Privacy Policy
This Privacy Policy applies to the websites, applications, and services owned and operated (“Website, Applications, and Services”) by Insighteur Inc., doing business as Insighteur (Insighteur, We, Us, or Our). This Privacy Policy describes how Insighteur collects and uses the personal data collected through the Website, applications, and services (including, but not limited to, www.insighteur.com) and Services located behind the logins of Insighteur Applications. It also describes individual rights regarding the use of, access to, and how to update, correct, or remove personal information. The use of information collected through Our Services shall be limited to the purpose of providing the Service for which Insighteur is engaged.
If you have questions or complaints regarding this Privacy Policy or Our practices, please contact Insighteur via email at info@insighteur.com.
Your privacy is important to us and we respect each individual’s right to privacy. This privacy policy explains the personal data that Insighteur collects and processes, how it processes data, and for what purposes it is collected and processed. This Privacy Policy further describes our commitment to preserving the privacy and security of your personal data. We will collect and use information through Our Website, applications, and services only in the ways disclosed in this Privacy Policy. We have created this Privacy Policy to let you know what information we collect when you visit Our Site and/or use our application, why we collect it, and how it is used. By using this Website, applications, and services you consent to the data practices prescribed in this Privacy Policy.
Who We Are and Our Commitment to Privacy
Insighteur Inc. is a Canadian company located in Vancouver, British Columbia.
We use your data solely to provide you with the Services in which you enroll and to provide you with an enhanced user experience when you visit our Website or use our applications, and services. Our business is providing Insighteur products and Services to you, the customer. We have no desire or interest to use or transfer the limited data we acquire for any other purposes.
Who are You
Unless otherwise noted, we refer you, the Customer, as an owner, user, or organizer of Insighteur Inc.’s website, applications, or services.
Non-Owners
If you are a non-owner member of a team, business, or family account, your use of Insighteur may be subject to your organization’s privacy policy or practices, if any. Non-owner members of an account transfer some of the rights described here to the account owners.
Information Collected Through Insighteur Services
We collect some data from you, in order to provide you with our Insighteur products and Services, in addition to your use of our Website. You provide some data directly, such as when you create an Insighteur account when you register for an Insighteur event or a webinar or contact us for support. Such data is limited to email addresses, phone numbers, or alternative contact details as provided voluntarily by the end user. We get limited data from your use of Insighteur products and services. Such data includes your IP address and the make and model of the device through which you access or use Insighteur products or services.
We use your personal data to provide you with services associated with the use of an Insighteur account and to provide you with a rich customer experience through our customer support. In particular, we use your data to provide Insighteur services, which include updating, securing and troubleshooting, and providing support.
The following is a more detailed description of the types of Insighteur account user data:
We process two kinds of user data to deliver our services: (i) Secure Data and (ii) Service Data. Both are treated securely with respect for customer privacy and data confidentiality, but there are important technical and usage differences.
(i) Secure Data
Secure Data is the data that we are not capable of decrypting under any circumstance. It includes all information stored within vaults in Insighteur accounts. This data is encrypted using secure cryptographic keys that exist only in the possession and under the control of our customers. We have no way of accessing or providing decrypted Secure Data, and we never receive copies of unencrypted Secure Data.
Your Secure Data is your property. We claim no rights to it beyond those necessary to deliver services to you. You may add, modify, and delete Secure Data at your discretion. If you do not have an Insighteur account, you cannot provide us with Secure Data.
(ii) Service Data
We inevitably acquire Service Data about your usage of Insighteur, your account, and your payments through operating our services. We retain only enough Service Data to operate and maintain the services. This data is not intended for usage beyond Insighteur’s service delivery agreement.
Service Data is kept confidential. It is visible to our staff and includes, but is not limited to, server logs, billing information, client IP addresses, number of vaults and number of items in vaults, company or family name, and email addresses. Service data includes the name you provide us for your profile and any image/video that you may upload, at your option and discretion, as part of your profile.
