Insight Now is the registered trading name of OrbitaCX Limited. Insight Now is committed to protecting and respecting your privacy. This policy and any other documents referred to in it sets out how we deal with personal information we collect from you. Insight Now is registered with the UK’s Information Commissioner’s Office as a Data Controller (ZA285673).
Personal data, or personal information, means any information which identifies an individual. It does not include data where the identity has been removed (anonymous data).
Insight Now collects survey and other market research data about individuals’ use of products and services. The data is used by Insight Now’s clients to improve their products and services.
Insight Now collects and uses personal information, under the following circumstances:
Our web servers automatically recognise some non-personal information and we collect information regarding:
The Internet domain and Internet Protocol (IP) address from which you access the site.
The type of Internet browser and the operating system of the computer you use to access the site.
The date and time you visit the site.
The pages you visit on the siteIf you linked to our site from another website, the address of that website.
If you linked to the site from a search engine, the address of that search engine and the search term you used.
b) Products and Services:
If you wish to use our products and services, or if you make a general enquiry or ask us to contact you, you may be asked for personal information such as:
And organisation-specific information (name and address)
c) Surveying Customers:
When Insight Now surveys customers on behalf of its clients, it receives customers’ personal information from its clients. Insight Now enters into legally-binding confidentiality and non-disclosure agreements to protect the personal information it receives and use it only for the purposes specified in the contract.
If requested by a client, Insight Now may collect personal information during a survey. This personal information will be shared with the client for the purposes the client has agreed with the survey respondent.
Insight Now does not collect sensitive personal information such as: political views, credit card numbers, religion, or membership of organisations.
Occasionally, Insight Now collects demographic information for statistical purposes and in this case the responses are voluntary.
As the Data Controller it is also our clients’ responsibility to ensure the types of information we collect on their behalf comply with the rules set out by the GDPR legislation.
Where we act as a Data Processor collecting data for our clients as part of the service they provide to their customers, we will collect only the information prescribed by the client. It is our clients’ responsibility to obtain the relevant consent or justification for collecting and processing your data.
Where we act as a Data Processor processing previously collected data for our clients, we will adhere to the processing requirements of GDPR, under a contract that references data protection.
We will endeavour to assist clients to ensure their compliance, though we will not be liable should they not do so.
Any information collected (as stated above) will not be communicated to any third party, other than stated in the ‘Third Parties’ section.
How we use your data
The Insight Now website does not automatically capture or store personal information, other than information that is automatically logged about visitors and which is used to produce statistics about the use of the website, as specified in the section above.
Should you have submitted your personal data in a direct request for information or via a product enquiry, then we will only use the personal information you provide to deliver the services you have told us you wish to use. We will not provide your information to any other organisation, other than stated in the ‘Third Parties’ section.
Links within the website to other websites are not covered by this policy. You should refer to the policies posted by other websites regarding privacy and other topics before you use them.
Where we act as a Data Processor for our clients we will use the data to fulfil only the contracted analysis agreed with the client; this may include:
Analysis of responses to structured, opinion-based questions and analysis of the themes and sentiment within free-text comments.
Presenting the response analysis back to the client, which may include direct customer quotes and suggestions.
How long we keep your data
We retain your data only for as long as we are contractually required to do so. How long we need data depends on our clients’ requirements, whether that is to provide services to you, for our own legitimate interests in the case of the website (described above) or so that we can comply with the law.
We will actively review the information we hold and when there is no longer a client, legal or business need for us to hold it, we will delete it securely.
Opt-in and Opt-Out Policies
If at any time you do not wish to be included as a recipient of information from Insight Now, please contact us at the email address: firstname.lastname@example.org
Opt-in and opt-out choices are included in communications to individuals where required.
How we protect your data
We understand the importance of data security to our clients—many of whom operate in highly regulated industries. We maintain industry-leading security practices to protect their data by:
Adherence to ISO 27001 and GDPR
Storing data in Tier III, SSAE-16 and/or ISO 27001 certified data centres
Hardening our systems according to industry best practices
Segregating customer data
Continuously scanning and monitoring our network, and role-based access control
We hold accreditation to ISO/IEC 27001:2013 under Certificate Number IS 685090 which also refers to our Information Security Management System (ISMS) with the following scope:
The ISMS that governs: the secure collection and analysis of customer survey information from all forms of B2C interaction including voice, email, file transfer and browser; the secure management and presentation of customer experience findings via real-time dashboards and historic reporting; the secure delivery of solutions to improve customer experience. This is in accordance with the Statement of Applicability, Issue 2.0, 15 February 2018.
We protect your personal data against unauthorised access, unlawful use, accidental loss, corruption or destruction.
We use technical measures such as data encryption at rest and in transit, and multi-factor authentication to protect your data and the systems they are held in. We also use operational measures to protect the data, for example by limiting the number of people with access to the databases in which our information is held.
We keep these security measures under review and refer to industry security standards to keep up to date with current best practice.
Accessing your data and your rights
You are entitled to see copies of all personal data held by us and to amend, correct or delete such data. You can also limit, restrict or object to the processing of your data, for example, through opt-outs available on all messages we send.
To raise any objections or to exercise any of your rights, you can send an email to us at email@example.com or you can write to us at: Insight Now (OrbitaCX Ltd), 16 High Holborn, WC1V 6BX, London, United Kingdom.
When you get in touch, we will come back to you as soon as possible and where possible within one month. If your request is more complicated, it may take a little longer to come back to you, but we will come back to you within two months of your request. There is no charge for most requests, but if you ask us to provide a significant amount of data we may ask you to pay a reasonable admin fee. We may also ask you to verify your identity before we provide any information to you.
Insight Now makes use of third parties to provide products and services to you. We only hold and process data on systems located within the EU/EEA and where these systems are provided by a third party, they only process data as part of the service they are contracted to deliver to us and will not access it for their own purposes.
Our service infrastructure is hosted by Microsoft Azure, with all data we collect and process being strictly stored within their data centres located in Dublin, Ireland and Amsterdam, the Netherlands.
For more information visit Microsoft’s Trust Centre: https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx