Insightful Privacy Policy

Information We Collect.

We collect several types of information to provide and improve our Service:

Personal Information. Personal Information includes information that can identify you directly, such as your name, or indirectly, such as an identification number or online identifier. When you register for an account, subscribe to our Service, or contact us, you may provide us with personal information, including but not limited to:

• Name
• Email address
• Phone number
• Company name
• Payment information (if applicable)
• Technical Data
  

We collect Personal Information from various sources, including information you provide directly to us, information collected automatically when you use our Service, and information we obtain from third-party sources.

Other than to provide our Services directly to you, we don’t sell or share Personal Information for commercial purposes.

The types of data we collect include:

Information You Provide to Us:

• Account Registration: When you create a Service Account, we collect Personal Information such as your first and last name, email, and other optional details like your company size, phone number and photo.
• Payment Transaction Information: For transactions, we collect information such as your name, billing address, and payment details (e.g., card number, expiration date, CVV). This information is handled by third-party Service Providers, and you are subject to their privacy policies.
• Correspondence and Support Information: If you contact us or subscribe to our communications, we may keep your information to respond and send updates. To stop receiving emails or mailings, contact us at privacy@insightful.io or use the unsubscribe link in our emails. Processing removal requests may take time, and we may still send important service updates. For support requests, we use the information you provide to assist you. Please avoid sharing confidential or sensitive data.
• User Contributions: You also may provide information to be posted on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. We cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
• Public Information: We may collect information about you from publicly available sources. Information you share in open forums, such as social networks, may be considered public and collected by us. Be aware that content or information you provide to third parties through the Service is not private, and we are not responsible for it. If you prefer certain information to remain private, do not share it publicly. We do not collect special categories of Personal Information, such as race, religion, sexual orientation, health, or biometric data.

1. Information We Collect Automatically: We collect information such as usage statistics, performance metrics, anonymized data, device information, technical logs, and similar data (“Technical Data”) to enhance the Service and provide relevant technologies. We use various technologies to gather data about your device, usage patterns, communication data, and accessed resources (e.g., IP address, browsing history). This information is used to improve our Service and is processed based on our legitimate interest or your consent, where applicable. This may include:
   

• Internet Browser: When you use our Service, your internet browser automatically sends certain anonymous information. We and our third-party Service Providers may use automated methods to collect various types of data about you and your device. This can include:
  • Your network or IP address and browser type (e.g., Chrome, Safari);
  • Your operating system (e.g., Windows, Mac OS), internet service provider, and device identifiers (like Apple IDFA or Android Advertising ID);
  • Device and browser settings;
  • The web pages you visit and your navigation path through our Service;
  • Location information and interactions with content and advertisements.

We use this information to enhance your experience on our Service. While you can manage cookie preferences in your browser, certain features may not function without cookies. We and our Service Providers may combine this anonymous data to improve site performance, tailor content, and analyze trends, but it will not be linked to your Personal Information.

• Geo-location: We may collect precise location data with your consent, which you can disable through device settings.
  
• Usage Data and Analytics: Service collect and analyze statistics, logs, and other relevant usage data to enhance service performance and user experience. This includes, but is not limited to, information about user interactions, system performance metrics, and any other data that can help optimize the functionality and reliability of the Service.
• Social Media & Third-Party Platforms: We may access profile information (e.g., name, email, posts, interactions) when you engage with our content on these platforms.
  
• Log Files: We may collect log data like IP address, browser type, pages visited, device information, and search terms during your interaction with our Service.
  

• Desktop Applications: We may collect screenshots, applications currently being worked on, web URLs visited, time you are active, the operating system you are using, whether or not you have an input device such as a monitor, whether your mouse is actively moving or not, the names of projects or tasks being worked on, the amount of time worked on those tasks, the browser version you are using, and whether and the speed at which you are typing on your keyboard. We only collect whether your keyboard is active or inactive and the rate or typing. We do not collect the specific key strokes or the content of what you type. Screenshots are uploaded securely via TLS directly to Google, bypassing our servers. No keystrokes are uploaded or stored, even locally. Every 10 minutes, Insightful uploads the total seconds of “activity” and “worked” time using TLS. Our Customers may choose to blur portions of collected screenshots for added security.
  