As long as you are using our services, we retain the right to hold and use Service Data to provide our services, troubleshoot problems, analyze the performance and demands of our services, and provide our payment processors with the information they need to process payments.
(iii) Diagnostic Data (Optional)
Diagnostic Data is a category of Service Data that is not automatically collected or required for the operation of our services.
In some cases, Insighteur Inc. seeks diagnostic reports and other troubleshooting, bug, and crash reports from customers to help identify and solve problems with Insighteur Inc.’s products and services. This information is sent to Insighteur only on a case-by-case basis, or by users who explicitly opt into our beta software programs or who otherwise explicitly choose to provide diagnostic data to Insighteur.
Diagnostic Data may contain sensitive information about your devices and operating environment as well as personally identifying information. Although there may be occasions when we ask for Diagnostic Data to assist you with a problem, you are never obligated to provide it.
Keeping Your Information Safe
We understand and accept our responsibility to protect Service Data and Secure Data. We use strict access control mechanisms, network isolation, and encryption to ensure that Secure and Service Data is only available to authorized personnel. Additionally, Secure Data cannot be decrypted even by those who do have access to it.
Information Collected from Your Use of Our Website, Applications, and Services
In a few areas on Our Website, applications, and service, we ask you to provide personal information that will enable Insighteur to provide application features, enhance your site visit, and assist you with technical support issues or follow up with you after your visit. It is completely optional for you to participate. For example, We request information from you when you:
- Subscribe to a newsletter
- Participate in promotional offers
- Insighteur uses your information for specific purposes. Your information may be used to:
- Send you the requested information about Insighteur
- Provide support
- Market Insighteur products or Services to you
- Provide you with access to Insighteur Services
Personal information you provide will be kept confidential and used to support your customer relationship with Our company.
All email communication with you will be on an Opt-In basis. This is solely at your discretion. Occasionally, Insighteur will send you email communications with information, which may be useful to you, including information about Insighteur products and services or business partners. When you first provide Insighteur with your email address, you will be given the option of not receiving any such e-mail communications. Insighteur will include instructions in email messages on how to unsubscribe if you later decide you do not want to receive any future email communications. At any time, you can easily opt-out of receiving further marketing from Insighteur by contacting Insighteur at the address below and requesting to have your name removed from Insighteur lists.
Information Sharing and Disclosure to Third Parties
Agents or contractors of Insighteur may have access to your personal information for the purpose of performing services on behalf of Insighteur. All such agents or contractors who have access to your personal information have Data Processing and Confidentiality obligations to keep the information confidential and not use it for any other purpose than to carry out the services they are performing for Insighteur.
Unless Insighteur tells you otherwise, or unless otherwise stated in this Privacy Policy or required by law, Insighteur does NOT sell or rent your personal information to any third parties. However, Insighteur might share your personal information with service providers, such as Insighteur’s hosting services providers. If you choose to participate in a survey, a focus group, etc., Insighteur may also share de-identified data with Our customers.
Information collected from you is only used to complete and support your purchases from Insighteur and use of the Site and to comply with any requirements of law. Insighteur may disclose personal information if required to do so by law or in the good faith belief that such action is necessary to: (1) conform to the edicts of the law or comply with legal process served on Insighteur or this Site; (2) protect and defend the rights or property of Insighteur; or (3) act in urgent circumstances to protect the personal safety of users of Insighteur, its web sites or the public. Insighteur may collect and possibly share your information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Insighteur terms and conditions posted on Insighteur websites, or as otherwise required by law.
If Insighteur is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on Insighteur’s website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information. We may also disclose your personal information to any other third party with your prior consent.
Compliance with the laws
Insighteur fully complies with Canadian privacy laws and the GDPR. Insighteur is a Canadian company, we are not U.S.- E.U. Privacy Shield certified. If you are affiliated with an organization that provides you with an Insighteur account through its Enterprise level account then there may be additional requirements for Insighteur to meet, based on the contracts with the organization.
Data Location and Transfer
Application data are held on AWS servers located within the USA and/or Canada.
