Logo-1 image

Privacy Policy

Introduction

At SustainInsight, we prioritize safeguarding the privacy of our platform users, website visitors, service users, individual users, and business users. This privacy policy outlines how we collect, use, and protect personal data, as well as your rights regarding this data.

This policy applies when we act as a data controller with respect to your personal data, determining the purposes and means of its processing.

Our website includes privacy controls that allow you to manage how we process your personal data. Through these controls, you can specify preferences for receiving direct marketing communications and limit data collection, sharing, and publication. Access the privacy controls via our website.

We use cookies to enhance your experience. Where cookies are not strictly necessary for providing our platform and services, we will request your consent during your first visit.

In this policy, "we," "us," and "our" refer to SustainInsight. For further details about us, please see the Contact Details section.

The Personal Data We Collect

  • Contact Data: This may include your name, email address, telephone number, postal address, and/or social media account identifiers. Contact data is sourced directly from you or your employer.
  • Account Data: This may include your account identifier, name, email address, business name, account creation and modification dates, website settings, and marketing preferences. Account data is sourced from you, your employer, or social media accounts if used for login.
  • Transaction Data: This includes information related to purchases of goods and/or services made through our website, such as your name, contact details, and transaction details. Transaction data is sourced from you or our payment services provider
  • Communication Data: This includes the content and metadata of communications exchanged with us, generated by website contact forms.
  • Usage Data: This includes information such as IP address, geographical location, browser type and version, operating system, referral source, length of visits, page views, and navigation paths. Usage data is collected via Google Analytics.

Purposes of Processing and Legal Bases

We process personal data for the following purposes:

  • Operations: To operate our website, fulfill orders, provide services, generate invoices, and manage credit control.
  • Publications: To publish account data as instructed by you. Legal basis: consent, legitimate interests, or performance of a contract.
  • Relationships and Communications: To manage relationships, provide support, and handle complaints. Legal basis: legitimate interests.
  • Direct Marketing: To create and send marketing communications. Legal basis: consent or legitimate interests.
  • Record Keeping: To maintain databases and backups. Legal basis: legitimate interests.
  • Security: To ensure website and data security. Legal basis: legitimate interests.
  • Insurance and Risk Management: To manage risks and obtain professional advice. Legal basis: legitimate interests.
  • Legal Claims: To establish, exercise, or defend legal claims. Legal basis: legitimate interests.
  • Compliance and Vital Interests: To comply with legal obligations or protect vital interests.

Providing Your Personal Data to Others

We may disclose personal data to:

  • Insurers and professional advisers for insurance purposes.
  • Hosting service providers for data storage.

Additionally, we may disclose data to comply with legal obligations or protect vital interests. Payment transactions are handled by our payment service providers, such as Stripe. For their privacy policies, visit Stripe Privacy Policy.

Data Transfers

As a global business, we may transfer data across borders. We ensure that appropriate measures are taken to protect your data during these transfers, in compliance with applicable laws. By using our services, you consent to such data transfers.

Retaining and Deleting Personal Data

We retain personal data only as long as necessary for the purposes outlined in this policy:

  • Contact data: Minimum 7 days, maximum 15 years after the most recent contact.
  • Account data: Minimum 7 days, maximum 15 years after account closure.
  • Transaction data: Minimum 7 days, maximum 15 years after the transaction.
  • Communication data: Minimum 7 days, maximum 15 years after communication.
  • Usage data: Retained for 7 days following collection.

Data retention may extend to meet legal obligations or protect vital interests.

Your Rights

Under data protection laws, you have the following rights:

  • Access: Request copies of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request data deletion.
  • Restriction: Limit the processing of your data.
  • Objection: Object to data processing.
  • Portability: Request data transfer to another organization.
  • Complaint: Lodge complaints with a supervisory authority.
  • Withdrawal of Consent: Withdraw consent where applicable.

You can exercise your rights by contacting us using the details provided below.

Cookies

We use cookies for:

  • Authentication and session management.
  • Personalization of user experience.
  • Security and fraud prevention.
  • Analytics to improve website performance.

Manage cookies through your browser settings. For details, consult Chrome Support, Firefox Support, or other browser-specific guidance.

Dispute Resolution

Disputes related to SustainInsight services shall first undergo mediation under the ICC Mediation Rules. If unresolved within 60 days, disputes will be resolved by arbitration under ICC Arbitration Rules. Proceedings will remain confidential, conducted in English, and held at SustainInsight’s registered office city.

Amendments

We may update this policy periodically by publishing a new version on our website. Check this page for updates.

Contact Details

This website is operated by SustainInsight. Our registered office is at Level 01, Innovation Hub, DIFC, Dubai, UAE. For inquiries, email us at: contact@sustaininsight.com