Effective Date: 7/16/2025
Last Updated: 7/16/2025

1. Introduction

Insi (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring transparency about how we collect, use, and protect your personal information. This Privacy Policy explains our practices regarding personal data when you visit our website, use our accessibility tools, or interact with our services.

This policy applies to all users of our website (www.insi.com), our WordPress plugin, and related services. By using our services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide Directly

Contact Forms and Communications

  • Name, company name, contact information, and message content when you contact us
  • Support ticket information and correspondence

Service Usage Data

  • Website URLs you scan using our accessibility tools
  • Scan results and accessibility reports
  • Configuration preferences and settings
  • Subscription status information
  • API keys for service authentication

2.2 Information Collected Automatically

Website Analytics (Google Analytics)

  • IP address (anonymized)
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referral sources and search terms
  • Device information and screen resolution
  • Geographic location (country/region level)

Marketing and Advertising Tracking

  • Facebook/Instagram Pixel: Conversion tracking, custom audience creation, and advertising optimization
  • LinkedIn Insight Tag: Professional demographic data for B2B advertising and conversion tracking
  • HubSpot Tracking: Website behavior for lead scoring and marketing automation

Technical Information

  • Cookies and similar tracking technologies
  • Session information and user preferences
  • Error logs and performance data
  • Plugin usage statistics (when using our WordPress plugin)

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process your personal data based on the following legal grounds:

  • Consent: When you provide explicit consent for marketing communications or non-essential cookies
  • Contract Performance: When processing is necessary to provide our services or fulfill our contractual obligations
  • Legitimate Interests: For website analytics, security, fraud prevention, and business operations
  • Legal Compliance: When required by applicable laws or regulations

4. How We Use Your Information

4.1 Service Provision

  • Provide and maintain our accessibility scanning and reporting tools
  • Manage subscriptions (payment processing handled by third-party processors)
  • Deliver customer support and respond to inquiries
  • Send service-related communications and updates

4.2 Analytics and Improvement

  • Analyze website usage patterns to improve user experience
  • Monitor and improve our service performance and reliability
  • Conduct research and development for new features
  • Generate aggregated, anonymized usage statistics

4.3 Marketing and Communications

  • Send newsletters, product updates, and promotional materials (with your consent)
  • Create custom audiences for targeted advertising
  • Measure the effectiveness of our marketing campaigns
  • Provide personalized content and recommendations

4.4 Legal and Security

  • Comply with legal obligations and respond to legal requests
  • Protect against fraud, abuse, and security threats
  • Enforce our terms of service and other agreements
  • Protect the rights and safety of our users and company

5. Information Sharing and Disclosure

5.1 Third-Party Service Providers

We share information with trusted service providers who assist in our operations:

HubSpot (CRM and Marketing)

  • Contact information and communication history
  • Website behavior and engagement data
  • Lead scoring and marketing automation
  • Data processing location: United States
  • Privacy Policy: https://legal.hubspot.com/privacy-policy

Google Analytics

Facebook/Meta (Advertising)

  • Conversion events and custom audience data
  • Website interaction data for advertising optimization
  • Data processing location: United States and international
  • Privacy Policy: https://www.facebook.com/privacy/policy

LinkedIn (B2B Advertising)

Payment Processors

  • Subscription status updates (we do not store payment or billing details)
  • Service activation confirmations
  • Data processing location: Varies by processor

5.2 Legal Requirements

We may disclose personal information when required by law, court order, or government request, or when necessary to:

  • Comply with legal obligations
  • Protect and defend our rights or property
  • Prevent fraud or security threats
  • Protect the safety of our users or the public

5.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets, personal information may be transferred as part of the transaction, subject to appropriate confidentiality protections.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy:

  • Account Data: Retained for the duration of your account plus 7 years for business records purposes
  • Website Analytics: Anonymized data retained for up to 26 months
  • Marketing Data: Retained until you opt-out or withdraw consent
  • Support Communications: Retained for up to 3 years for quality assurance
  • Legal and Security Data: Retained as required by applicable laws

7. Your Privacy Rights

7.1 Rights for All Users

  • Access: Request information about what personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal data (subject to legal requirements)
  • Opt-out: Unsubscribe from marketing communications at any time

7.2 Additional Rights for GDPR Users (EEA, UK, Switzerland)

  • Data Portability: Request a copy of your data in a machine-readable format
  • Restriction: Request limitation of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Consent Withdrawal: Withdraw consent for processing at any time
  • Supervisory Authority: Lodge a complaint with your local data protection authority

7.3 Exercising Your Rights

To exercise your privacy rights, contact us at:

We will respond to your request within 30 days (or as required by applicable law).

8. Cookies and Tracking Technologies

8.1 Essential Cookies

  • Session management and authentication
  • Security and fraud prevention
  • Website functionality and preferences

8.2 Analytics Cookies

  • Google Analytics for website usage analysis
  • Performance monitoring and optimization

8.3 Marketing Cookies

  • Facebook/Instagram Pixel for advertising optimization
  • LinkedIn Insight Tag for B2B marketing
  • HubSpot tracking for lead generation and nurturing

8.4 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

9. International Data Transfers

We are currently based in the United States and primarily serve customers in the US market, though we welcome users from anywhere in the world. When you use our services from outside the United States, your personal data may be transferred to and processed in the United States.

For users outside the United States, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) for transfers where required
  • Adequacy Decisions where applicable
  • Data Processing Agreements with third-party service providers
  • Privacy Shield successor frameworks for US-based processing

If you are located outside the United States and have concerns about international data transfers, please contact us at privacy@insihub.com.

10. Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption: Data encrypted in transit and at rest using SSL/TLS
  • Access Controls: Strict access limitations on a need-to-know basis
  • Regular Audits: Security assessments and vulnerability testing
  • Employee Training: Regular privacy and security training for all staff
  • Incident Response: Procedures for detecting and responding to data breaches

11. Children’s Privacy

Our services are not directed to children under 16 (or 13 in the US). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information promptly.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to Know: Categories of personal information collected and shared
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information
  • Non-Discrimination: We will not discriminate against you for exercising these rights

Note: We do not sell personal information as defined by the CCPA.

13. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Post the updated policy on our website
  • Update the “Last Modified” date
  • Notify you of material changes via email or website notice
  • Obtain consent for changes where required by law

14. Contact Information

For questions about this Privacy Policy or our privacy practices, contact us:

Insi Privacy Team

This Privacy Policy was last updated on 7/15/2025 and is effective as of 7/15/2025.