Customer support system
Our customer support and email services are hosted primarily in Canada. Any information you choose to send Insighteur through email or the Insighteur customer support system may pass through and be stored on a variety of intermediate services.
Third-Party Data Processors
Your Secure and Service data are held by third-party data processors, who provide us with hosting and other infrastructure services. The locations of these are described above. In many cases (but we cannot promise that this will always be the case) even Service data held by these entities is encrypted with keys held only by Insighteur.
Contacting You
We may use your contact information, that is, the contact email address provided by you, to communicate with you about Service activity, provide support, and send you other information such as product updates and announcements. You may choose to stop receiving communications from us, except for certain important notifications such as billing and account security alerts.
Your Responsibilities for Protecting Your Data
When you create an Insighteur account for the application you will receive an email and will be asked to create a User password. For your protection, you should create a strong and unique password to ensure that it is not easily guessed.
Due to the nature of our design and the sensitivity of the information you entrust to us (even in encrypted form), it may not be possible for us to help you with certain customer service requests unless you are listed as an account owner and are communicating from your verified email address. In the event that you change your email address, it is very important that you update your email on your Insighteur account(s) or you may eventually lose access.
Data Protection Principles that We Practice
(i) Data Portability
We want happy customers, not trapped ones. We will not lock you out of your own data. However, we are unable to decrypt your Secure Data; you will need your User’s Password to decrypt it.
You may export your Insighteur data at any time you wish during the life of your account. If you discontinue payment, your account will enter a frozen state for a period not less than six months during which you may still retrieve and export your data according to data egress charges from the cloud infrastructure provider.
Export is limited to your Secure Data. Vault permissions, the structure of groups of individuals, and other information about the relationship between individuals and data are not guaranteed to be included in the export.
(ii) Your Right to Know What We Know
You have the right to know what we know about you and to see how that data is handled. You may request a screenshot of what we can see about you in our back-office systems. However, to protect customer privacy, such requests must be carefully authenticated beyond demonstrating the control of the customer’s email address.
(iii) Your Right to Have Your Data Erased
As we are merely custodians of your data, account owners have the right to instruct Insighteur Inc. to remove data permanently from our systems. To ensure that no one’s data is deleted without their consent, you must first delete your account through an authenticated session. After your account has been deleted, the account owner must contact the Insighteur Inc. account and support team and submit a request in writing asking for the data to be expunged. Once the request is authenticated, the data will be removed from our active systems within 72 hours.
Disaster recovery and data availability requirements mean that Insighteur has a legitimate interest in maintaining secure and immutable backups. Backups are kept for 35 days. Erasure requests will leave those backups untouched, and we will only remove data from backups if legally compelled to.
(iv) Your right to access and control your personal data
You can also make choices about the collection and use of your data by Insighteur. You can control your personal data and exercise your data protection rights by contacting Insighteur at the address and information provided below. You can add, remove, edit, and change any data that is located in the Insighteur account. If you are an affiliate of an organization that provides you with access to an Insighteur account and services, there may be certain restrictions to the above, based on your affiliate organization’s privacy or other similar policies.
Cookies and Tracking
We do set and use cookies (small text files placed on your device) on our own domains and subdomains to store settings that assist with identifying your account for sign-in. We also use third-party packages and trackers for our public pages that may set cookies on your computer. These cookies are used to understand broad and anonymous user behavior when you visit Insighteur.com. Such user behavior includes time spent by a visitor on the website, the most visited webpage, aggregated clicks on signups, etc. We also use these third-party cookies to serve more relevant advertisements to visitors once they have left the Insighteur website on our partner sites across the web.
You may disable cookies in your browser and continue to use our services without impact. We do not use third-party trackers in our web application (insighteur.com), or our client applications for macOS, Windows, Linux, Android, or iOS.
Client applications, including web browsers, will store information about your account to assist with future sign-ins and keep some information available to you when you are not signed in.
Consent for Underage Enrollment
Those under the age of 18 may not use the services without the consent or authorization of their parent or legal custodian. Family account organizers and team owners are responsible for that authorization when they add someone under the age of 18 to an account.
