1.1 Our Business
InsightUnlocked Limited is a specialised consultancy that provides consulting services to cultural organisations.
- “GDPR” means the General Data Protection Regulation (GDPR) (EU) 2016/679.
- “InsightUnlocked ” means InsightUnlocked Limited, a company incorporated under the laws of New Zealand (Company number 6195468) with a principal place of business at Unit 1, 18 Westwell Road, Auckland, 0622, New Zealand.
- “our “or “we” or “us” means InsightUnlocked.
- “Personal Information” means information or an opinion about an identified individual or an individual who is reasonably identifiable. Under the GDPR, the similar definition is “Personal Data”.
- “Services” means the exchange or interaction between you and us concerning our consulting services (the “Services”) or when you access and use our Website or any other incidental activity relating to our business such as being a subscriber to our newsletter.
- “you” means you where you are any of:
i. A potential or actual customer for the provision of the Services by us to you; or
ii. A person who visits our Website or subscribes to our newsletter or downloads our case studies, or other educational or marketing materials; or
iii. Any other person that we engage with in relation to a potential or actual business relationship or engagement including on behalf of a service provider.
- “Website “means https://insightunlocked.net
3. What Personal Information we collect
We may collect and hold the following Personal information, as applicable:
- First name and surname
- Country of location
- Phone number
- Email address
- Details of the Web browser used, the IP address of your device when connected to the internet, and the record of the pages within our Website that you visit and the date and time of your visits. Additionally, when you complete from time to time a short form quiz or questionnaire via our third party cloud service provider or subscribe via Mail Chimp (https://mailchimp.com/ our third party cloud service provider), we collect your IP address and the date you use this service.
4. How we collect Personal Information
We may collect:
- Personal Information about you:
- when you commence discussions as personnel of a potential customer for the provision of Services, or, where a customer, in the provision of Services, and arising from ongoing contractual and accounts management; or
- through the use of Mail Chimp we send emails on an opt in/opt out basis including containing certain marketing materials or opinion or other commentary or concerning our Services. InsightUnlocked stores your contact details by use of the Mail Chimp application; or
- via our Website, when you provide it to subscribe to our newsletter or download our case studies, or other educational or marketing materials; or
- in the course of you requesting a meeting with us in relation to potential provision of the Services; or
- when we request or you propose a contract for services with InsightUnlocked and we may collect such information from your referees; or
- in your capacity as personnel of a proposed or actual service provider to InsightUnlocked; or
- indirectly, without us asking for it, for example, if you engage with us on social media such as LinkedIn; or
- in any other circumstances including face to face or by email or phone exchange.
- Aggregate anonymous information generated by our IT systems, which tracks and analyses traffic to our Website, but do not relate to you personally. This is further described in Section 5.1 herein (final paragraph).
5. How we use your Personal Information
5.1 Expected use
We may use the Personal Information we collect from you:
- to provide you with (and assist you with using) the Services; or
- specifically to fulfil administrative functions associated with the provision of the Services, for example, entering into contracts with you and invoicing; or
- where you have opted in to receiving such information (see Section 10 of this Policy) for the provision of our newsletter, case studies or other educational or marketing materials, but only for the provision of information that is most relevant to you and your interests; or
- for any other use that you expressly authorise by email or our opt-in process (see Section 10 of this Policy).
- to comply with the law including where required by a regulator; or
- as we determine necessary to prevent illegal activity; or
- in the protection and/or enforcement of our legal rights and interests including defending any claim.
In addition when we collect certain non-Personal Information concerning the Website pages you visit from your device (e.g. the identity of your Web browser, the type of operating system you use, your IP address and the identity of the host or host’s name), we may use such non-Personal Information for internal purposes, including, but not limited to, improving the content of our Website. This information may come from server logs and or cookies (see Section 7).
5.2 GDPR lawful processing grounds
The ‘lawful processing’ grounds on which InsightUnlocked will rely to collect and use Personal Data about you will be (as applicable):
- in relation to potential or actual contractual engagements for the provision by InsightUnlocked of Services including incidental activities to such relationships; or
- in relation to potential or actual contractual engagements with you as personnel of a service provider to InsightUnlocked; or
- express consent to the proposed use obtained prior to our processing.
5.3 Data retention
We will keep Personal Information (or Personal Data) about you, to use for the above purposes, for a reasonable period of time necessary for the operation and management of our business but subject to our obligations under Sections 9 and 10.
6. Will we share your Personal Information with anyone else?
We will only share Personal Information with other organisations or individuals or government agencies in the following limited circumstances:
- Where we engage service providers to perform services on our behalf or assist us in providing the Services and the provision of our Website (the latter being Word Press, whose IT database is usually located in the USA). In addition InsightUnlocked contracts with cloud service provider, Mail Chimp, whose IT database is in the USA. Such third party service providers are bound by contract to only use your Personal Information on our behalf, for the specified purposes and in accordance with their privacy policies; or
- Where we need to disclose your Personal Information to third parties to satisfy any mandatory applicable law, regulation, judicial or other legal process or government agency request.
7. Cookies and tracking analytics
7.1 Analytics and performance cookies
We may use cookie files containing information that can identify the computer you are working from (as referred to in Section 3, last bullet point). A cookie file is anonymous and is only used to identify visits from the same web browser.
We may use the information generated by such cookie files to: (i) track traffic patterns to and from the Website; and (ii) enable you to enter the Website. In particular our website cloud provider Word Press has the following information concerning cookies and widgets https://automattic.com/cookies/
7.2 How to turn Section 7.1 cookies off?
We use our reasonable commercial efforts to ensure the security, integrity and privacy of your Personal Information and avoid unauthorised loss, use or disclosure. We use a variety of physical measures (for example, restricting physical access to our office) and electronic security measures including password protected use of devices, and, in conjunction with our cloud service providers, use of IT firewalls and secure internet connections and databases.
As no data transmission over the internet can be guaranteed to be completely secure, we cannot ensure the security of any information you transmit or receive through the Website. While as stated we take precautions to minimise related risks, you use the internet for transmission at your own risk.
If you post your Personal information on our Website or in our LinkedIn page you acknowledge and agree that the information you post is publicly available.
9 Your Personal Information rights
9.1 How to access or correct your Personal Information
9.1.1 Subject to applicable laws, you have the right to access your Personal Information and to receive a copy of that information.We may need to verify your identity to respond your access request (and similarly where made under Sections 9.1.2 and 9.2). We will respond to any access request within a reasonable time period. We will give you access in a media form requested provided it is reasonable and practical. We do not expect to need to charge our time for this provided the access request is reasonable. If we cannot give you access, due to legal grounds, then we will inform you of this in writing.
9.1.2 You also have the right to request the correction of the Personal Information we hold about you. We will take reasonable steps to make appropriate corrections to Personal Information so that it is accurate, complete and up-to-date. Unless a lawful exception applies, we must update, correct, amend or delete the Personal Information we hold about you within a reasonable time period. If we have shared that Personal Information to others, as contemplated under Section 6, we will use our reasonable commercial efforts to contact them and arrange the relevant change.
We do not charge for making corrections.
To seek access to, or, correction of, your Personal Information, please contact our Data Privacy Officer as set out below in Section 11.
9.2 GDPR data subjects – exercising your other rights
If you (a data subject under the GDPR) are located in country that is a member of the European Economic Area (EEA) you have a number of other GDPR rights in relation to our collection and use of your Personal Data. You have the right to:
- opt-out of direct marketing and profiling for marketing – please note Section 10 below.
- opt-out of processing for research / statistical purposes, or processing on the grounds of ‘public interest’ or ‘legitimate interest’ – please note Section 10 below.
- erasure of your Personal Data.
- Personal Data portability.
- Object to or restrict processing of your Personal Data.
Any request in relation to the exercise any of those rights, please contact our Data Privacy Officer as set out below in Section 12.
10. Opt in/out
10.1 We will give you the option to: (a) opt in to agree to be contacted by us in relation to our newsletter or downloads of our case studies, or other educational or marketing materials; and (b) opt out and not receive our newsletter or downloads of our case studies, or other educational or marketing materials .
10.2 InsightUnlocked advises that if you exercise your opt out rights per Section 10.1 this may result in any of the services and materials referred to in Section 10.1 not being provided or made available to you.
We will review this Policy regularly, and we may update it from time to time by publishing the latest version on our Website. You will ensure that you have read the most recent terms posted on the Website.
12. To contact our Data Privacy Officer
If you have a request or enquiry or a complaint about the way we handle your Personal Information (or Personal Data) or to seek to exercise your privacy rights herein in relation to the Personal Information (or Personal Data) we hold about you, you may contact our Data Privacy Officer as follows:
Name: Sabine Doolin
Title: Director, InsightUnlocked Limited
Mail: InsightUnlocked Limited 1/18 Westwell Road, Belmont, Auckland 0622, New Zealand
While we endeavor to resolve complaints quickly and informally, if you wish to proceed to a formal privacy complaint, we request that you make your complaint in writing to our Data Privacy Officer, by mail or email as above. We will acknowledge your formal complaint within 10 working days.
If we do not resolve your privacy complaint to your satisfaction, you may lodge a complaint with the New Zealand Privacy Commissioner by making a complaint online at https://www.privacy.org.nz/your-rights/complaint-form/, or writing to them at Privacy Commissioner PO Box 10094, Wellington 6143.
If you are a data subject in the European Economic Area, you can choose to instead lodge a complaint with your local Data Protection Authority (DPA). The list of DPAs is at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.