Global coverage

Visit this country's website View our global coverage

Privacy policy

Who we are and other important information

Insights Learning & Development Limited (“Insights”) is registered in Scotland as company number SC107074. Our registered office and global headquarters are located at Terra Nova, 3 Explorer Road, Dundee, DD2 1EG, Scotland, United Kingdom. We offer learning & development products and services either working directly, or through our international partners, with numerous multinational organizations and public-sector bodies globally.

For more information about Insights and other members of The Insights Group of companies, please visit https://www.insights.com/ca/what-we-do/.

This policy sets out the how we collect and process personal data through use of our products and services, use of our website, completion of our Insights Discovery Evaluator questionnaires and other collection of personal data related to our business. Our Insights Distributor Evaluator questionnaires are designed for adults and therefore our questionnaires and websites are not intended for children (under 18 years of age) and we do not knowingly collect data relating to children.

Insights is registered with the UK Information Commissioners Office (ICO) under registration number Z7145849. The ICO is the relevant supervisory authority for Insights Learning & Development Limited.

What personal data we collect

Whether you are a visitor to our website, customer, supplier or other business contact, this privacy policy sets out how we will collect and use your personal data. We collect most personal data directly from you, however, if we collect personal data indirectly, we refer to this explicitly within this General Privacy Policy. We have listed types of personal data we collect from you dependent upon the relationship you have with us as follows:

Customers and suppliers (including individual contractors) and other business contacts

  • Identity data (including full name, username or similar identifier, title, job title, role, seniority)
  • Contact data (including billing address, delivery address, email address, telephone numbers)
  • Financial data (including bank account, payment card details)
  • Transaction data (including details about payments to and from you and/or your organization and other details of products and services you have purchased from us)
  • Technical data (including internet protocol (IP) address, login data, browser type and version and other technology on the device used to access our websites)
  • Usage data (including information about how you use our websites, products and services)
  • Marketing and communications data (including your preferences in receiving marketing from us and your communication and cookie preferences, as well as how you interact with our marketing e.g. click rates)

Data will be collected in order for customers, suppliers and other business contacts to receive or supply products and services, as applicable, to manage contractual relationships on an ongoing basis, for account administration, and to provide updates and news about our products and services, events and other information that we think may be of interest to you.

For information relating to personal data collected for the purposes of completing an Insights Discovery Evaluator questionnaire, please see our Insights Discovery Evaluator Privacy Policy.

Visitors to Insights website

Data collected may include the following, where provided:

  • Identity data (including full name, username or similar identifier, job title, title/ gender)
  • Contact data (including email address, telephone numbers)
  • Technical data (including internet protocol (IP) address, login data, browser type and version and other technology on the device used to access our websites)
  • Usage data (including information about how you use our websites, products and services)
  • Marketing and communications data (including your preferences in receiving marketing from us and your communication and cookie preferences, as well as how you interact with our marketing e.g. click rates)

Simply visiting Insights websites does not require you to reveal personal data although some cookies recording session data will be collected (see our Cookie Policy). If however you ask us for information, register with us, sign up to attend any of our events or receive our marketing material or otherwise express an interest in our products or services or report a problem, we collect any personal data you submit to us. Each time you visit the site we may ask you for other information in order that we can build up a profile of your tastes and interests to ensure you only receive marketing communications which are relevant to you.

Employees

Our employees are provided with our data protection policies and procedures at the time of commencement of employment. Further information for staff will not be provided in this General Privacy Policy; instead please contact Insights People Team at people@insights.com.

Special Category Data

Other than in respect of Insights employees, we do not collect special category data (which includes details about race or ethnicity, religious beliefs, sex life or sexual orientation, trade union membership, health and genetic and biometric data).

If you fail to provide personal data

Where we need to collect personal data by law or under the terms of a contractual arrangement, and you fail to provide that data when requested as being mandatory, we may not be able to fulfil the terms of the contract or relationship that we have with you.

How and when we collect your personal data

We may collect your personal data in the following direct ways:

Customers and suppliers (including individual contractors) and other business contacts

Data will be collected:

  • prior to, at commencement, and during the term of a contractual relationship when you request our products and services
  • when you complete forms on our site or for our products and services, including registering to use our site, subscribing to our services, posting material or using further services,
  • when you enter a competition or promotion sponsored by us
  • when you contact us or report a problem to us, or provide feedback to us, or complete a survey
  • when you transact with us through our website or when you place orders with us over the phone or by email

Visitors to Insights website

Simply visiting Insights websites does not require you to submit personal data (although our cookies may collect certain personal data for statistical and analytical purposes). If however you ask us for information, register with us, sign up to attend any of our events or receive our marketing material or otherwise express an interest in our products or services or report a problem, we collect any personal data submitted to us at that time.

Automated technologies or interactions

When you visit our websites and access resources on our websites, we may automatically collect Technical Data and Usage Data. We collect this data via cookies including, where available, your IP address, operating system and browser type, for system administration.

Third parties or publicly available sources

We may also collect personal data about you from third parties or publicly available sources including:

  • analytics providers (such as Google based outside the UK)
  • event organizers (such as CIP and ATD, when you register for one of our events)

By choosing to provide us with your personal data, you are consenting to its collection, use and disclosure in accordance with this Privacy Policy.

How and why we use your personal data

Customers and suppliers (including individual contractors) and other business contacts

Personal data of customers (including Identity, Contact, Technical, Usage and Profile Data) will be used:

  • to provide you with products and services that you request from us
  • to manage our contractual relationship on an ongoing basis
  • for customer administration including carrying out our obligations arising from any contracts entered into between you and us and including retention of correspondence if you contact us
  • for us to form a view on what we think you may want or need, or what products, services or offers may be of interest to you (referred to as marketing) in order to provide you with information about our other products and services in which you may be interested, including our regular newsletters, where you have not opted-out to be contacted for such purposes
  • to personalize our service to you, including ensuring that content from our site is presented in the most effective manner for you and your computer
  • to seek your views on products and services
  • to enable you to participate in interactive features of our service, when you choose to do so
  • for technical administration of our sites including notifying you about changes to our service
  • with further information on our products and services.

You can manage your marketing and other contact preferences through our Marketing Team at marketing@insights.com. You will receive marketing communications from us for a certain period of time if you have requested information from us or purchased products or services from us or if you provided us or one of our service providers (including event organizers) with your details and, in each case, you have not opted out of receiving marketing.

Visitors to Insights website

Personal data (including Identity, Contact, Technical and Usage) will be used to form a view on what we think you may want or need, or what products, services or offers may be of interest to you (referred to as marketing) in order to provide you with further information on our products and services. You can manage your marketing and other contact preferences through our Marketing Team at marketing@insights.com. You will receive marketing communications from us for a certain period of time if you have requested information from us with your details and, in each case, you have not opted-out of receiving marketing. Where you opt-out of receiving marketing messages, this will not apply to personal data provided subsequently if you then choose to purchase products or services and in relation to other subsequent associated activities or transactions.


Aggregated data

We also use aggregated data, including (i) cookies data and (ii) respondent data taken from the responses to the Insights Discovery Evaluator questionnaire, for the purposes of research and product development. Aggregated data used within our research and product development functions is derived from your personal data but no personal data will be published or disclosed since it is aggregated and anonymised for the purposes of research and product development, and therefore no person is identified or identifiable from such data.

Analytics

We also perform analytics, such as trends, sales intelligence, marketing effectiveness (such as click and open rates), uptake and progress.

Cookies

We may use personal data collected by cookies for functional and analytical purposes. Please see our separate Cookies Policy for more information, including relating to those cookies which are strictly necessary for the provision of products and services to you.

We use first party cookies set by ourselves only. Please note however that our website may include links to third party websites, plug-ins and applications. These websites, plug-ins and applications may use cookies over which we have no control. You may however restrict or block third party cookies through your browser settings and such blocking of cookies of third parties should not affect the functionality and use by you of our website. You can find out more about how to manage your cookies via https://www.insights.com/ca/cookies/.

Who we transfer your personal data to

We may have to share your personal data with third parties for processing or sub-processing purposes. We undertake a selection process and periodic review in relation to processors and sub-processors. We may also share your personal data with controllers. We enter into data processing agreements with both processors and controllers, as applicable.

We share your personal data with third parties and for the purposes as set out below:

Group Affiliates (acting as processors):

  • other companies in our group of companies including Insights Learning & Development which (i) provides resources in relation to IT, legal, HR, finance, marketing and Professional Services functions; (ii) contracts for shared IT and system administration services; as well as (iii) to fulfil internal reporting requirements

Third parties (acting as processors):

  • suppliers based in the US and EU who provide IT, database and system administration services as well as suppliers providing web, logistics or other services to you connected to the service we provide
  • associates and partners who provide training services on our behalf
  • professional advisers including lawyers, bankers, auditors, debt collection agencies and insurers who provide banking, legal, insurance and accounting services
  • HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances
  • suppliers who provide analytics services
  • law enforcement agencies or regulators where we believe, in good faith, that it is necessary to comply with the law or regulatory obligation or to protect the safety of Insights, our customers or their clients, or the public or to enforce or apply our terms of business or other contracts

Third parties (acting as controllers):

  • enquirers requiring information about Client Practitioners’ certification (including customer organizations by whom practitioners are employed)

We require all third party suppliers to respect the security of your personal data and to treat it in accordance with the law. We do not allow our suppliers to use your data for their own purposes, and we require that processing is in accordance with our instructions. We enter into written data processing agreements with suppliers that receive personal data from us.

A list of third party suppliers to whom we transfer personal data can be provided upon request. We do not sell any personal data we collect.

International transfers of personal data

We share your personal data with third parties some of whom may be located outside the EEA as follows:

  • other companies in our group of companies
  • suppliers who provide IT, database and system administration services
  • Insights Practitioners who provide facilitation services for workshops or events

Where personal data is transferred outside the EEA, we take all reasonably necessary steps to ensure that your data is treated securely and in accordance with this General Privacy Policy and the requirements of the law. Such measures include, where applicable, by ensuring that the recipients to which it is sent are (i) within countries where the European Commission has made an adequacy decision with respect to the data protection laws of such country, or (ii) covered through the entering into of EU standard contractual clauses for transfers of data (also referred to as model contracts) or binding corporate rules, and monitoring such protections to ensure the adequacy of such measures.

A list of third parties to whom we transfer personal data outside the EEA, together with the relevant safeguard mechanism can be provided upon request.

How we keep your data secure

We are committed to ensuring the security of processing and the ongoing confidentiality, integrity, availability and resilience of systems and services as such relate to personal data that we hold, in order to prevent accidental or unlawful destruction, loss, alteration or unauthorized disclosure or access.

In our roles as both controller and processor, we implement appropriate technical and organizational measures to ensure a level of information security appropriate to the risk. Our IT infrastructure and software applications are built to provide secure deployment of services, encrypted storage of back-up data with end-user privacy safeguards, encrypted communications between services, and safe operation by customers.

Additionally, our employees, associates and Insights Practitioners are bound to comply with confidentiality provisions and privacy policies and procedures, in addition to completing mandatory privacy & security awareness training. We have various policies that specifically address responsibilities and expected behaviour with respect to the protection of confidential information.

We have procedures for incident and breach investigation and notification. Where our assessment of the likely risk to the individuals involved concludes a breach of personal data may result in risk to the rights and freedoms of individuals, we shall promptly inform individuals (and associated controllers and the relevant supervisory authority where applicable) of any such breach, as required by law and in accordance with any contractual terms.

You should note that where we have given you (or where you have chosen) a username and/or password which enables you to access certain parts of our websites, or use our products and services, you are responsible for keeping the username and password confidential. You should not share these details with anyone.

This General Privacy Policy applies only to information collected by Insights Learning & Development Limited and its group of companies. Links within our website to third party sites, plug-ins and applications are not covered by this General Privacy Policy. If you link to other websites, we encourage you to read their own privacy policies. We are not responsible or liable for those policies.

Data retention and anonymization

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected the data, including for the purposes of satisfying any legal, accounting or reporting requirements.

The periods that we retain data for are set out in our internal Data Retention and Destruction Policies. This sets out the types of data that Insights collects and the retention periods and destruction methods for such data.

To determine the appropriate retention periods for personal data, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the personal data and whether we can achieve those purposes through other means, together with applicable legal requirements, including certain statutory retention periods. For example, by law, we have to keep: (i) certain customer and supplier information for seven years for tax and audit requirements (this period is 10 years in relation to Insights France and Insights Group Deutschland).

We do not store credit/debit card information nor do we share customers details with any 3rd parties.

If you require further information on specific retention periods, please contact us.

Your legal rights

You have the right to:

  • Request access to your personal data (commonly known as a “subject access request” or “SAR”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. We have a Subject Access Request policy which sets out in brief our process for dealing with SARs.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data. This enables you to object to processing where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent. You may withdraw consent at any time where we are relying on consent as the legal basis on which we process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdrew your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

Where we are a processor in respect of your personal data, we will inform the relevant controller of your request and assist and co-operate with the controller for them to fulfil the request.

You normally will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, if a request is clearly unfounded, repetitive or excessive, we may charge a reasonable fee. Alternatively, in certain circumstances, we may refuse to comply with your request.

Further information

We may need to request specific information from you to help us confirm your identity or verify your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Changes to your personal data

It is important that the personal data we hold about you is accurate and current. In order for us to ensure this, please keep us informed of any changes at any time to the personal data that we hold about you.

How you can contact us and your right to complain

If you have any questions about this General Privacy Policy or data protection or privacy matters generally, request to access, correct or delete personal data, withdraw consent or other requests, please contact Insights’ Data Protection officer:

The Data Protection Officer
Insights Learning and Development Limited
Terra Nova
3 Explorer Road
Dundee
DD2 1EG
Scotland
UK

Tel: +44 (0)1382 908050
E-mail: legal@insights.com

Whilst we hope that you will not need to, if you do wish to complain about how we handle personal data, you may contact our Data Protection Officer as above.

You also have the right to complain to the relevant data protection Supervisory Authority. The UK Information Commissioner’s Office (ICO) is the relevant Supervisory Authority for Insights and its European branch offices. We would appreciate the chance to deal with your concerns before you approach the ICO. You can however contact the ICO as follows:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF

Email: casework@ico.org.uk
Telephone: + 44 303 123 1113
Website: www.ico.org.uk

Status of privacy policy and changes

This Privacy Policy is effective from 25th May 2018. We may change it from time to time so please check regularly to keep informed of updates.

Let us help your business today, contact us now to start your journey