top of page

Privacy Policy

A legal disclaimer

Last Updated: 26th January, 2026

​

1. Introduction & Acceptance of Terms
This Privacy Policy sets forth the practices of Drummond Risk & Resilience LLC (“we,” “us,” or “our”) regarding the collection, use, storage, and disclosure of personal information obtained through our website, booking services, and consultancy operations.

By using our Services, you acknowledge that you accept the practices and policies outlined in this Policy. If you do not agree with these terms, please refrain from using our Site or Services.

​

2. Information We Collect
We collect information that helps us provide tailored risk management solutions:

Voluntary Information: Name, email, and phone number provided via contact forms or booking widgets.

Operational Data: Client-provided documentation shared during consultancy.

Automatically Collected Data: IP addresses, browser types, and usage patterns collected via Wix.com cookies to improve site functionality.

​

3. How We Use Your Information
We process your data based on the following legal bases:

Contractual Necessity: To fulfill bookings and deliver operational and enterprise risk solutions.

Legitimate Interests: To improve our resilience methodologies and communicate service updates.

Compliance: To meet legal, regulatory, or auditing obligations.

​

4. Data Storage, Security, and Infrastructure
We utilize a multi-layered infrastructure to ensure data integrity while maintaining accessibility:

A. Client-Hosted Access (Preferred Method)
Where possible, we prefer to work within your secure environment (e.g., guest access to your SharePoint, Google Drive, or other system such as Microsoft 365). This ensures Data Sovereignty, minimizing the times data leaves your controlled systems. Access can be revoked by you at any time.

B. Third-Party Cloud Processors
For project delivery, we may use the following services:

Notion: To host interactive Risk Dashboards.

Google Workspace: For project file storage (Drive) and operational and enterprise risk solutions (Sheets).

Wix.com: For website hosting and initial booking data.

C. Local File Encryption (NordLocker)
For any data saved locally to our hardware, we utilize NordLocker. This provides a "Zero-Knowledge" encryption layer, meaning files are encrypted before they are stored, and only we hold the unique decryption keys.

​

5. Data Retention
We store personal information for as long as you engage our services or as necessary to fulfill the purposes outlined in this policy. You may request the deletion of your data at any time, subject to our legal record-keeping requirements.

​

6. Your Rights and Choices
Subject to local laws (such as GDPR or CCPA), you have the right to:

Access & Portability: Request a copy of the data we hold about you.

Correction/Erasure: Update incorrect data or request its deletion.

Withdraw Consent: Revoke our access to your systems or data at any time.

To exercise these rights, please contact: drummondrisk.resilience@gmail.com.

​

7. Disclaimer of Liability
While we implement rigorous security measures (including NordLocker encryption and secure cloud platforms), we cannot guarantee "perfect" security. By using our services, you acknowledge that your data is processed via third-party infrastructure and Drummond Risk & Resilience LLC shall not be held liable for security failures originating within the platforms of Wix, Google, Notion, or NordLocker, or other 3rd parties used.

​

8. Governing Law
This Policy and any disputes arising from it shall be governed by and construed in accordance with the laws of the State of Maryland.

bottom of page