1. Who we are
ANALEC makes cloud CRM software delivered as a Software-as-a-Service via its website www.insightscrm.com.
2. What information we collect about you
We collect the following information directly from you, or through the Services.
As you navigate our websites, ANALEC may collect information through the use of commonly-used information-gathering tools such as cookies and Web beacons. With it, we collect:
- Browser information (type and language)
- IP address
- Open / Click-through tracking URL: In some of our email communications, we use a “click-through tracking URL” that, when clicked, sends you to a different web address, which logs your click, before redirecting you to your expected destination.
- The actions you take on our websites (such as the web pages viewed and the links clicked, and time spent).
- Referrer information
- Event registrations
When you use our website to request information about us or our Services, register for a InsightsCRM cloud account, register to attend an event, register for our blogs, register for the marketplace, or join in our community discussions, and apply to join our partner program, we may collect the following personal information. We may gather some of this information from third party sources, as described in the section below titled “Information from Other Sources".
- First Name & Last Name
- Email Address
- Phone number
- Job Title
- IP Address: When you use the InsightsCRM Cloud application, we automatically collect Internet Protocol (“IP”) address, the date and time of your login and logout sessions. This data is stored in your CRM account under user Login History.
When you purchase our Services or add-ons published by third parties, ANALEC will require you to provide us with the following:
- Business Name
- Billing details such as Credit Card Number
- Mailing Address
- Quantity of users
If we communicate with you to offer support through any medium (Phone, Chat, and Email) we will collect and store the following information.
- Chat Transcripts
- Phone call logs
- Phone call recordings
You can log in to our Service using sign-in services such as Google, Facebook Connect, LinkedIn, Office 365, etc. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address.
Information from other sources
We may obtain information, including Personal Data, from third parties and sources other than the Service. These include publicly available sources of information like LinkedIn, Facebook, and Twitter. They also include our partners, mutual connections, advertisers, credit rating agencies, and Integrated Services. This information may be collected to facilitate our understanding of who you are and your needs, as well as to help us improve our products and services. If we combine or associate information from other sources with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Policy.
3. Special Limits on Our Use of Your Google User Data:
The App will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail/Google data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
The Services will not use Google data for targeting or serving advertisements.
The Services will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the Services’ internal operations and even then only when the data have been aggregated and anonymized.
4. How we use the information that we collect
Other than as detailed in this policy, we will never disclose, share or sell your data without your consent unless required to do so by law. We use your information for the following purposes:
To provide you with information about our products and services
We use the information – other than Client Data - to operate, maintain, enhance and provide all features of the Services, to provide the services and information that you request, to respond to comments and questions and to provide support to users of the Services. We process Client Data solely in accordance with the directions provided by the applicable contracting Entity or end-user (“User”).
To improve the usefulness of our messaging to you
We use your click-through tracking data for various purposes, including to help us determine interest in particular topics and measure the effectiveness of our customer communications.You may grant or decline consent for this tracking from your Preferences page, accessible from the “Unsubscribe” or “Manage Preferences” link in the footer of any newsletter that we send to you.
To plan our events
We also use event registration information to plan and host corporate events, host online forums and social networks in which event Attendees may participate, and to populate online profiles for Attendees on our websites.
To respond to your requests
We use your contact information and other information shared with us via email and over other channels like chat and phone to respond to your requests.
To process your payments
ANALEC uses Stripe.com to process billing for ANALEC. ANALEC does not capture or hold any credit card information, Stripe.com provide the necessary mechanisms to enter your credit card information. Stripe may, with your consent, store your information securely for future billing as authorized by you.
To improve our website
We use website navigational information, IP address, browser type, browser language, referring URL, files accessed, errors generated, time zone, operating system and other visitor details collected in our log files to analyze trends, administer our website, track visitors’ movements and to improve our website. We link this automatically-collected data to other information we collect about you.
To improve our products and services
Your usage details such as time, frequency, duration, pattern of use, features used and the amount of storage used might be recorded by us and used to improve the InsightsCRM Cloud service. We also use your information with your consent, including:
To administer promotions you have entered.
Fulfill any other purpose disclosed to you and with your consent.
We post user testimonials on our website. These testimonials may include names, and other Personal Information and we acquire permission from our users prior to posting these on our website. We obtain the consent of each customer prior to posting any information on such a list or posting testimonials.
Collection and Use of Non-Personal Information. When you register for InsightsCRM Cloud, or download and install our software, we may collect non-personal information data that does not permit direct association with any specific individual, such as your country and operating system. This information is used to help us improve our products and services.
