Insent, as a Data Processor, collects and stores a minimum of Personal Data only as instructed by our Customer, the Data Controller, for the purposes of delivering the Insent Services.
This page will cover:
The data we collect and store on behalf of our customers
How we comply with GDPR with respect to obtaining consents, honoring Data Subject Requests, putting in place the appropriate contracts, and maintaining appropriate safeguards.
Our Sub-processors and what we do to ensure they keep customer data safe.
Scope: Insent collects, processes and stores Personal Data about people who chat with the Customer via Insent.
Insent does not sell any Contact Data collected on behalf of the Customer or market Insent Services to the Customer’s site visitors.
Categories of Data Subjects:
Customer’s end-user customers or prospects
Customer’s employees or other authorized users or administrators of Insent
Contact information (company, business email address and phone number)
Photographs (we will use photographs of Customer employees if the Customer is routing the chats to them after qualification)
*Insent will only use the IP address for data enrichment, i.e. to determine if it is associated with a business and then give you additional information re: that business such as industry and number of employees).
You can configure Insent to collect consents via chat prior to collecting email addresses or additional personal data.
Per Article 32 of the GDPR, we have in place appropriate technical and organizational measures to keep your data secure. All data is securely stored in Amazon Web Services. Please visit the AWS Security Page for additional information on AWS Cloud Security.
Honoring Data Subject Rights
We have processes in place to honor data subject requests. Insent will export, correct, or delete Contact Data upon request by the Customer. If we receive a request directly from a Data Subject, we will work with the Customer to honor the request.
Some important notes on sub-processors:
We have a diligence process to ensure that we only trust parties who have stringent standards regarding the safety and security of Personal Data.
We rely on a combination of Privacy Shield Certifications and execution of EU Model Clauses where data is being transferred across borders.
Here is the list of subprocessors. You may see the list of subprocessors here
List of Subprocessors
Amazon Web Services, Inc - Cloud Infrastructure
Salesforce Heroku - Cloud Infrastructure
Salesforce & Hubspot - Customer Relationship Management
Hubspot - Marketing Automation
Segment - Customer data infrastructure & analytics
Mixpanel - Analytics