• Cookies: Cookies are used to track usage and improve the site. Consent can sometimes be provided through browser settings if the user takes an active step to adjust them. Before accessing our websites, users should check their browser settings to confirm consent for cookies. While users aren’t required to accept cookies and can block or delete them, doing so might slow down or disrupt certain website features. You can manage cookie preferences in your browser, though some features may not work without them.
  

• Other Web Technologies: Our Website and our Service Providers may utilize standard web technologies like web beacons, pixel tags, and clear GIFs to track user movements while accessing our Service. These technologies help assess the effectiveness of marketing campaigns, customize Service on our websites, and optimize website content and offerings. Some data, including IP addresses, may be stored on our Service Providers’ server logs for extended periods.

1. Information from Third Parties: We may receive information about you from third-party sources, such as:

• Financial Providers: Payment information, transaction data, and fraud detection insights.
• Marketing data: Information from providers like Meta, Linkedin, Google, and similar, including demographic and market segmentation data.

How We Use Your Information

We use your information to provide our Services, including to create and manage your account, provide customer support, and process transactions. We generally process Personal Information based on our legitimate interests in providing and maintaining our Service, where such processing is necessary. In some cases, we may rely on your consent or other legal bases. We do not share, sell, or rent your Personal Information to third parties without your consent or another lawful basis. However, we may share your Personal Information when necessary to provide the requested Service, based on legitimate interests or as required by law.

Legal Basis For Data Processing: We rely on various legal bases to process the information we receive from your use of our Service, including when:

• You have consented to the processing.
• The processing is necessary to fulfill our contractual obligations under the agreement governing your use of the Service.
• We are required to comply with a legal obligation, court order, or to exercise or defend legal claims.
• The processing is necessary to protect your vital interests or those of others.
• It serves the public interest.
• It is necessary for the legitimate interests of us or a third party, such as those of users, visitors, or partners.
• You have made the information public.

When processing based on consent, we will obtain your explicit opt-in either directly from you or through your employer, our Customer. You can withdraw your consent at any time by contacting us at privacy@insightful.io or by contacting your employer, our Customer. If processing is based on legitimate interests, we will ensure that it is necessary for your or a third party’s interests, unless a compelling reason to protect your Personal Information outweighs those interests.

We use the collected information for various purposes :

• To Communicate With You (Legal Basis: Legitimate Interests, Consent): We engage with you prior to you becoming a Customer, such as when you express interest in our Service, including sending proposals or responding to inquiries. We also manage our relationships with existing Customers by processing information for Customer administration and contract performance. With your consent, we send service-related communications, updates, and promotional content. Additionally, we address your requests and provide the information you seek regarding our products and Service.
• To Provide The Service (in accordance with instructions of our Customer as Data Controller): We establish contracts with you as a Customer and process your data and that of our Customer’s Employees to deliver, operate, and maintain our Service. This includes activities such as account setup and management.
• To Fulfill Legal Obligations (Legal Basis: Legal Obligation): We may disclose your Personal Information as required by law to fulfill obligations or respond to valid requests from public authorities, including courts or government agencies, for purposes such as tax compliance, reporting, or regulatory obligations. Additionally, we may use your data to protect our interests by defending against legal claims, exercising our rights, or addressing lawful requests (e.g., subpoenas or court orders). Your data may also be utilized in pre-arbitration, arbitration, or other dispute resolution processes, as well as to fulfill other legal obligations. This includes addressing legal claims, requests, and investigations under data protection laws and complying with formal disclosure requests from competent authorities.
• Maintaining The Security And Safety Of The Service And Its Users (Legal Basis: Legitimate Interests): Ensuring a secure and safe experience is fundamental to our Service. We utilize your Personal Information to authenticate users, detect and prevent fraud and other criminal activities, and block or remove unsafe or fraudulent users from our Service. Additionally, we process and investigate reports of abuse or misuse submitted through our website to ensure compliance with applicable laws and regulations and to prevent the misuse of our Service.
• Providing Customer Support and Service (in accordance with instructions of our Customer as Data Controller): We work hard to provide the best experience possible, including supporting you when you need it. To do this, we use your Personal Information as a processor on behalf of our Customers to:
  • Assist with inquiries or concerns related to our Service;
  • Investigate and help resolve issues you may experience, and
  • Provide customer support and respond to your request.

