Other privacy policies may apply when you use, access or visit third party websites that may be linked via the Service. You should read those other privacy policies carefully. By accessing such other websites, or by purchasing, subscribing or participating in, certain of InSync Analytics products or services, you will be bound by those third party privacy policies. As used herein, the term “Third Party Content Provider” refers to each third party provider of content provided through the Services and their respective affiliates. Through the Services, you can access and view various categories of commingled financial information and other related information, in each case, as provided by the Content Providers to the Services (each, “Third Party Content”). The Products and Services also contain hyper-links, which allow authorized customers of a Third Party Content Provider to click-through to the applicable pages on such websites on which additional content may be accessed and viewed. In addition, through the Products and Services, you will have access to financial information provided by InSync Analytics.
INFORMATION WE COLLECT AND WHY WE COLLECT IT
Our Services collect information about you in the following ways:
(a) Registration Data and Access Data:
In order to access the Services, during the registration process, either you or your employer will be required to provide InSync Analytics with certain information; including your name, your employer, title, business address, business telephone number and business e-mail address (“Registration Data”). This Registration Data will be shared only with those Content Providers requested, by you or your employer, to authorize your use of the Services.
(b) Data You Provide to InSync Analytics:
If you contact us with a technical question, we may request and collect from you certain information about your systems, such as: (a) your browser type, version and settings (e.g., Java and cookie settings); (b) connectivity information (e.g., SSL/HTTPS compatibility, bandwidth capacity); and (c) browser plug-in information (e.g., do you have Adobe, what is your media player, can you open Flash files, etc.).
INFORMATION THAT WE COLLECT FROM YOU AUTOMATICALLY
InSync Analytics may collect information automatically from your device, including information regarding how you use our Products and Services. Information we collect automatically includes your log-in events (when, how and for how long you log into and use certain Services), IP or MAC address, device make, model and operating system, mobile network information, internet service provider, unique device identification number, advertising ID, browser type and language, geographic location (e.g. country or city level location or time zone) and other technical information. InSync Analytics collects “click stream” data, which is information about how your device interacts with our Services, such as the pages, screens, functions, applications and products accessed and links clicked. This information helps us understand users of our Products and Services, such as visitors to our websites, the pages they visited before and after and what content functions interest them. We use this automatically-collected information to:
- enhance our understanding of usage of our Products and Services;
- improve the quality and relevance to users of our Products and Services, including (with consent as applicable) by showing or offering users relevant Products and Services based on their preferences and usage habits;
- develop or accelerate research, analysis, news and related editorial content and information collection as part of our Products and Services, or to enable others to develop/accelerate such content where permitted;
- offer you support with and training on our Products and Services and to help resolve any errors or technical issues;
- develop and update our Products and Services;
- evaluate our customers’ training needs for our products;
- satisfy requests from Third Party Content Providers regarding the entitlement to and use of our Products and Services by individual users;
- deliver tailored information on our Products and Services that may be of interest or value to you and to send you marketing and promotional e-mails with your consent if required by applicable law;
- occasionally, to identify unauthorized use or unauthorized distribution of our Products and Services related or unrelated to a security issue;
- where relevant, to review or update pricing agreed with our customers; and
- for billing purposes, so that we can bill for the services provided.
HOW WE USE AND SHARE YOUR INFORMATION
We will only use or share your personal data when the law allows us to do so. We also employ appropriate security and technological controls and provisions to protect against unauthorized InSync Analytics’ employee access to your personal information. We may use or disclose the information we collect for the following business purposes:
(a) To Provide the Services and Information
By InSync Analytics: (a) in order to allow us to provide you with the products and services you have requested included within or accessible from the Services; (b) in order for us to provide you with access to or from linked sites; (c) for our own internal business and/or research and development purposes; and (d) in connection with our client services and client management systems.
(b) To your employer
We provide personal information to your employer for purposes such as to fulfil and enforce our contract with them, to inform them of potential group training needs, to inform them of Products and Services use by certain categories of users and for pricing purposes.
We may provide you with information about our products and services where permitted by law or with your consent. You may opt out of receiving marketing e-mail from us by following the instructions in each e-mail.
(d) With Your Consent
We may use and share your personal data (including with companies, organizations or individuals outside of InSync Analytics) when we have your consent to do so.
(e) Legal Obligations
We may use your personal data where we need to comply with a legal obligation.
(f) Legitimate Interests
We may process your personal data where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. These interests may include:
- To provide and fulfill contractual obligations to Third Party Content Providers for: entitlement and usage.
