{"platform":"Phoenix (Leonardo)","slug":"phoenix-leonardo","category":"Image / Video / Audio Generation","website":"https://www.leonardo.ai","risk_rating":"unknown","verification":"partially_verified","corpus_status":"corpus_partial","canonical":"https://aipolicycompare.com/platform/phoenix-leonardo","machine_url":"https://aipolicycompare.com/api/machine/platform/phoenix-leonardo","findings_count":31,"findings":[{"surface":"training_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Legitimate interests (Art 6(1)(f)); Consent for non-essential cookies (Art 6(1)(a))","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Legitimate%20interests%20(Art,non-essential%20cookies%20(Art%206(1)(a))","char_start":4137,"char_end":4221}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" We do not knowingly collect or process personal data of children under 18. If we become aware of such processing, we will delete it without undue delay.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20We%20do%20not,it%20without%20undue%20delay.","char_start":6058,"char_end":6211}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" 1.1 Important Information and Who We Are \n Welcome to Security Phoenix Ltd’s (“Phoenix Security”, “we”, “us” or “our”) Privacy and Data Protection Policy (“Privacy Policy”). We are committed to protecting and respecting your privacy and personal data in compliance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and all other applicable UK laws.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%201.1%20Important%20Information,other%20applicable%20UK%20laws.","char_start":548,"char_end":937}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" 1.2 Who Is Your Data Controller ","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%201.2%20Who%20Is%20Your%20Data%20Controller%20","char_start":1280,"char_end":1313}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" 2.1 Scope \n This Policy covers all personal data collected or processed by us via our website, platform, services (including support), recruitment, staff/volunteer management, events, and all other interactions with Phoenix Security.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%202.1%20Scope%20This,interactions%20with%20Phoenix%20Security.","char_start":1678,"char_end":1912}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" 3.3 Aggregated & Anonymised Data \n Non-identifying insights (e.g., device mix, geographic trends) are used solely in anonymised form for product improvement and research.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%203.3%20Aggregated%20%26,product%20improvement%20and%20research.","char_start":3272,"char_end":3443}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Legitimate Interests Assessment: We document and record balancing tests to ensure your rights are not overridden.\n Consent: Collected via clear opt-in mechanisms; you can withdraw consent as easily as given.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Legitimate%20Interests%20Assessment%3A,as%20easily%20as%20given.","char_start":4354,"char_end":4562}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" For any new high-risk processing (e.g., large-scale profiling, special category data), we conduct DPIAs under Article 35 UK GDPR and implement required mitigation measures.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20For%20any%20new,implement%20required%20mitigation%20measures.","char_start":4614,"char_end":4787}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Requests are free, verified for identity as needed, and answered within one month (Art 12–15). We may extend by two further months for complex requests, notifying you accordingly.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Requests%20are%20free%2C,requests%2C%20notifying%20you%20accordingly.","char_start":5422,"char_end":5602}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Our cookie banner and policy (Article 13(2)(c)) clearly distinguish:","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Our%20cookie%20banner,(Article%2013(2)(c))%20clearly%20distinguish%3A","char_start":5627,"char_end":5696}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" You can manage preferences at any time.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20You%20can%20manage%20preferences%20at%20any%20time.","char_start":5804,"char_end":5844}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" We review this Policy at least annually. Material changes will be notified by email or a prominent notice on our platform. Continued use of our services constitutes acceptance of any amendments.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20We%20review%20this,acceptance%20of%20any%20amendments.","char_start":7294,"char_end":7489}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" For questions or to exercise your rights, contact:\n Email: privacy@phoenix.security","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20For%20questions%20or,rights%2C%20contact%3A%20Email%3A%20privacy%40phoenix.security","char_start":7516,"char_end":7600}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" You have the right to:","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20You%20have%20the%20right%20to%3A","char_start":5170,"char_end":5193}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" This Policy explains who we are, what data we collect and why, how we use and share it, your data protection rights, and how to contact us.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20This%20Policy%20explains,how%20to%20contact%20us.","char_start":941,"char_end":1081}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Email: privacy@phoenix.security","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Email%3A%20privacy%40phoenix.security","char_start":1438,"char_end":1470}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Applies to: Customers, suppliers, business contacts, employees, staff members, volunteers, third parties connected to our customers, and any other individuals whose personal data we process.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Applies%20to%3A%20Customers%2C,personal%20data%20we%20process.","char_start":1085,"char_end":1276}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Analytics cookies (e.g., Google Analytics)","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Analytics%20cookies%20(e.g.%2C%20Google%20Analytics)","char_start":5737,"char_end":5780}},{"surface":"privacy_data_use","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" We process personal data only when we have a lawful basis under Article 6 UK GDPR, and for special categories only with additional safeguards under Article 9 where applicable.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20We%20process%20personal,Article%209%20where%20applicable.","char_start":3473,"char_end":3649}},{"surface":"moderation_enforcement","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Security measures: Encryption in transit and at rest; multi-factor authentication; strict access controls; regular security assessments (Art 32).\n Breach notification: We notify the ICO within 72 hours of a notifiable breach (Art 33) and, where required, inform data subjects without undue delay (Art 34).","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Security%20measures%3A%20Encryption,undue%20delay%20(Art%2034).","char_start":6246,"char_end":6552}},{"surface":"moderation_enforcement","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" If you discover a security vulnerability, please follow our Vulnerability Disclosure Policy at https://phoenix.security/vulnerability-disclosure/. We will acknowledge, investigate, and respond in line with our Breach Disclosure procedures.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20If%20you%20discover,our%20Breach%20Disclosure%20procedures.","char_start":6592,"char_end":6832}},{"surface":"data_retention","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" We retain personal data only for the longer of:\n The period required by applicable law, and where deemed necessary for HR, recruitment, or contractual reasons.\n An additional 90 days thereafter.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20We%20retain%20personal,additional%2090%20days%20thereafter.","char_start":4811,"char_end":5006}},{"surface":"data_retention","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Specific retention schedules (e.g., recruitment records, account data, support logs) are documented in our internal retention policy.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Specific%20retention%20schedules,our%20internal%20retention%20policy.","char_start":5010,"char_end":5144}},{"surface":"subprocessors_data_sharing","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" We share personal data only with:","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20We%20share%20personal%20data%20only%20with%3A","char_start":6868,"char_end":6902}},{"surface":"subprocessors_data_sharing","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" 2.3 Processors’ Responsibilities \n Where we engage processors, we ensure via GDPR-compliant Data Processing Agreements that they:\n Process personal data only on our documented instructions.\n Implement appropriate technical and organisational measures.\n Ensure confidentiality and security of personal data.\n Notify us of any personal data breach without undue delay.\n Assist us in responding to data subject requests and audits.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%202.3%20Processors%E2%80%99%20Responsibilities,subject%20requests%20and%20audits.","char_start":2130,"char_end":2559}},{"surface":"subprocessors_data_sharing","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" California Privacy Rights: California residents may request details of any sharing with third parties for marketing purposes.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20California%20Privacy%20Rights%3A,parties%20for%20marketing%20purposes.","char_start":7139,"char_end":7265}},{"surface":"audit_rights_dpa_residency","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" 2.2 Record of Processing Activities (RoPA) \n We maintain a detailed RoPA as required by Article 30 UK GDPR, documenting all categories of processing, purposes, data subjects, recipients, and retention periods.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%202.2%20Record%20of,recipients%2C%20and%20retention%20periods.","char_start":1916,"char_end":2126}},{"surface":"audit_rights_dpa_residency","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Where personal data is transferred outside the UK or EEA, we use UK-approved Standard Contractual Clauses (Art 46) or rely on an adequacy decision if applicable.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Where%20personal%20data,adequacy%20decision%20if%20applicable.","char_start":5874,"char_end":6036}},{"surface":"audit_rights_dpa_residency","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), but please allow us to address your concerns first.","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20You%20have%20the,address%20your%20concerns%20first.","char_start":1502,"char_end":1644}},{"surface":"governing_law_disputes","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" You may also lodge a complaint with the ICO at:","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20You%20may%20also,with%20the%20ICO%20at%3A","char_start":7687,"char_end":7735}},{"surface":"governing_law_disputes","risk":"unknown","confidence":"high","tier":"All","verified":true,"quote":" Website: https://www.ico.org.uk/make-a-complaint","caution":null,"provenance":{"source_url":"https://phoenix.security/privacy-policy/","snapshot_sha256":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5","wayback_url":null,"deep_link":"https://phoenix.security/privacy-policy/#:~:text=%20Website%3A%20https%3A%2F%2Fwww.ico.org.uk%2Fmake-a-complaint","char_start":7828,"char_end":7877}}],"disclaimer":"Informational only, not legal advice. Every finding is a verbatim quote from a fully-read, gate-verified document; verify via snapshot_sha256 + wayback_url. Partially-verified platforms show findings only from their verified document(s).","@jsonld":{"@context":"https://schema.org","@type":"Dataset","name":"Phoenix (Leonardo) — AI policy risk findings","description":"Verified, cited policy findings for Phoenix (Leonardo) across 13 risk surfaces.","url":"https://aipolicycompare.com/platform/phoenix-leonardo","creator":{"@type":"Organization","name":"AIPolicyCompare","url":"https://aipolicycompare.com"},"isAccessibleForFree":true,"license":"https://aipolicycompare.com/terms","additionalProperty":[{"@type":"PropertyValue","name":"verification","value":"partially_verified"}],"variableMeasured":[{"@type":"PropertyValue","name":"training_use","value":"unknown","description":" Legitimate interests (Art 6(1)(f)); Consent for non-essential cookies (Art 6(1)(a))","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" We do not knowingly collect or process personal data of children under 18. If we become aware of such processing, we will delete it without undue delay.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" 1.1 Important Information and Who We Are \n Welcome to Security Phoenix Ltd’s (“Phoenix Security”, “we”, “us” or “our”) Privacy and Data Protection Policy (“Privacy Policy”). We are committed to protecting and respecting your privacy and personal data in compliance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and all other applicable UK laws.