We may also use your Personal Information to send you administrative emails related to the Service, including notifications about changes to this Privacy Policy, the terms of the agreements governing your use of the Service, or the terms of our third-party partners.

• To Debug Service And To Identify And Fix Errors (Legal Basis: Legitimate Interests): To ensure optimal functionality, we debug and fix errors in our Service.
• To Improve The Service (Legal Basis: Legitimate Interests): We process your Personal Information to deliver, operate, and maintain our Service, including account setup and management. We continually strive to improve your experience and introduce helpful features by using your Personal Information for the following purposes:
  • Conducting research, testing, and analysis;
  • Developing new products, features, partnerships, and Service;
  • Preventing, identifying and resolving software or hardware issues;
  • Monitoring and enhancing our operations, security practices, algorithms, and modeling.
    
• To Investigate Chargebacks (Legal Basis: Legitimate Interests, Legal Obligation): In the event of a chargeback initiated by you, we may collect and process Personal Information related to the transaction, including your name, contact details, payment method, transaction history, and any related correspondence. We use this information to investigate chargebacks, resolve disputes, and comply with applicable laws and payment processor requirements. This information may be shared with payment processors, financial institutions, or legal authorities as needed to facilitate the resolution of the chargeback. By using our Service, you acknowledge that chargebacks may lead to the collection and processing of your Personal Information for these purposes.
• For Marketing Purposes (Legal Basis: Consent): Where we have necessary consents, we may contact you for marketing purposes to inform you about our products, Service, and offers.
• General Non-Personal Data (Legal Basis: Legitimate Interests): We may disclose general, non-Personal Information received from providing the Service, including information that does not identify any individual, without restriction. We may share demographic information with business partners, but it will be aggregated and de-personalized so that Personal Information is not revealed.
• For Business Transfers (Legal Basis: Legitimate Interests): If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your Personal Information is transferred and becomes subject to a different Privacy Policy.
• For Sharing With Our Service Providers (in accordance with instructions of our Customer as Data Controller): We may employ third-party companies and individuals to facilitate our Service, provide the Service on our behalf, perform service-related services, or assist us in analyzing how our Service is used (such as receiving, processing and fulfilling orders, encrypting credit card data as a further measure of securing the data, processing credit card payments, processing product reviews, technical support, and providing comparative performance information relative to our site). These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
• Social Gatherings (Legal Basis: Legitimate Interests, Consent): If your business or organization has scheduled a conference, event, or meeting at our facilities, we may share your Personal Information with our event organizers. We utilize return email addresses solely to respond to your inquiries. Your email address will not be used for any other purpose or shared with third parties for direct marketing.
• Other Purposes (Legal Basis: Legitimate Interests, Legal Obligation): We may also disclose your Personal Information as necessary to:
  • Safeguard the property or safety of our company, employees, contractors, vendors, suppliers, Customers, and Customers’ Employees;
  • Assist with internal and external investigations; or
  • As permitted by law.

Your Rights

We provide options to help you manage your Personal Information, ensuring you have control over its handling and use.

Limitations on Requests: Please note that our ability to honor certain requests may be limited due to obligations related to security, fraud prevention, regulatory compliance, or the provision of the Service you’ve requested. We will inform you if this applies when responding to your request.

Objection to Processing: If we process your Personal Information based on legitimate interests or public interest, you may object in certain circumstances, and we will stop processing your Personal Information unless we have overriding legal grounds. For direct marketing, you can opt-out using the unsubscribe link or by adjusting your account settings.

Account Management: If you are our Customer and no longer wish to use our Service or receive service-related messages (excluding legal notices), please contact us using the information below. If you are a Customer Employee, please contact your employer, our Customer.

Data Access by Employers: If you use our Service as a Customer Employee, your employer has direct access to your data. For independent contractors, the contracting entity has access. Our employees may also access your data for testing, service improvement, or sending updates. Please review the agreement governing your use of the Service for more details.

Exercising Your Rights: To exercise any of these rights, please contact us using the details provided below. We will respond within the legally required timeframe.

Rights of All Users

• Email Subscriptions: You can easily unsubscribe from promotional emails by clicking the “unsubscribe” link in the message. However, we will continue to send essential updates related to your use of the Service.
• Push Notifications: Manage your push notifications through your device settings. Disabling them may affect your experience using the Service.
• Profile Information: You can review and edit your personal details through your account settings at any time.
• Access to Your Information: We provide tools within the Service to help you access, correct, delete, or modify your Personal Information. You can also contact us regarding the information we have collected about you, request updates, modifications, or deletions, opt-out of certain uses, or withdraw consent. Please be aware that deleting your information or opting out may limit your access to certain features of our Service.
• Data Correction: You have the right to request correction of any inaccurate or incomplete personal information we hold about you.
• Data Retention: We will retain your Personal Information only as long as necessary for the purposes outlined in this policy, while your account is active, or as needed to provide our Service. We retain transactional information for at least seven years to comply with legal obligations, resolve disputes, and enforce our agreements. We may delete your Personal Information according to our data retention plan. Following the termination or deactivation of a Service account, we may retain your information for a commercially reasonable period for backup, archival, and audit purposes.
• Cookie Preferences: You can adjust your cookie settings through our Cookie Declaration or your browser preferences. Please note that disabling cookies may impact some functionality of the Service.
• Opting Out of Communications: Users may opt out of certain communications by following the unsubscribe process in email communications or by contacting us. However, some service-related communications, such as account verification or security notices, cannot be opted out of.
• Do Not Track: We do not currently respond to “Do Not Track” (DNT) signals sent by web browsers or other mechanisms. Third parties may collect information about your online activities over time and across different websites when you use our Service. You may limit tracking by disabling cookies in your browser.
• Account Deletion: To delete your account, please contact your company administrator. In some cases, such as ongoing legal matters or fraud investigations, we may be unable to fully delete your account. Certain data may also be retained for legitimate business reasons or to meet legal obligations.

Privacy Rights for Residents of U.S. States

U.S. State consumer privacy laws may provide their residents with additional rights regarding our use of their Personal Information. In certain circumstances, some U.S. States, including California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia provide their state residents with some or all of the following rights:

• Right to Access: You may have the right to request details about the Personal Information we have collected in the past twelve (12) months, including data categories, sources, purposes for collection, and third-party sharing.
• Right to Delete: You may have the right to request deletion of your personal information, subject to certain exceptions (e.g., to meet legal obligations or complete ongoing transactions).
• Right to Confirm Processing: You may request confirmation as to whether and what Personal Information we process.
• Right to Correct: You may have the right to request that we correct inaccuracies in your Personal Information, taking into account the information's nature and processing purpose (excluding Iowa and Utah).
• Right to Portability: You may have the right to request the transfer of your Personal Information to another organization or directly to you under certain conditions.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  

Exercise of Rights: The exact scope of these rights may vary by state. To request access to or deletion of your personal information, or to exercise any other data rights under applicable U.S. State Law, please email us at privacy@insightful.io. Be sure to include your full name, email address, the subject line “Data Subject Request,” and the purpose of your request to ensure a prompt response.

Response Timing and Format: We aim to fulfill requests within thirty (30) days. If additional time is required, we will inform you in writing of the reason and the extended timeframe.

For purposes of requests to delete, correct and to know, we will verify your identity based on information we have collected about you, including your name, address, and phone number, but will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the individual about whom we collected the Personal Information. If we are unable to verify your identity, we may deny your request.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Under California Civil Code Section 1798.83 (the “Shine the Light” law), California residents can request information about our disclosures of Personal Information to third parties for their direct marketing purposes over the past calendar year. To submit a request, please email us at privacy@insightful.io with “Request for California Privacy Information” in the subject line. We will respond within thirty (30) days, or as required by law, including only relevant information. Note that certain data sharing may not fall under “Shine the Light” requirements.

Nevada provides its residents with a limited right to opt-out of certain Personal Information sales. Residents who wish to exercise this sale opt-out rights may submit a request. However, please know we do not currently sell Personal Information triggering that statute's opt-out requirements.

Privacy Rights of Users from the European Economic Area and the United Kingdom

If you are a resident of the United Kingdom (“UK”) or European Economic Area (“EEA”), you may have certain data protection rights. “GDPR” means the European Union General Data Protection Regulation (EU) 2016/679, and the United Kingdom Data Protection Act 2018. Information that you provide may be transferred or accessed by entities around the world as described in this Privacy Policy. If you are located in the EEA or UK, you freely consent to the transfer of personal information outside of the EEA and UK. Your consent to this Privacy Policy together with your submission of personal information constitute your agreement to these transfers. If you are accessing or using the Service from within the EEA or UK, you may have the following rights under the GDPR (as well as other rights).

• Right to Access (GDPR, Article 15): You can know what personal information we hold about you, why we collected it, and with whom it’s shared. You can request copies of your personal information.
• Right to Rectification (GDPR, Article 16): You can request corrections for any information you believe is inaccurate or incomplete.
• Right to Erasure (GDPR, Article 17): You can request the deletion of your personal information under certain conditions.
• Right to Restrict Processing (GDPR, Article 18): You can request the restriction of processing your personal information under specific conditions (including for direct marketing).
• Right to Data Portability (GDPR, Article 20): You can request the transfer of your data to another organization or directly to you under certain conditions.
• Right to Withdraw Consent (GDPR, Article 7): If we process your personal information based on consent, you can withdraw that consent at any time.
• Right to Lodge a Complaint (GDPR, Article 77): You can lodge a complaint with the appropriate data privacy regulatory authority. A list can be found at: https://ec.europa.eu/info/law/law-topic/data-protection_en. If you need further assistance, please reach out to us, and we will address your request in accordance with applicable law.

Exercise of Rights: To request access to or deletion of your personal information, or to exercise any other data rights under the GDPR, please email us at privacy@insightful.io. Be sure to include your full name, email address, and the purpose of your request to ensure a prompt response.

Insightful shall respond to requests from data subjects exercising their rights within the following timeframes:

• Standard Response Time: Requests shall be addressed without undue delay and, at the latest, within thirty (30) days from the date the request is received.
• Extension for Complex Requests: Where a request is complex or multiple requests are made by the same data subject, Insightful may extend the response period by an additional sixty (60) days. Insightful shall inform the data subject of the extension and provide reasons for the delay within the initial thirty (30) days period.
• Request Clarification: If additional information is required to identify the data subject or clarify the request, the response period shall commence upon receipt of the required information.
• Request Refusal: If a request is unfounded, excessive, or repetitive, Insightful may refuse to act on it or charge a reasonable fee to cover administrative costs. The data subject shall be notified of the refusal, the reasons for it, and their right to lodge a complaint with a supervisory authority within thirty (30) days of the refusal decision.
• Acknowledgment: Insightful will acknowledge receipt of the request as soon as practicable to ensure transparency and communication with the data subject.
  

Lawful Basis for Processing: When we process your Personal Information under the GDPR, we rely on several lawful bases to do so. These include:

• Consent: We will clearly obtain your opt-in consent when required. You may withdraw your consent at any time by contacting us at privacy@insightful.io.

