Privacy Policy

Welcome to the Insite Hospitality Intelligence Ltd privacy policy ("Privacy Policy"). At Insite, we are committed to keeping personal information safe and secure, and handling it in accordance with our legal obligations. This Privacy Policy sets out in detail the purposes for which we process personal information, the rights we provide in relation to that information, who we share it with and everything else we think is important regarding data privacy.

Upon careful consideration of this privacy policy, if you don't agree with it, then you shouldn't access https://www.insite.is or its associated domains (our "Website") or otherwise use our mobile or web applications, or generally use our services (our "Services"). By using our Services, you confirm that you accept the way in which we process personal information. This Privacy Policy forms part of our Terms & Conditions , and capitalised words and phrases in it have the same meaning as those in our Terms.

If you have any concerns, please feel free to contact us at neil@insite.is

About Insite

We are Insite Hospitality Intelligence Ltd, who’s proprietary technologies include the Floot App and the Insite Platform (and referred to as 'Floot', ‘Insite’, 'we', 'our' or 'us' in this Privacy Policy). Insite Hospitality Intelligence Ltd is a limited company incorporated in England and Wales, with registered company number 12455271 and registered address at 2 kenilworth Court, Abbey Street, Stone, Staffs. ST15 0HX. We are the data controller for the purposes of the personal information processed in accordance with this

This Privacy Policy applies to the personal information we collect through or use to provide our Services, whether that personal information is provided directly by a data subject in person, by telephone, by post, via our Website or otherwise communicated to us or obtained by alternative means including web scrapers and crawlers, through our social media platforms or from third parties.

This Privacy Policy may change from time to time and, if it does, the up-to-date version will always be available on our Website. We will also tell you about any important changes to our Privacy Policy.

The personal information we collect, how we collect it, and why

Personal information means any information about an individual from which that individual can be identified. The following shows information we process about you, and the purpose for which we process that information. There may be more than one reason for which we collect such information and we have only listed the main reasons. If you would like further information, please contact us at neil@insite.is

Basic Personal Information provided to us

When our Services are used or purchased, we may collect some or all of the following basic information:

First name, last name, phone number, email address, date of birth.

We collect this information so that we can personally and uniquely identify individuals, address them personally, communicate with them as part of our Services, confirm eligibility for them, and where applicable, customise our Services.

Information we may collect automatically

When visiting or using our Website or our Services generally, we may automatically collect some or all of the following types of information:

Unique customer number, IP address (or equivalent trackers), records of customer interactions with our Services (e.g. purchase or use history), records of competitions, prizes and promotional offers, records of communications, social media information.

We collect this information so that we can deliver a more personalised, tailored service, and so that we can continue to understand our customers and develop our Services over time.

We may also use any or all of the above information to establish, exercise and defend our legal rights.

In respect of all the personal information we collect, our overarching purpose is to enable us to deliver the best software solutions to our customers. We take all actionable steps to ensure personal information is secure.

Information we collect from third party sources

We may also obtain information from third party sources, such as data providers and integration parties, or from public sources and methods, such as information available on public APIs and the internet.

Insite receives business information data from several sources, as indicated above, and then uses its proprietary algorithms and technologies to cross reference, match and append this data, thereby providing a more complete picture of any organisation which may include personal data relating to company directors. Personal data collected and used to provide our Services is restricted to a company director’s name and this data is only collected if it can be accessed publicly via Companies House.

Insite provides powerful search tools which allow contracting businesses to cross reference the director’s name and business in order to conduct their own search on platforms such as Linkedin. Please note that the contracting businesses are responsible for their own privacy and data protection methods, where applicable you should refer to their relevant privacy policy.

Our legal basis and purposes for processing personal information

We only ever use personal information in accordance with applicable data protection laws - in particular, the EU General Data Protection Regulation 2016/679 ("GDPR") as it forms part of the law in the United Kingdom and the Data Protection Act 2018 ("DPA") (together, the "Data Protection Legislation"). In short, this means we only use it where we have a legitimate interest to do so. Under the Data Protection Legislation, these are the general legal bases for which we process personal information, as detailed below:

Where personal information is automatically collected or provided by third party contributors:

(a) our interests carrying on our business and providing our Services; allowing our customers to easily access the publicly available business data we have indexed on the Insite platform.

(b) the interests of our customers in obtaining information for;

checking identity of business contacts,
to better understand the industry, market and their customers,
for B2B marketing purposes whereby our customer has a substantiated and legitimate business interest in obtaining the information, for example an envisaged business transaction. This is confirmed in our terms and conditions, which every customer must sign.
and to help detect and prevent fraud, misuse of their services and money laundering. Whereby certain customers may compare data from our database with information supplied by their own customers, to help ensure those customers are who they claim to be;

(c) the interests of people and businesses in our database, in receiving more information relevant to B2B products and services that may be beneficial to them and their businesses.

