Reciprocity Privacy Policy

Last Updated: February 21, 2020

Reciprocity is committed to protecting your privacy.  Our most important asset is you and your trust and we want you to have confidence in the way we use your Personal Information.

In this Privacy Notice, “us”, “we” and “our” refers to Reciprocity, Inc. and our affiliates listed on this page (collectively “Reciprocity”). “Personal Information” means any information relating to an identified or identifiable individual. Please read the following carefully to understand our views and practices regarding your Personal Information and how we will treat it. 

This Privacy Notice provides Information about:

Reciprocity and our Privacy Notice

Reciprocity is a computer software company. Our Governance, Risk and Compliance (GRC) software helps our customers to more effectively manage different business risks.  

This Privacy Notice describes how we collect, use, disclose and otherwise process Personal Information about you when: 

Outside of customer account information, this Privacy Notice does not apply to processing by our customers of Personal Information when they use Reciprocity Services. Where Reciprocity host customer Personal Information within the Reciprocity Services we do so in our capacity as a processor on the customer’s behalf. Our customer is the controller in respect of Personal Information they process when using Reciprocity Services. 

For more information about how Reciprocity safeguards Personal Information submitted by or processed within the Services by customers, please see our ZenGRC and Services privacy policy.

By visiting and using our Site and engaging with us, you acknowledge that you have read and understood this Privacy Notice.

Personal Information We Collect

Information provided by you

You may provide us with the following categories of Personal Information about you:

We may ask you to provide certain Contact and Professional information when you register for events, request a demo, download white papers or literature, or seek more information. 

We may also collect any other Personal Information that you choose to provide to us. For example, Communications and Marketing information if you decide to contact us with a request, or Professional information where you contact us to apply for a job with Reciprocity.

Information we collect about you

We may collect via automated means the following categories of Personal Information about you or that relate to your use of our Site: 

Cookie and Similar Technologies

We use cookies and similar technologies to collect and store certain information. This includes saving cookies to your device. For information on what cookies are, which ones we use, why we use them, and how you can manage their use, please see our Cookies Policy.

How we use Personal Information

We use information held about you in the following ways:

Information provided by you

We will use this information to:

Information we collect about you

We will use this information in our legitimate interests:

If you are in Europe

If you are located in Europe, we rely on one or more of the following grounds when processing your Personal Information:

Our Promotional Updates and Communications

Where permitted in our legitimate interest or with your prior consent where required by law, we will use your personal data for marketing analysis and to provide you with promotional update communications by email or by telephone about our Services.

You can object to further marketing at any time by selecting the “unsubscribe” link at the end of all our marketing and promotional update communications to you, or contact us directly. See Your Rights and Choices below 

Who We Share Personal Information With

We may share your Personal Information with:

Click here to see a list of our subprocessors

Where We Store Personal Information

The servers used to process your Personal Information collected from this Site are in the USA, however we collect data from wherever visitors to our Site or customers are situated. The information that we collect may therefore be transferred to the USA from any other country in which you may be located.

If you are in Europe

Where we transfer Personal Information, we will take all steps reasonably necessary to ensure that it is protected by appropriate safeguards. This includes:

We may transfer your personal information outside Europe:


We are committed to ensuring that your Personal Information is adequately protected. In order to prevent unauthorized access to or disclosure of your Personal Information, we have implemented appropriate administrative, physical and technical controls to safeguard our systems, applications and information, as well as robust standard operating procedures in the event of a security incident. We also maintain procedural safeguards to further restrict access to your Personal Information to employees who need it to perform their tasks or people working on our behalf and under confidentiality agreements.


We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. 

When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrolment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.

If you opt-out from us sending you promotional updates and marketing, or object to any other processing of your Personal Information, we may keep a record of your objection for the legitimate purpose of ensuring that we can continue to respect your wishes and not contact you further, during the term of your objection.

Your Rights and Choices

You have options and choices over how we use your personal information. You may have the right under applicable laws to ask for details of the personal information we hold about you, or to amend, limit or delete your personal information. You may also have the right to object to further processing under certain circumstances.
We also respect the rights you may have under applicable laws to receive that information in a commonly used electronic format (or ask for this information to be provided in that format to a third party where feasible).

If you are in Europe, you have the right under certain circumstances:

Opting out of our Marketing Communications

To opt out from receiving electronic marketing communications from Reciprocity, please:

Opting out from our Marketing Calls

This Privacy Notice covers the privacy practices of Reciprocity and it does not cover the privacy practices of third parties on their websites and other features. Reciprocity is not responsible for the privacy notices and/or practices of third-parties.

Reciprocity’s Site may provide links that can take you to other websites, which may include partner websites. You should review the privacy and other policies that govern the websites you visit, since those websites are not bound by Reciprocity’s Privacy Notice, and Reciprocity has no control over the content of those Websites, nor the usage of information they gather.

Modifications to the Privacy Notice

Any changes we make to our privacy notice will be posted on this page and, in relation to substantive changes, will be notified to you by e-mail.

Contacting Reciprocity

If you would like to contact us with questions or concerns about this Privacy Policy, our privacy practices, or would like to exercise your privacy rights, you may contact us via any of the following methods:

Toll-free Number (USA): +1-877-440-7971

You may also write to us at:
Attn: Privacy Officer
Reciprocity, Inc.
755 Sansome Street
6th Floor
San Francisco, CA 94111

Our EU Representation:
Attn: Privacy Officer
Reciprocity d.o.o.
Celovška cesta 25
1000 Ljubljana