Privacy Policy

1. Introduction

Insight Centric ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with us as a client.

Please read this Privacy Policy carefully. By accessing or using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our services.

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide to us, including:

• Contact Information: Name, email address, phone number, company name, job title
• Professional Information: Industry, company size, business challenges, project requirements
• Communication Data: Information you provide in forms, consultations, or other communications
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Client Project Data: Information related to consulting engagements, including process documentation, operational data, and strategic information

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information:

• Usage Data: IP address, browser type, operating system, pages visited, time spent on pages, referring URLs
• Device Information: Device type, unique device identifiers, mobile network information
• Cookies and Tracking Technologies: See our Cookie Policy section below

3. How We Use Your Information

We use the collected information for the following purposes:

• Provide consulting services and deliverables
• Respond to inquiries and consultation requests
• Manage client relationships and projects
• Process payments and maintain billing records
• Send service-related communications and updates
• Provide newsletters, blog updates, and insights (with your consent)
• Improve our website, services, and client experience
• Comply with legal and regulatory obligations
• Prevent fraud and ensure security

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on the following legal grounds:

• Consent: You have given explicit consent for processing (e.g., newsletter subscriptions)
• Contract: Processing is necessary to fulfill our contractual obligations to you
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., improving services, security)
• Legal Obligation: Processing is required to comply with applicable UK laws and regulations

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with trusted third-party service providers who assist us in:

• Website hosting and cloud services
• Payment processing
• Email marketing platforms
• Analytics and performance monitoring
• Customer relationship management (CRM)

5.2 Legal Requirements

We may disclose your information if required to do so by UK law or in response to legal processes, government requests, or to protect our rights, property, or safety.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

• Encryption of data in transit and at rest (SSL/TLS)
• Secure access controls and authentication
• Regular security assessments and audits
• Employee training on data protection
• Restricted access to personal information on a need-to-know basis

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by UK law.

Retention periods vary based on:

• Active Clients: Duration of engagement plus 7 years for legal and regulatory compliance
• Marketing Contacts: Until you opt out or withdraw consent
• Website Visitors: As specified in our Cookie Policy
• Prospective Clients: 3 years from last contact unless consent is withdrawn

8. Your Privacy Rights

Under UK GDPR, you have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Objection: Object to our processing of your personal information
• Restriction: Request restriction of processing in certain circumstances
• Data Portability: Receive your data in a structured, machine-readable format
• Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Lodge a Complaint: Lodge a complaint with the Information Commissioner's Office (ICO)

Exercising Your Rights

To exercise any of these rights, please contact us. We will respond to your request within 30 days as required by UK GDPR.

9. Cookies and Tracking Technologies

Cookies are small text files stored on your device when you visit our website. We use cookies and similar tracking technologies to enhance your experience.

Types of Cookies We Use

• Essential Cookies: Required for website functionality (cannot be disabled)
• Performance Cookies: Help us understand how visitors use our website (e.g., Google Analytics)
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Track your activity for advertising purposes (with your consent)

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

10. International Data Transfers

Your information may be transferred to and processed in countries outside the UK. When we transfer data internationally, we implement appropriate safeguards, including Standard Contractual Clauses approved by the UK ICO and ensuring adequate levels of data protection.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will delete that information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Complaints

If you have concerns about how we handle your personal information, please contact us first. We will investigate and attempt to resolve complaints internally.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Note: This Privacy Policy was last updated on November 16, 2025, and is governed by UK law.