- Where we reasonably need to access, use, preserve or disclose information as reasonably necessary to:
- Meet any applicable law, regulation, subpoena, legal process or governmental request.
- Detect, prevent, or otherwise address fraud, security or technical issues.
- Protect against harm to the rights, property or safety of InSync Analytics, our users, customers or the public as required or permitted by law.
(g) Other Uses
We may also use your personal data in the following situations:
- Where we need to protect your interests (or someone else’s interests).
- Where needed in the public interest.
- Use within InSync Analytics companies. We may share your personal data with our affiliates and group companies for the purpose of data centralization, support and administration of the Services and InSync Analytics’ services as well as to facilitate the legitimate interests set forth above.
APPLICANTS FOR EMPLOYMENT
If you apply for employment with InSync Analytics, we collect information that you provide to us when you complete and submit your employment application, and any information you provide to us as a follow-up to your application. We may also collect information about you from vendors and service providers that we work with in the application process, such as vendors that process or review applications, that suggest candidates for us, or that assist with an applicant’s potential relocation.
We may use the information we collect, in order to:
- Process and evaluate an applicant’s application, qualifications, and credentials for employment with InSync Analytics;
- Contact applicants regarding the status of their application for employment;
- Assist with the onboarding of an applicant into employment;
- Conduct internal research;
- Conduct background checks;
- Monitor InSync Analytics’ recruitment initiatives and equal opportunities policies;
- Determine an applicant’s need for special accommodations;
- Evaluate an applicant’s legal ability or capacity for employment; To detect security incidents, protect against malicious, deceptive, fraudulent, or otherwise illegal activity; and
- Determine the terms of an applicant’s potential employment with InSync Analytics.
We may share your information with our affiliates and with service providers who assist us in the application process such as background check, relocation, and executive search vendors, or vendors who otherwise process applications. We may also share your information to satisfy any applicable law, regulation, subpoenas, court orders, warrants, governmental requests, or legal process if in our good faith opinion such is required or permitted by law. We may also share your information with a third-party performing audit, legal, operational, or other similar services for or on behalf of InSync Analytics. Moreover, we reserve the right to disclose and transfer the information we collect: (i) to a subsequent owner, co-owner, or operator of the Website or associated databases; or (ii) in connection with the negotiation, planning, or completion of a corporate merger, consolidation, restructure, sale of substantially all of our shares or assets, or other corporate change.
RIGHTS OF ACCESS, CORRECTION, ERASURE AND RECTIFICATION OF YOUR INFORMATION AND CHOICES
If you have questions about personal information we have about you can contact us at email@example.com. You can opt-out of receiving marketing and promotional e-mails from InSync Analytics by using the opt-out or unsubscribe feature contained in the e-mails.
You can close your online user account by emailing us at firstname.lastname@example.org. If you close your account, we will no longer use your online user account information or share it with third parties. We may, however, retain a copy of the information for a period of time reasonably necessary for archival purposes, and to avoid identity theft or fraud.
- You have the right to make a complaint at any time to the appropriate data protection authority in your country of residence.
- Please note that you have rights to obtain a copy of your personal data and in certain situations to obtain correction, erasure and restriction of processing of your personal data.
- You have a right of data portability.
- You have the right to object to any direct marketing by InSync Analytics, even if you have previously given your consent to direct marketing by InSync Analytics.
- Where processing is based on your consent you have a right to withdraw this consent at any time.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will keep your personal data for the time during which your user account is open (or, if you do not have a user account, for a reasonable period) or, if longer, the period required by law.
To determine the appropriate retention period for your personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you no longer hold a user account, we will retain and securely destroy your personal information in accordance with our data retention policy and applicable laws and regulations.
Data collected based on your consent for the purpose of marketing communications will be retained for as long as you give your consent to InSync Analytics for the processing of your personal data for marketing communications or if later, if permitted under another legal basis.
SECURITY OF INFORMATION
We use commercially reasonable physical, technical and administrative security measures and safeguards to protect the confidentiality and security of your personal information. However, since the Internet is not a 100% secure environment, we cannot guarantee, ensure, or warrant the security of any information you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information.
InSync Analytics may use encryption technology to protect certain transmissions of data to/from the Services, but e-mail and other communications, unless otherwise noted on the Services, are not encrypted to/from the Services. Therefore, you should not send any personal or identifying information, such as account numbers, credit card numbers, Social Security numbers, passwords, etc., to InSync Analytics via e-mail. By utilizing e-mail or other electronic communication means you acknowledge that you have no expectation of privacy with respect to the information delivered thereby and that InSync Analytics will not be responsible for any loss or damage that could result from interception by third parties of any information so sent.
