Hello. We use cookies on this website, for the purposes of session management. That means that we can control access and, once you've logged in, we don't need to keep asking who you are. No personal information is stored in the cookie, and the cookie only lasts as long as your browser is open. Each time that you log in, the cookie will be created.

Ironically, we also store a cookie to show that you have allowed us to store cookies – this way we don't keep nagging you after you agree to accept them. This cookie does remain on your computer after your browser is closed.

If you sign up for a demonstration of RiskTree (at https://risktree.2t-security.co.uk/demo), we will collect brief details about you (name, e-mail address, and organization). These might be used to contact you to see if you are interested in using RiskTree. We can delete these details upon request, but this will prevent further access to the demonstration site unless you sign up again. A cookie will be stored on your computer to show that you have signed up for the demo, and to allow you to access it again without the need to re-enter your details.

The cookies that you might find as a result of using RiskTree are as follows:

Cookie namePurpose
cookiesDirectiveShows that you have accepted the use of cookies.
sessionAllows you to remain logged in for the duration of your session. Deleted when you log out.
__stripe_midSet by our payment provider, Stripe.

Session Storage is used to hold RiskTree data within your browser during your RiskTree session. This allows you to return to a RiskTree that you are building, or a report that has been created, without the need to manually reload files or recalculate risks. This information is cleared from your browser when you log out, or when you close your browser. We also use Local Storage (similar to Session Storage, but is kept even after the session ends) to provide the Auto Recover feature in RiskTree. This helps protect against losing your work if your browser crashes. You can disable Auto Recover is you prefer. Local Storage is cleared when you log out.

When your RiskTree account was registered, we stored your name (as shown to you when you log in), your organization, and your e-mail address, which are required for the operation and management of your account. We do not hold any other personally identifiable information about you in RiskTree. All of the information we hold can be viewed on the My account page (click the Account details for «...» link to go there – once you have logged in). We obfuscate your e-mail address to protect it from being stolen if your credentials are misused. If you have an account with a credit or debit card subscription then your payment details are held securely by our payment provide, Stripe. These details have never been seen, stored, or processed by 2T Security; they were transferred securely and directly from your web browser to Stripe.

Your data are held securely in an encrypted database. We do not provide your information to any other organization. Your information is held in line with all applicable data protection laws, including the General Data Protection Regulations (GDPR). Access to your information is limited to designated individuals within 2T Security.

If you have any questions about our data protection and privacy policies, please contact dataprotection@2t-security.com.