• Legal Obligations: We may process your data as necessary to comply with applicable laws, regulatory requirements, legal proceedings, or court orders. This includes using data to establish, exercise, or defend our legal rights in pre-arbitration, arbitration, or other dispute resolution processes, as well as to respond to governmental or law enforcement requests in accordance with the law.
• Legitimate Interests: Where we process your information based on legitimate interests, it is only when such processing is necessary for your legitimate interests or those of a third party, unless a compelling reason to protect your Personal Information overrides those interests. We process your information based on our legitimate interests, such as:
  • Setting up and operating accounts efficiently to support our business.
  • Maintaining security and preventing fraud, which also fulfills our legal obligations to secure Personal Information.
  • Conducting research and analysis to improve our products and Service.
  • Promoting our products and Service, with consent where legally required.
• Expressly Public Information: We may also process information that you have expressly made public, such as information shared on public platforms or with consent.

When providing the Services, we are processing Personal Information as necessary to fulfill the contractual obligation in accordance with instructions of our Customer as Data Controller.

In certain European countries, optional cookies can be used only if users give informed consent, particularly regarding the purpose of data processing. We use two types of cookies: strictly necessary cookies and optional cookies. We do not request your consent for the use of strictly necessary cookies, as they are required for providing you with the services you request on our website. As for the optional cookies, we use them only if you have provided your prior consent. Optional cookies are used to track usage and improve the site.

Privacy Rights from other Countries.

Insightful respects the privacy laws of all countries within which it operates. If you believe you have a privacy right not specifically addressed here, please contact us using the Contact Information provided above. Be sure to include your full name, email address, and the purpose of your request to ensure a prompt response.

Data Security

Security of Your Personal Data: The security of your Personal Information is a priority to us. We take reasonable measures to safeguard the privacy, accuracy, and reliability of your information, protecting it from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These include industry-standard security practices such as encryption, access controls, monitoring, backup/restoration and regular security audits to ensure that our security controls function properly and in an efficient manner. Specifically, we use encryption for all data transmissions and restrict access to Personal Information to authorized personnel who require it to perform their duties. Your data is also encrypted at rest using industry-standard encryption algorithms, which remain current and are considered highly secure. Despite our efforts, no security system is entirely impenetrable, and we cannot guarantee the absolute security of our systems or databases. This means that Personal Information may still be at risk of interception, unauthorized access, or breach. Any information you transfer to or from our Service is done at your own risk. We make reasonable efforts to ensure that our other Service Providers have implemented physical, electronic, and procedural security measures to assist with safeguarding your Personal Information and to help protect against unauthorized access and disclosure. Only our authorized personnel and our Service Providers who perform legitimate business functions for us are authorized to access your Personal Information. Notwithstanding our efforts, the Internet has inherent security risks. We cannot promise, and you should not expect, that your Personal Information, personal searches, and other communications will always remain secure. You should take care with regard to how you handle and disclose your Personal Information or any username or password that you are required to use to access the Service or our Websites.

Your Role in Security: Please help us keep your information secure. Your account information is protected by a password and MFA activation, therefore it is essential to choose your password carefully and keep it confidential. Make sure to sign out after using our Service and secure your computer. You are responsible for maintaining the confidentiality of your password and account and are fully accountable for all activities that occur under your account. We reserve the right to terminate your access to our Service if we suspect that you have disclosed your account or password information to an unauthorized third party.

Service Provider Security: We also ensure that our authorized service providers have implemented physical, electronic, and procedural security measures to help safeguard your Personal Information from unauthorized access and disclosure. Only authorized personnel and Service Providers who perform legitimate business functions for us can access your Personal Information.

Inherent Risks: We continuously improve our security measures and actively monitor the latest security trends to enhance protection. Despite our efforts, the Internet carries inherent security risks, and we cannot guarantee the absolute security of your Personal Information, searches, or communications. You should exercise caution regarding how you handle and disclose your Personal Information, including your account credentials.

Data Retention

General Retention Periods (in the absence of specific instructions agreed with Customer as Data Controller under the applicable Data Processing Agreement):

• Account Information: We retain your profile information for as long as your account remains active to provide you with uninterrupted access to our Service.
• Transactional Data: Records of transactions are kept for a minimum of seven (7) years to comply with tax, accounting, and other legitimate business obligations.
• Collected Data: Automatically collected data, such as system logs, metadata, or aggregated usage data, is retained for two (2) years from the date of collection, and activity logs are retained for three (3) months from the date of collection.
• Screen Captures and Video Recordings: Screen captures are retained for up to two (2) months unless a longer retention period is mandated by legal obligations.
• Geo-Location Data: If collected, geo-location data is retained for up to two (2) years, in alignment with the retention period for other automatically collected data.

Handling Customer Deletion Requests: If you request the deletion of your account, we will remove your Personal Information in accordance with the following steps:

• Immediate Removal: Profile and account-related information will be permanently deleted within thirty (30) days of verifying the deletion request, ensuring compliance with applicable laws and contractual obligations.
• Exempt Data: Certain data, such as transactional records or any information required for tax, fraud prevention, or security purposes, may be retained for the legally required periods.
• Collected Data: Automatically collected data linked to your account, including geo-location data or screen captures, will be removed within thirty (30) days of the account deletion request unless otherwise required by law.

Legal and Regulatory Exceptions: In some circumstances, data may be retained beyond the standard retention periods if required by legal obligations, regulatory compliance, or to resolve disputes, enforce agreements, or protect our legal rights.

Third-Party Links

Our Service may include links to third-party websites not operated by us. If you click on a third-party link, you will be directed to that site. We strongly recommend that you review the Privacy Policy of every website you visit.

Please note that we have no control over, and do not assume responsibility for, the content, privacy policies, or practices of any third-party sites or third-party services.‍

Data integrity

We will only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by you. To the extent necessary for those purposes, we will take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use. Data may be processed in your country or in other countries, including the United States, where data protection laws may differ from those in your country. Regardless of where the data is processed, reasonable measures will be implemented to ensure that the data is protected in accordance with applicable data protection laws and regulations, including the GDPR and relevant U.S. State privacy laws. This may include, but is not limited to, the use of standard contractual clauses, data protection agreements, or other safeguards to ensure an adequate level of data protection.

Insightful Operates from the United States: The United States, EEA Member States, and other countries all have different laws relating to privacy and data protection. When your information is moved from your home country to another country, the laws and rules that protect your Personal Information in the country to which your information is transferred may be different from those in the country in which you live. For example, the circumstances in which law enforcement can access Personal Information may vary from country to country. In particular, if your information is in the United States, it may be accessed by government authorities in accordance with U.S. law.

International Data Transfers: Please be advised that information we collect about you via the Service may be transferred, processed and/or accessed by us in the United States, or another country where we or our Service Providers operate. Please be aware that the privacy laws and standards in certain countries, including the rights of authorities to access your Personal Information, may differ from those that apply in the country in which you reside. If you are located outside the United States and choose to allow us to collect information about you, please be aware that we may transfer your Personal Information to the United States and process and store it there. We will transfer Personal Information only to those countries to which we are permitted by law to transfer Personal Information, and we will take steps to ensure that your Personal Information continues to enjoy appropriate protections. For Customers in the EEA, we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect international data transfers in compliance with GDPR.

By using our Service, you consent to the transfer of your personal information to these countries.

In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Third-Party Data Sharing

We may share your data with trusted third-party processors (“subprocessors”) to help provide and improve our Service. A full list of subprocessors we use is available upon request by contacting us at privacy@insightful.io.

Children’s Privacy

We do not knowingly collect Personal Information from children or minors. Our website content is not directed toward children who are under the age of 18. However, our websites are generally available on the internet. If you are under 18, you may not use the Service or provide any personal information. If we or our Service Providers become aware that a child or minor has provided us with Personal Information without parental consent, that information will be deleted from our databases. If you have questions about Personal Information that may have been submitted by a child, please email us at privacy@insightful.io.

Changes to This Privacy Policy

• We reserve the right to amend the terms of this Privacy Policy from time to time to reflect changes in the Service, or evolving privacy laws.
• Any amended policy will be posted online.
• In the event of material changes, we will provide notice to you through the Service or via other means of communication, including, but not limited to, email.
• Your continued use of our Service following any amendment to this Privacy Policy constitutes your acceptance of the updated terms.