CALIFORNIA PRIVACY RIGHTS
(a) Information We Collect
In the context of the Services, we collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”).
Personal information does not include publicly available information from government records or any deidentified or aggregated consumer information. In addition, the CCPA excludes the following from its scope: health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
We collect this information directly from you when you provide it to us; automatically as you navigate through the different websites for the purpose of the Products and Services (which may include usage details, IP addresses, browser type, location information, and information collected through cookies and other tracking technologies; and from third parties (e.g., our business partners, when you register through a third party for a InSync Analytics event).
(b) Use of Personal Information
We do not sell your personal information, however, we may use or disclose the personal information we collect for the purposes described above in Section 1 (INFORMATION WE COLLECT AND WHY WE COLLECT IT) and Section 2 (HOW WE USE AND SHARE YOUR INFORMATION).
(c) Sharing Personal Information
InSync Analytics may disclose your personal information to third parties for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who access the personal information we hold from reselling it unless you have received explicit notice from the third-party with an opportunity to opt-out of the sale.
We disclose your information as described HOW WE USE AND SHARE YOUR INFORMATION.
(d) Sales of Personal Information
In the preceding twelve (12) months, InSync Analytics has not sold your personal information to any third parties.
(e) Your Rights & Choices
(f) Right to Know About Personal Information Collected, Disclosed, or Sold
You have the right to request that we provide certain information to you about our collection and use of your personal information over the past twelve (12) months. Specifically, you have the right to request disclosure of the categories of personal information and specific pieces of personal information we have collected about you over the last 12 months. Upon the submission of a verifiable consumer request (see Exercising your California Privacy Rights), we will disclose to you:
- The categories of personal information we collected about you;
- The categories of sources from which personal information was collected;
- Our business or commercial purpose for collecting personal information;
- Our business or commercial purpose for disclosing or selling personal information; and
- The categories of third parties with whom we shared personal information.
We will also provide the specific pieces of personal information we collected about you, subject to certain exceptions under applicable law, if you also request access to such information
(g) Right to Request Deletion of Personal Information
If you are an eligible California resident, you also have the right to request that we delete any of your personal information that we collected or maintain about you, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will conduct a reasonable search of our records in order to locate any personal information we have collected about you that is eligible for deletion, and delete such personal information. To the extent we have shared any personal information collected about you with service providers that is eligible for deletion, we will direct those service providers to delete that personal information as well. Specifically, we are not required to delete any personal information we have collected about you that is necessary for us and our service provider(s) to:
- Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between InSync Analytics and you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
- Comply with a legal obligation, such as retaining records for a period of time as set out in local, state, or federal laws.
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided your information.
Following a deletion request, any personal information about you that was not deleted from our systems will only be used for the purposes provided for by the applicable exceptions. Thus, all personal information about you that is not subject to a deletion exception will either be (1) permanently deleted on our existing systems (with the exception of archived or back-up systems maintained for emergency disaster recovery and business continuity purposes); (2) de-identified; or (3) aggregated so as to not be personal to you.
(h) Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights
We will not discriminate against you for exercising any of your privacy rights. Unless in compliance with applicable law, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
(i) Exercising Your California Privacy Rights
To exercise your CCPA rights described above, please submit a verifiable consumer requests to us by either:
- Creating an account
- Send an email to email@example.com
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may, however, make a verifiable consumer request on behalf of your minor child if necessary. Additionally, you may only make a verifiable consumer request for access twice within a 12-month period.
Your verifiable consumer request must: (i) provide sufficient proof of your identity; and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.
(j) Response Timing and Format
We will make our best effort to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Within ten (10) days of receiving the request, we will confirm receipt and provide information about its verification and processing of the request. InSync Analytics will maintain records of consumer requests made pursuant to the CCPA as well as our response to said requests for a period of at least twenty-four (24) months.
If you have an account with us, we may require you to take delivery of our written response through that account. If you do not have an account with us, we will deliver our written response electronically, though you may alternatively choose to receive delivery by mail. The response will also explain the reasons we cannot comply with a request, if applicable. For requests for specific pieces of information that we have collected about you will be sent in a portable, readily useable format that you may transmit to another entity without hindrance.
Last Updated: March 22, 2022