We may use a Visitor’s or User’s email address or other information - other than Client Data - to contact that Visitor or User (i) for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations or defamation issues related to the User or Client Data posted on the Service or (ii) with updates on promotions and events, relating to products and services offered by us and by third parties we work with. You may unsubscribe from email notifications by clicking on the unsubscribe link that provided in all email notifications. You cannot opt out of receiving transactional emails related to your account or use of the Services. You have the ability to opt-out of receiving any promotional communications as described below under “Your Rights and Choices.”
5. How we share the information that we collect
Except as described in this Policy, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Services to third parties without the consent of the applicable Visitor or User. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.
We work with third party service providers who provide a website, hosting services, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.
Non-Personally Identifiable Information
We may make certain automatically-collected, pseudonymized / anonymized, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Clients’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Services.
Marketplace Application Developers
When you install or purchase, any application developed using ANALEC's APIs that is posted on ANALEC’s online marketplace, your name and email address will be shared with the developer of the application, so they may engage with you directly as the provider of that application or service. ANALEC does not control the use of your personal information by the developers, which will be based on their own privacy policies.
Law Enforcement, Legal Process, and Compliance
Please be aware that laws in various jurisdictions in which we operate may obligate us to disclose user information and the contents of your user account to the local law enforcement authorities under a legal process or an enforceable government request. In addition, we may also disclose Personal Information and contents of your user account to law enforcement authorities if such disclosure is determined to be necessary to protect ANALEC’s rights, or for protecting the safety of our users, employees, or the general public.
Change of Ownership
Legal Bases for Processing (for EEA & UK visitors only):
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have a legal basis for doing so under applicable EU laws and in a manner consistent with our DPA The legal bases depend on the Services you use and how you use them. This means we may collect and use your information only where:
We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services.
It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests.
You give us consent to do so for a specific purpose.
We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because a third party (e.g., your employer who is the contracting Entity) or we have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
Our Representative Details For Data Subjects in the EU and UK:
We value your data subject rights under EU and UK GDPR. Therefore, we have appointed Maetzler Rechtsanwalts GmbH & Co KG as our EU representative according to Art 27 GDPR and Prighter Ltd as our UK representative to provide you with an easy way to submit us your privacy-related requests such as the request to access or erase your personal data. If you want to make use of your data subject rights, please visit this page or contact our representatives on the details mentioned below.
PrighterGDPR-Rep by Maetzler Rechtsanwalts GmbH & Co KG
c/o ANALEC Infotech Private Limited
Please add the following subject to all correspondence: ID-15040628841
PrighterUK-Rep by Prighter Ltd
c/o ANALEC Infotech Private Limited
London, SW14 8JN,
Please add the following subject to all correspondence: ID-15040628841
Data Protection Officer
6. How we handle Your Customer Data
7. How we store and secure the information we collect
At ANALEC, your data privacy and security are of prime importance to us. ANALEC maintains strict administrative, technical, and physical procedures to protect information stored in our servers. We use industry-standard Transport Layer Security (TLS) encryption technology to safeguard the account registration process and sign-up information and traffic from and to the server and browser while using the InsightsCRM Services. Other security safeguards include but are not limited to data encryption both in transit and at rest within ANALEC’s servers and at a broader cloud datacenter level, firewalls, and physical access controls to building and files. This is maintained by our Cloud Service Provider - Amazon Web Services - and is audited through SOC compliance. A complete list of security at the cloud provider level is available at SOC Compliance - Amazon Web Services (AWS). We implement a variety of security measures to maintain the safety of your personal information and data you store in your account. Access to your name and email address is restricted to the employees of ANALEC. Data stored in your account is only accessed by the ANALEC team when performing the migration, or support services. All supplied sensitive/credit information is transmitted via TLS technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. Before, during and after a transaction, your private information (credit cards, social security numbers, financials, etc.) are not stored on our servers, but only with the Payment gateway in accordance with your personal settings. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is safe from intrusion by others. If you use our Services or websites, responsibility for securing your credentials to access the Services rests with you and not ANALEC. If you have any concerns regarding the security of your data, please write to us at email@example.com with any questions.
The contents of closed accounts are deleted within 90 days of the date of closure
Backups are kept for 90 days
Billing information is retained for a period of 7 years
information on legal transactions between Client and ANALEC is retained for a period of 7 years.
When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
8. How we transfer your personal information internationally
International Transfer within ANALEC Entities
Data that we collect about you during your sign-up, and during your use of InsightsCRM, are stored on servers under our control in multiple regions around the world. To facilitate our operations, we may transfer and access such information from around the world, including from other countries in which we have operations. Irrespective of which country you reside in or supply information from, by using our services you authorize us to use your information in any country where we operate. We agree to abide by the terms of our DPA for such purposes). If You believe that privacy laws applicable in your jurisdiction require processing terms that are different from our DPA then please contact us at firstname.lastname@example.org.
We will use our best efforts to comply with any data localization laws that may be applicable to the Data collected by us through the Services.