You may request that your business data be updated or removed by contacting us at at neil@insite.is

Where information is provided by our customers:

If you are an existing customer, we process your enquiry data in accordance with the terms of our contract with you, in particular where we need this information to provide Services to you, including our customer support.

We also use your personal data to pursue our legitimate interest to understand our customers and improve our Services and, where applicable, obtain your feedback.

If you are a potential customer, we process your inquiry data to take steps at your request prior to entering into a contract.

Disclosing your personal information to third parties

We may disclose information for certain purposes and to non-contracted third parties, as follows:

Third Party Providers: We use certain companies, agents or contractors ("Third Party Providers") to perform services on our behalf or to help deliver our services. We may contract Third Party Providers, for example, software or business services for emails and company management, CRM and communications, personalising and enhancing our Services, analysing interactions with our business, consumer surveys and other reasonable things which may become necessary in the course of running our business. In the course of providing such services, these Third Party Providers may have access to personal information. We do not authorise them to use or disclose personal information except in connection with providing their services to us.
Promotions with our partners: We may offer joint promotions, schemes or incentives with our selected partners. In fulfilling these types of promotions, we may share names and other information in connection with fulfilling the relevant incentive. Please note that our partners are responsible for their own privacy and data protection methods and if applicable you should refer to their relevant privacy policy.
To protect legitimate interests: There are certain circumstances where we and our Third Party Providers may disclose and/or make use of information where a disclosure would be necessary to comply with legal obligations: (a) satisfy any applicable law, regulation, legal process, or other legal or governmental request or requirement, (b) enforce applicable terms of use, including investigation of any actual or alleged breaches, (c) detect, prevent, or otherwise address illegal or suspected illegal activities (including payment fraud), security or technical issues, or (d) protect against harm to the rights, property or safety of Insite, its members or the public, as required or permitted by law.
Transfers of our business: In connection with any corporate reorganisation, restructuring, external investment, merger or sale, or other transfer of assets, we will transfer information, including personal information, provided that the receiving party agrees to comply with our requirements as set out in this Privacy Policy relating to personal information.
Our affiliated companies: we may share information with our affiliated companies, such as other companies which we own, or other companies which have shares in Insite, or other companies which are owned by those companies. We do this so that we can provide access to our Services according to our agreement, data storage and processing, providing customer support, making internal choices around business improvements, and for the other purposes set out in this Privacy Policy.

How long do we store personal information?

We keep personal information for only as long as is necessary to provide our Services and for our legitimate and necessary business purposes. Such purposes might include maintaining the high standards of service which we strive to uphold, making decisions on how to enhance our offering, complying with applicable legal obligations, and resolving any disputes which arise in the course of our business.

In accordance with this Privacy Policy, an individual has the right to request that we delete their personal information, except where we are legally permitted or required to maintain certain personal information.

For example:

We are legally required to retain financial and transaction data for a minimum period of 7 years for tax, audit and accounting purposes.
If we have an unresolved issue with and individual, then we will retain personal information until the issue is resolved.

Any Third Party Providers that we engage will keep personal information stored on their systems for as long as is necessary to provide the relevant services. If we end our relationship with any third party providers, we will make sure that they securely delete or return personal information to us.

We may retain personal information for statistical purposes. Where information is retained for statistical purposes it will always be anonymised, meaning that individuals will not be identifiable from that information.

Security of your personal information

We are committed to securing and protecting personal information, and we make sure to implement appropriate technical and organisational measures to help protect the security of personal information. We implement policies to guard against unauthorised access and unnecessary retention of personal information in our systems.

The information that we collect may be transferred to, and stored at, a destination outside of the United Kingdom. When we transfer and store personal information outside of the United Kingdom we will take steps to ensure that the information is transferred in accordance with this Privacy Policy and applicable data protection laws. In particular, where personal information is transferred outside of the EEA, we will ensure that appropriate contractual, technical, and organisational measures are in place with any such parties based outside of the EEA, such as the appropriate Standard Contractual Clauses.

We understand the importance of the security of the information we collect, but we cannot promise that our security measures will eliminate all security risks or avoid any security breaches. When an individual provides information to us, they do so at their own risk. To help minimise security risks please take measures such as (1) using a strong, unique password for our Service that you do not use elsewhere, (2) protecting the confidentiality of your password, and periodically changing it, (3) accessing our Service and Website only from devices that have an up-to-date operating system and anti-virus protection, and (4) notifying us of any suspected unauthorised activity or any breach of the confidentiality of your login credentials. These steps may help lower the risk or impact of certain security threats.