Disclosure
We will comply with applicable laws and the contracts with our customers to provide
Service Data and encrypted Secure Data to law enforcement agencies. If permitted, we will notify you of such a request and whether or not we have complied. Your Secure Data remains encrypted with keys that we do not possess, so we can only hand over Secure Data in encrypted form.
Some Service Data is made available to family account organizers and team owners. In some limited circumstances, we may provide some information to non-owner members of these accounts. Account owners will be informed in these circumstances.
Breach Notification
In an event of a breach, we recognize our responsibility to our customers and to the public to disclose the nature of the risk and provide a transparent account of the events without undue delay. We follow applicable requirements under the laws, that is, the Canadian data privacy breach notification requirements and the requirements related to data breach notification under the GDPR.
Insighteur Product or Account provided by your Organization
When we offer Insighteur products and services to you through your organization, we continue to adhere to Canadian privacy laws and data protection requirements under the GDPR. We follow the Canadian data privacy laws and the GDPR, in addition to any requirements under the contracts with your organization, to ensure that your data are located, and if applicable, appropriately transferred.
If you use an Insighteur product or Insighteur account to access Insighteur products and services, and such Insighteur product or Insighteur account was provided by the organization that you are affiliated with, that organization is the controller or the administrator of your Insighteur product or Insighteur account. Your organization can access and process the data associated with your Insighteur product or account. If your organization provides you with access to an Insighteur product or Insighteur account, your use of the product or account is subject to your organization’s policies, if any. You should direct your privacy inquiries, including any requests to exercise your data protection rights, to your organization’s administrator. We are not responsible for the privacy or security practices of your organization, which may differ from those set out in this privacy policy.
If you lose access to the organization that you are affiliated with (for example, if you change your employment), you will lose access to the Insighteur product or Insighteur account and the content or data associated with such product or account.
Updates to our Privacy Policy
At our discretion, we may make changes to this Policy and note the date of the last revision. You should check here frequently if you need to know of updates to our Privacy Policy. We maintain the right to send you an email informing you of substantive changes. Previous versions will be made available on this page.
Contact Insighteur
If you have any questions about this Policy, you can send us an email at: info@insighteur.com.
Supervisory Authority
If you have concerns or complaints about this policy or practices with regard to that you do not feel you can resolve through contacting Insighteur, you should bring those concerns to your local regulatory authority.
Glossary
Insighteur, we, our, Service Provider
Insighteur Inc. is a Canadian company located in Burnaby, British Columbia. Owners and operators of Insighteur Inc. As Data Processors, we include Insighteur employees and subcontractors appointed by Insighteur Inc.
Data Processor
Data Processor as defined by the GDPR. We and the subprocessors (hosting services, payment processors) we appoint are the Data Processors.
User’s Password
A user password is necessary to decrypt Secure Data.
Insighteur staff
Our Directors, employees, and subcontractors
GDPR
European Union’s General Data Protection Regulation
Decrypt
Decryption transforms encrypted data back to its original form. It cannot be performed without the appropriate cryptographic key.
Encrypt, Encryption
Encryption transforms usable data into a form that conceals all information contained in the original data. This data transformation uses a cryptographic key.
Owner, Organizer
Business and Family accounts, which allow for multiple members, will have Owners or Organizers. Owners and Organizers have some rights over the data belonging to members of the Business or Family.
Personal Data
As defined under Canadian privacy laws and the GDPR.
Subprocessor
Anyone other than Insighteur who is appointed to process customer data. Subprocessors can see no more data than we can see. Examples include our data hosting providers and payment processors.
Supervisory Authority
A local regulator under the GDPR has the job of seeing that we protect your data properly.
Secure Data
Data is encrypted with keys derived from the User’s Password. This data cannot be decrypted by Insighteur.
Service Data
Data about a user account, which is available to Insighteur.
You, Data Subject
You are the Data Subject as defined in the GDPR. In general, we are addressing “you” as the Owner or Organizer of an Individual, Family, Team, or Business account.