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" 1.2 Who Is Your Data Controller ","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" 2.1 Scope \n This Policy covers all personal data collected or processed by us via our website, platform, services (including support), recruitment, staff/volunteer management, events, and all other interactions with Phoenix Security.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" 3.3 Aggregated & Anonymised Data \n Non-identifying insights (e.g., device mix, geographic trends) are used solely in anonymised form for product improvement and research.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" Legitimate Interests Assessment: We document and record balancing tests to ensure your rights are not overridden.\n Consent: Collected via clear opt-in mechanisms; you can withdraw consent as easily as given.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" For any new high-risk processing (e.g., large-scale profiling, special category data), we conduct DPIAs under Article 35 UK GDPR and implement required mitigation measures.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" Requests are free, verified for identity as needed, and answered within one month (Art 12–15). We may extend by two further months for complex requests, notifying you accordingly.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" Our cookie banner and policy (Article 13(2)(c)) clearly distinguish:","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" You can manage preferences at any time.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" We review this Policy at least annually. Material changes will be notified by email or a prominent notice on our platform. Continued use of our services constitutes acceptance of any amendments.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" For questions or to exercise your rights, contact:\n Email: privacy@phoenix.security","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" You have the right to:","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" This Policy explains who we are, what data we collect and why, how we use and share it, your data protection rights, and how to contact us.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" Email: privacy@phoenix.security","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" Applies to: Customers, suppliers, business contacts, employees, staff members, volunteers, third parties connected to our customers, and any other individuals whose personal data we process.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" Analytics cookies (e.g., Google Analytics)","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"privacy_data_use","value":"unknown","description":" We process personal data only when we have a lawful basis under Article 6 UK GDPR, and for special categories only with additional safeguards under Article 9 where applicable.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"moderation_enforcement","value":"unknown","description":" Security measures: Encryption in transit and at rest; multi-factor authentication; strict access controls; regular security assessments (Art 32).\n Breach notification: We notify the ICO within 72 hours of a notifiable breach (Art 33) and, where required, inform data subjects without undue delay (Art 34).","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"moderation_enforcement","value":"unknown","description":" If you discover a security vulnerability, please follow our Vulnerability Disclosure Policy at https://phoenix.security/vulnerability-disclosure/. We will acknowledge, investigate, and respond in line with our Breach Disclosure procedures.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"data_retention","value":"unknown","description":" We retain personal data only for the longer of:\n The period required by applicable law, and where deemed necessary for HR, recruitment, or contractual reasons.\n An additional 90 days thereafter.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"data_retention","value":"unknown","description":" Specific retention schedules (e.g., recruitment records, account data, support logs) are documented in our internal retention policy.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"subprocessors_data_sharing","value":"unknown","description":" We share personal data only with:","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"subprocessors_data_sharing","value":"unknown","description":" 2.3 Processors’ Responsibilities \n Where we engage processors, we ensure via GDPR-compliant Data Processing Agreements that they:\n Process personal data only on our documented instructions.\n Implement appropriate technical and organisational measures.\n Ensure confidentiality and security of personal data.\n Notify us of any personal data breach without undue delay.\n Assist us in responding to data subject requests and audits.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"subprocessors_data_sharing","value":"unknown","description":" California Privacy Rights: California residents may request details of any sharing with third parties for marketing purposes.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"audit_rights_dpa_residency","value":"unknown","description":" 2.2 Record of Processing Activities (RoPA) \n We maintain a detailed RoPA as required by Article 30 UK GDPR, documenting all categories of processing, purposes, data subjects, recipients, and retention periods.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"audit_rights_dpa_residency","value":"unknown","description":" Where personal data is transferred outside the UK or EEA, we use UK-approved Standard Contractual Clauses (Art 46) or rely on an adequacy decision if applicable.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"audit_rights_dpa_residency","value":"unknown","description":" You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), but please allow us to address your concerns first.","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"governing_law_disputes","value":"unknown","description":" You may also lodge a complaint with the ICO at:","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]},{"@type":"PropertyValue","name":"governing_law_disputes","value":"unknown","description":" Website: https://www.ico.org.uk/make-a-complaint","additionalProperty":[{"@type":"PropertyValue","name":"confidence","value":"high"},{"@type":"PropertyValue","name":"snapshot_sha256","value":"30100644a6c6d755f3e4170ea52a93594d4a10e15b2baae83759245851eac0a5"},{"@type":"PropertyValue","name":"wayback_url","value":""},{"@type":"PropertyValue","name":"source_url","value":"https://phoenix.security/privacy-policy/"}]}]}}