Links

Our Platforms (or any other digital products we may operate) contain links to websites operated by third parties. This Privacy Policy only applies to the personal information that we collect, and we cannot be responsible for personal information collected and stored by third parties. If you follow or click on a link, please understand that the relevant third party websites have their own terms and conditions and privacy policies, and we do not accept any responsibility for the content of those third party websites or third party terms and conditions or policies. Please check these policies before you submit any personal information to these websites.

Children

You must be 18 years of age or older to use our Services.

We do not knowingly collect personal information from individuals under 18 years of age. If you are under that age limit, then please do not use our Services or provide any personal information to us.

If you are a parent or legal guardian of a child under the applicable age limit, and you become aware that your child has provided his/her personal information to us, please contact us at neil@insite.is. If we learn that we have collected personal information of a child under the age of 18, then we will take all reasonable steps to delete that information from our systems.

In any case, we will only process personal information in line with GDPR and our legal obligations.

Rights and choices

According to Art. 15 GDPR an individual has the right to obtain information regarding all data we have stored about them.

In the event that an individual discovers outdated or incorrect information, that individual has the right in accordance with Art. 16 GDPR to have it updated and corrected by us at any time. However, should that data have been sourced from a public registry, then the individual will be advised to have the data corrected at the source. This is because our databases are automatically updated and therefore any changes that we make will be overwritten by the information from the registry.

Furthermore, in accordance with Art. 17 GDPR, an individual may also have the right to have their personal data deleted provided that we have no right or authority to further process the data. Please note that if this business information appears in public registries, then it will automatically be ingested into our databases. Therefore the individual will be advised to contact the relevant registry to have their data removed.

Under the conditions set out in Art. 18 GDPR, an individual has the right to restrict the processing of their personal data.

According to Art. 21 (1) GDPR an individual has the right to object, on grounds relating to their particular situation, at any time to processing of their personal data.

If an individual objects we will no longer process their personal data unless we can demonstrate compelling legitimate grounds for the processing which override their interests, rights and freedoms.

In addition, pursuant to Art. 21 (2) GDPR, an individual may also object against the use of their data for direct marketing purposes. In this case, we will no longer use their personal information for marketing or advertising purposes.

For more information on these rights and how to use them, or if you would like to make any of the requests set out above, please contact us at neil@insite.is.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Please note that we reserve the right to charge a fee for responding to requests where we reasonably determine that they are manifestly unfounded or onerous or being made in bad faith.

Contacting Us

For any questions or concerns about how we handle personal information, please contact us by email to neil@insite.is

If you are unsatisfied with our response to any data protection issues you raise with us, you have the right to make a complaint to the Information Commissioner's Office (ICO). The ICO is the authority in the UK which is tasked with the protection of personal information and privacy. Our ICO number is: ZB730019

Cookies are files that websites and online services create and access computers or other Internet-connected device to uniquely identify a browser or to store information or settings on that device. Our Website and the Service may use HTTP cookies, HTML5 cookies, Flash cookies and other types of local storage (such as browser-based or plugin-based local storage). By visiting our Website or use the Service, your browser may tell you how to be notified when you receive certain types of cookies and how to restrict or disable certain cookies. Please note, however, that without cookies or local storage you may not be able to use all of the features of our Website or the Service.

In conjunction with the gathering of information through cookies and other automated means, Web servers may log information such as your device type, operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. The Web server logs also may record information such as the address of the Web page that referred you to the Website and/or our Service and the IP address of the device you use to connect to the Internet. Cookies and similar technologies also may log information about your interaction with our Website or the Service, such as which pages you visit or which Service functionality that you use, including by tracking page content, movements, and keystroke activities, in a manner that allows us to reproduce and fix issues and to identify areas of improvement. You can opt out of the use of this software by contacting us at neil@insite.is or by opting out of any data collection by any non-essential cookies using the banner on our website. To control which Web servers collect information by automated means, we may place tags on our Web pages called “Web beacons,” which are files that link Web pages to particular Web servers and their cookies. We also may include Web beacons in e-mail messages that we send to you or that our Customers send to you through our Services. We or third parties also may send instructions to your device using JavaScript or other computer languages to store or gather the sorts of information described above and other details about your interactions with the Website or Service.

If we provide a mobile app, we or third parties may collect information similar to the data mentioned above. In that case, we also may collect unique device identifiers (such as advertising IDs) and other mobile-specific types of information. For example, depending on your device and/or browser settings, we may collect your device’s geolocation.

General

You may not transfer any of your rights under this Privacy Policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.

If any court or competent authority finds that any provision of this Privacy Policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Policy will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This Privacy Policy will be governed by and interpreted according to English law and if necessary, by the English courts.