International transfers to third parties
9. Your Rights and Choices
ANALEC acknowledges that you have the right to access your personal information. Depending on the country in which you reside, you may have the following data protection rights:
- To access; correct; update; port; delete; restrict; or object to our processing of your Personal Information.
- You can manage your individual account and profile settings within the dashboard provided through the InsightsCRM platform, or you may contact us directly by emailing us at email@example.com. You can also manage information about your Contacts within the dashboard provided through the InsightsCRM platform to assist you with responding to requests to access, correct, update, port or delete information that you receive from your Contacts.
- If you believe that personal information pertaining to you as an individual has been submitted to us by an InsightsCRM account holder, and you wish to exercise any rights you may have to access, correct, amend, or delete such data; please inquire with the account holder directly. ANALEC personnel have limited ability to access data of our Customers or information submitted to our Services, if you wish to make your request directly to ANALEC, please provide the name of the ANALEC customer who submitted your data to our Services. We will refer your request to that customer and will support them as needed in responding to your request within a reasonable timeframe.
- If the GDPR or equivalent Rules apply then, whether or not you are an account holder of InsightsCRM, you may request us to check for your personal information in our systems. Please email firstname.lastname@example.org from the email address you wish to have checked. We will respond with an information report within a reasonable time. We regret we cannot provide information for any other email address.
- ANALEC takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete and up to date.
- The right to complain to a data protection authority, about the collection and use of Personal Information, please contact your local data protection authority.
- Similarly, if Personal Information is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing the consent will not affect the lawfulness of any processing we conducted before your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
We respond to all requests we receive from individuals wishing to exercise their data protection rights under applicable data protection laws. We may ask you to verify your identity to help us respond efficiently to your request. Please note we will retain and use your data, including server/backup copies, to comply with our legal obligations, resolve disputes, and enforce our agreements. We may decline to process change or deletion requests that require disproportionate technical effort or jeopardize the privacy of others.
10. Other Important Privacy Information
Blogs, Social Media, and Public Forums
Third Party Analytics
Third Party Products and Services Links from our Website
Clear Gifs and Log Files
We and our third-party partners use technologies such as web beacons in analyzing trends, administering the website, tracking users’ movements around the site, and gathering demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis. As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We link this automatically-collected data to other information we collect about you.
Do Not Track
Do Not Track (“DNT”) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third parties. We do not use technology that recognizes DNT signals from your web browser.
11. Mobile Application
When you use our mobile apps, we may collect certain information in addition to the information described elsewhere in this Policy. Our Mobile Applications may access the geographic location of a User’s Device and OS identification, login credentials, language and time zone. Mobile Applications may also collect information regarding Users’ interaction with Mobile Applications, which ANALEC may use to provide and improve the Mobile Application services. Additionally, the application may contact the device storage location for storing attachments or access camera and photos to capture additional information for better service management for the Customer.
We may ask you if you want to receive push notifications about activity in your account. If you have opted into these notifications and no longer want to receive them, you may turn them off under the settings of ANALEC applications for mobiles.
12. Our Policy Toward Children
InsightsCRM is a business platform and is not directed to children. However, we are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age (“minor”) without parental or legal guardian’s consent. Our website, products, and services are all directed to people who are at least 13 years old or older. If you have reason to believe that a minor has provided or that minor’s personal information has been provided to ANALEC without consent, then please send an email from the minor’s email address with the parent’s address cc’d to email@example.com with a subject requesting information regarding a minor’s use of the InsightsCRM service. We will check our systems and respond accordingly.
14. Terms and Conditions
15. Contact Us
If you have questions regarding this Privacy Statement or ANALEC's data handling practices, please feel free to contact us directly:
If you are a customer from Outside the United States and Canada:
By mail at: ANALEC Infotech Private Limited, 6th Floor, Tower B, Park Centra, Sector 30, NH-8, Gurgaon, Haryana 122002, India (Attention: “Legal”).
If you are a customer from within the United States and Canada:
By mail at: ANALEC North America, Inc., 1120 Avenue of the Americas, The Hippodrome Building, 4th Floor, New York, NY 10036, USA (Attention: “Legal”).
If you have any questions about this agreement or your information stored with us, please contact us at firstname.lastname@example.org.
“Client” means a customer of ANALEC via its www.insightscrm.com offering.
“Client Data“ means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service.
"Google User Data" means Your data synced from Google such as Contacts, Emails, Calendar, Documents, and Attachments.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.
“Restricted Area” means the area of the Site that can be accessed only by Users, and where access requires logging in.
“User” means an employee, agent, or representative of a Client, who primarily uses the restricted areas of the Site for the purpose of accessing the Service in such capacity.
“Visitor” means an individual other than a User, who uses the public area but has no access to the restricted areas of the Site or Service.