Privacy Policy

1. Introduction

Nsight Intelligence, Corp. ("Nsight," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect user data in compliance with industry standards and applicable data protection regulations. We are committed to aligning with GDPR, CCPA, and other relevant privacy laws, ensuring compliance as we work toward full certification.

2. Data Collection

We do not collect personal information such as names, email addresses, financial information, or sensitive personal data. However, we collect:

• Usage Data – Interactions with our platform.

• Customer Data – Data processed through our platform.

• Metadata – System-generated logs and analytics.

• Third-Party Integration Data – Data provided via integrations with external platforms.

Our platform is not intended for minors (individuals under the legal age), and we do not knowingly collect or process data from minors.

Legal Basis for Data Processing (GDPR Compliance)
We process user data primarily based on the following legal grounds as defined by GDPR Article 6:

• Legitimate Interests: For platform enhancement, performance optimization, identifying user issues, and limited AI training to improve accuracy and user experience.

• Consent: Explicit consent obtained for specific scenarios such as opting into specialized services or integrations.

• Contractual Necessity: To fulfill obligations to users, such as providing requested services or technical support.

Users may withdraw their consent at any time by contacting contact@nsightapp.com.

3. Data Usage

We use collected data for:

• Data analysis, triangulation, automatic synthesis, and tagging.

• Identifying user issues and generating insights and recommendations.

• Enhancing and improving platform performance.

• Limited AI model training to improve accuracy and user experience (without selling or sharing data externally).

Automated Decision-Making and Profiling

Nsight employs automated synthesis, data tagging, and analysis methods to provide meaningful insights and recommendations to users. These processes do not produce legal effects or significantly impact individuals' rights or freedoms. Should our practices change to include significant profiling or decision-making affecting users, we will explicitly notify users and offer options to review, contest, or request human intervention.

Alternative Tracking Technologies
In alignment with our commitment to privacy, we do not use cookies, local storage, fingerprinting, or other persistent tracking technologies. All analytics data is processed internally and does not rely on device-level tracking.

Consent for AI Model Training
We may use limited user data for training AI models aimed at improving platform accuracy, insights, and overall user experience. Users have full control and may explicitly opt-out of having their data used for AI training by notifying us at contact@nsightapp.com. Once a request is received, we will cease using your data for AI model training within 30 days.

We do not share, sell, or disclose user data to third parties. We also do not use cookies or third-party tracking technologies—our analytics are built within our platform.

4. Data Storage & Security

We store data using cloud service providers, including AWS, Azure, Heroku, and Google Cloud. Our data retention policy is as follows:

• Frozen Accounts: Data is stored in our active database for up to 90 days for easy reactivation, after which it is archived securely for up to 3 years.

• Terminated Accounts: Data is stored in our active database for up to 30 days, after which it is archived securely for up to 3 years.

• Explicit Deletion Requests: Data is retained for up to 30 days before being permanently deleted from our system.

All processed data is encrypted, and no employee, contractor, or partner of Nsight has visibility into customer data. Our integrations provider, Unified.to, is SOC 2 Type 2 and GDPR compliant. Authentication and user management are handled through Auth0 for extra security.

International Data Transfers
Nsight may transfer, process, and store data internationally using cloud services provided by AWS, Azure, Heroku, and Google Cloud. To ensure compliance with applicable data protection regulations, including GDPR, we implement appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs), ensuring adequate protection and lawful data transfers outside of the European Economic Area (EEA). Copies of these safeguards can be provided upon request by contacting contact@nsightapp.com.

In the unlikely event of a data breach, we will follow our Information Security protocols, seek advisory board guidance, and report the breach to authorities within 72 hours of discovery.

5. User Rights & Choices

Users have the right to:

• Request access to their data collected via integrations.

• Request modifications or corrections to their data.

• Request full deletion of their data from Nsight’s systems.

• Opt out of marketing communications (except essential service communications regarding platform updates, performance, maintenance, and technical issues).

We comply with all applicable national and state data privacy laws and are committed to ensuring that our data handling and security practices align with GDPR and CCPA requirements as we work toward full certification.

6. Third-Party Services & Integrations

Nsight integrates with third-party platforms to enhance service functionality. We ensure that all integrated services follow industry-standard data protection practices. However, Nsight does not sell or share data with advertisers.

Third-Party Liability
While we ensure that all integrated third-party services adhere to industry-standard data protection practices, Nsight is not responsible for data breaches, misuse, or unauthorized actions taken by these third-party service providers. Users should consult the privacy policies of third-party providers directly for further details.

7. Compliance with Data Protection Laws

Nsight is actively ensuring compliance with GDPR, CCPA, and other applicable privacy laws. Our customers span across the United States, Canada, the EU, and Asia. All data flows through Unified.to, our third-party integrations provider, which is SOC 2 Type 2 and GDPR compliant.

9. California Privacy Rights (CCPA/CPRA) 

California Residents' Privacy Rights
Pursuant to the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the following rights:

• Right to Know: Request disclosure of categories of personal information collected, purposes of collection, and third parties with whom data is shared.

• Right to Delete: Request deletion of personal data.

• Right to Opt-out: Right to opt-out of selling or sharing data (Nsight does not sell or share data).

• Right to Non-Discrimination: Exercising privacy rights will not lead to discriminatory treatment.

To exercise these rights, California residents may contact us at contact@nsightapp.com.

8. Updates and User Notification

Nsight will provide users with advance notification via email at least 30 days prior to material changes in this Privacy Policy. Users will have the opportunity to review the changes and, if applicable, provide consent or opt-out accordingly. Continued use of our platform after the notification period indicates acceptance of the revised policy.

For any questions or concerns, please contact us at contact@nsightapp.com.