal data, so we process such data only for product safety monitoring, alert history, matching, reporting, and related operational purposes.

Customers are responsible for ensuring that catalogue uploads and review notes are lawful, accurate, and appropriate for use in RecallRisk. Customers should avoid including unnecessary personal data, sensitive personal data, confidential third-party data, or regulated data in catalogue files, product notes, or review comments unless agreed in writing and supported by an appropriate legal basis.

6. Processors and Recipients

We use service providers and infrastructure vendors to operate RecallRisk. They process data only for the purposes described in this policy or under our instructions, subject to applicable agreements.

  • Neon Postgres for production database hosting.
  • Cloudflare for Pages hosting, Workers, Hyperdrive, Queues, routing, security, and Cloudflare Email Service.
  • Airtable for inbound lead capture, contact request management, outbound research tasks, company/contact records, alert lead synchronization, and operator activity logging.
  • PostHog EU for optional product analytics and error capture when configured.
  • Google Fonts for public website font delivery.
  • Email recipients selected through the service, such as customer users receiving approved match notifications or RecallRisk operators receiving contact form notifications.

We may also disclose personal data to professional advisers, authorities, courts, or counterparties where required by law or necessary to protect our rights, users, customers, or the service.

7. International Transfers

We aim to use EU-based infrastructure where practical. Some providers or support operations may involve processing outside the European Economic Area. Where personal data is transferred internationally, we rely on appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, data processing agreements, or other safeguards permitted by applicable data protection law.

8. Retention

We retain personal data only for as long as needed for the purposes described in this policy, unless a longer period is required for legal, tax, accounting, security, contractual, or dispute-resolution reasons. Our current default retention periods are:

  • Authentication sessions: up to 14 days unless revoked earlier.
  • Contact and demo request records: up to 24 months after the last meaningful interaction.
  • Customer catalogue, match, review, and report data: for the customer service period and up to 90 days after account closure, unless the customer agreement, legal obligations, or operational needs require a different period.
  • Notification outbox, delivery, and operational event records: up to 24 months.
  • Public Safety Gate alert history: retained as part of the monitoring database to provide recall history and matching context.
  • Legal, tax, billing, and business records: retained for the periods required under Austrian or EU law.

Where deletion is not immediately possible, for example because data is in backups, we protect it from ordinary use until deletion or expiry is technically feasible.

9. Cookies and Analytics

RecallRisk uses necessary cookies and similar browser technologies to deliver the public website, support security and form submission, remember your public-site cookie choice, and operate protected application sessions when you sign in.

The protected RecallRisk app uses necessary cookies and local storage for authentication, session management, security, and access to protected areas. The Worker sets an HTTP-only session cookie for same-domain API routing, and the React app may store the returned session token and selected workspace state in browser local storage so the app can restore the signed-in session and current view.

These authentication and local-storage functions are required for the protected app to work. You can clear browser storage or sign out to remove local session state, but doing so may require you to sign in again and may prevent protected areas from working until a new session is created.

On the public website, optional PostHog analytics is loaded only when it is configured and you consent to analytics cookies. If enabled, it may collect public-site page views, interactions, approximate device and browser information, web-vital performance metrics, and referrer or campaign information so we can understand and improve the website. Public website analytics uses the managed RecallRisk proxy at a.recallrisk.com and PostHog EU Cloud.

Product analytics and error capture inside the protected app are also optional and disabled unless configured. When enabled, RecallRisk sends sanitized product and operational events, such as environment, role, account or entity identifiers, status, feature usage, and error context. We filter known sensitive values such as passwords, tokens, cookies, authorization headers, uploaded CSV content, and long free-text notes before analytics capture.

You can update your public website cookie choice at any time. Rejecting optional analytics prevents new public-site analytics capture and removes known PostHog browser storage where technically possible. Blocking necessary cookies in your browser may prevent the website or protected app from working correctly.

10. Security

We use technical and organizational measures designed to protect personal data, including encryption in transit, password hashing, session token hashing, role-based access controls, restricted admin workflows, operational monitoring, and provider security controls. No online service can guarantee absolute security, but we work to keep access limited to people and systems that need it for the purposes described in this policy.

11. Your Rights

Under the GDPR, you may have the right to access, rectify, erase, restrict, or port your personal data, object to processing based on legitimate interests, and withdraw consent where processing is based on consent. To exercise these rights, contact info@recallrisk.com.

If we process your personal data as a processor for a RecallRisk customer, we may need to forward your request to that customer or ask you to contact them directly, because they determine the relevant purposes and instructions.

You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, Austria, email dsb@dsb.gv.at. More information is available at data-protection-authority.gv.at.

12. Changes to This Policy

We may update this Privacy Policy to reflect legal, technical, or business changes. The latest version will be posted on this page. Where changes materially affect registered users or customers, we will take reasonable steps to notify them by email, in-app notice, or another appropriate channel.