Privacy
Policy

1. Overview

LensInsight ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our website, platform, and services (collectively, the "Services").

By accessing or using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our Services.

2. What We Collect

We collect different types of information depending on how you interact with our Services:

2.1 Information You Provide Directly

• Account Information: Name, email address, company name, job title, and password when you register.
• Billing Information: Payment details, billing address, and VAT number (processed securely via Stripe).
• Communications: Emails, support tickets, survey responses, and feedback you send us.
• Referral Information: Email addresses you provide when referring friends to our platform.

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, clicks, and navigation patterns.
• Device Data: IP address, browser type, operating system, device identifiers, and screen resolution.
• Log Data: Timestamps, error logs, and system activity related to your account.
• Location Data: General geographic location derived from your IP address (not precise GPS).

2.3 Information from Third Parties

• Authentication Providers: If you sign in via Google Workspace, Microsoft, or SSO, we receive your name and email.
• Integration Partners: When you connect data sources (e.g., Salesforce, Snowflake), we access the data you authorize.
• Analytics & Marketing: We receive aggregated data from Google Analytics, Mixpanel, and similar tools.

3. How We Use Your Data

We use your information for the following purposes:

• Provide Services: To operate, maintain, and improve the LensInsight platform and features.
• Authentication: To verify your identity and manage your account access.
• Communication: To send transactional emails, product updates, security alerts, and support responses.
• Analytics: To understand how users interact with our platform and identify areas for improvement.
• Personalisation: To tailor dashboards, recommendations, and content to your preferences.
• Marketing: To send promotional content (only with your consent, which you can withdraw anytime).
• Referral Program: To track referrals, verify eligibility, and deliver rewards (e.g., One4all Gift Cards).
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Fraud Prevention: To detect, prevent, and address security incidents or fraudulent activity.

4. Sharing & Third Parties

We do not sell your personal data. We may share information only in the following circumstances:

4.1 Service Providers

We engage trusted third-party vendors to perform functions on our behalf. These include:

• Amazon Web Services (AWS) — cloud hosting and infrastructure
• Stripe — payment processing
• SendGrid — email delivery
• Intercom — customer support and messaging
• Mixpanel & Google Analytics — product analytics
• One4all — gift card fulfilment for referral rewards

All service providers are contractually bound to process data only as instructed and maintain appropriate security measures.

4.2 Business Transfers

If LensInsight is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request.

5. Cookies & Tracking

We use cookies and similar technologies to enhance your experience, analyse usage, and deliver personalised content.

5.1 Types of Cookies We Use

• Essential Cookies: Required for the platform to function (e.g., authentication, security).
• Functional Cookies: Remember your preferences and settings.
• Analytics Cookies: Help us understand how visitors interact with our site.
• Marketing Cookies: Used to deliver relevant ads and measure campaign performance.

5.2 Your Choices

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling certain cookies may affect platform functionality.

5.3 Third-Party Tracking

We use Google Analytics, Mixpanel, and LinkedIn Insight Tag. These services may collect data about your online activities across different websites.

6. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: All data in transit uses TLS 1.3. Data at rest is encrypted using AES-256.
• Access Controls: Role-based access with multi-factor authentication (MFA).
• Auditing: Regular security audits, penetration testing, and vulnerability assessments.
• Monitoring: 24/7 security monitoring and automated threat detection.
• Backups: Encrypted, geographically distributed backups with regular recovery testing.

Despite our efforts, no method of transmission over the internet is 100% secure. We encourage you to use strong passwords and enable MFA on your account.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Account Data: Retained while your account is active. Deleted within 90 days of account closure, unless legal obligations require longer retention.
• Usage & Analytics: Retained in aggregated, anonymised form indefinitely. Raw logs deleted after 12 months.
• Billing Records: Retained for 7 years to comply with tax and accounting regulations.
• Support Communications: Retained for 3 years to improve service quality.
• Marketing Data: Retained until you withdraw consent or unsubscribe.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure ("Right to be Forgotten"): Request deletion of your personal data.
• Restriction: Request limitation of how we process your data.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests or direct marketing.
• Withdraw Consent: Withdraw consent at any time (without affecting prior lawful processing).

8.1 How to Exercise Your Rights

Submit requests via email to privacy@lensinsight.net. We will respond within 30 days. For complex requests, this may be extended by two months with notification.

8.2 Complaints

If you are in the EU/EEA and believe we have violated your rights, you have the right to lodge a complaint with your local Data Protection Authority. In Ireland, this is the Data Protection Commission.

9. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it.

10. International Transfers

LensInsight is based in Ireland. Your data is primarily stored within the European Economic Area (EEA).

For service providers located outside the EEA (e.g., AWS US regions), we ensure appropriate safeguards are in place, including:

• EU Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• Data Processing Agreements with all sub-processors

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or a prominent notice on our platform at least 30 days before taking effect.

We encourage you to review this page periodically. The "Last Updated" date at the top indicates when this policy was last revised.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: