Privacy Policy

Effective Date: July 1, 2024

1. Introduction

Inspect-Data, Inc. (“Inspect-Data,” “we,” “us,” or “our”) operates https://www.inspect-data.com (the “Site”) and offers:

• A flat-fee Risk Finder tool to help organizations discover where sensitive data resides
• A Classification Intelligence SDK that analyzes and classifies data at scale for business and compliance insights

We respect your privacy and are committed to protecting your personal information.

2. Scope & Jurisdiction

This Policy applies to all visitors (“you”) of our Site and users of our Risk Finder tool and Classification Intelligence SDK worldwide, with special adherence to U.S. privacy laws (CCPA) and, where applicable, the EU GDPR.

3. Information We Collect

We collect the following personal data relating to your interaction with our Site and Product:

• Contact & License Data: name, email, and phone number when you register your license or contact us. Billing information (including credit card numbers and billing address) is collected and processed securely by our third-party Merchant of Record, FastSpring.
• Device & Usage Data: IP address, browser type/version, pages visited, referral URLs, and web server logs related to the Site, as well as non-sensitive license validation keys transmitted from the Product.
• Cookies & Tracking: analytical cookies (Google Analytics) to understand Site and tool usage.

We do not collect sensitive categories (health, biometric, etc.).

4. Data Processed by Customer (Inspected Data)

The Classification Intelligence SDK and Risk Finder tool (the “Product”) are delivered as a Docker Container or SDK and deployed by the customer on the customer’s chosen infrastructure (e.g., local servers, private cloud, or data center).

• Data Processing Control: Inspect-Data does not access, store, or process the sensitive or classified content (the “Inspected Data”) that the customer analyzes using the Product. All inspection, classification, and analysis of the Inspected Data occurs entirely within the customer’s isolated environment and under the customer’s sole control.
• Telemetry Data: The only data the Product may transmit back to Inspect-Data’s servers are non-sensitive license validation keys, which are necessary to verify the subscription status and which do not contain any portion of the Inspected Data.

5. How We Collect User PII

• Directly from You: via contact forms, license registration, and support inquiries.
• Via Service Providers: Billing information is collected and processed by FastSpring.
• Automatically: through web server logs and Google Analytics when you browse the Site or use our hosted interfaces, and via non-sensitive license validation keys transmitted by the Product (see Section 4).

6. Legal Bases for Processing

Under GDPR or similar frameworks, we rely on:

• Consent: for any data you submit via forms.
• Contract Performance: to validate your license and deliver our services.
• Legitimate Interests: to operate, secure, and improve our Site and products (e.g., analytics and license validation), provided these don’t override your rights.

7. How We Use Your Information

• Service Provisioning: validating your license status and supporting your use of the Risk Finder and Classification Intelligence SDK.
• Product Improvement: analyzing Site usage metrics to enhance performance, accuracy, and user experience.
• Communications: sending non-promotional transactional emails (e.g., security updates) and, upon request, newsletters via email.

8. Data Sharing & Disclosure

We do not sell or share your personal data, except:

• Service Providers: We share necessary data (e.g., name, email) with FastSpring to facilitate billing and transactions. We also use Google Analytics for Site/tool analytics.
• Legal Requirements: if compelled by law or to protect our rights.

9. International Transfers of User PII

All processing of the personal data we collect (as defined in Section 3) is conducted in the United States. By using our Service, you consent to the transfer of your PII from your home country to the United States for processing. As stated in Section 4, the processing and storage of Inspected Data is determined solely by the customer.

10. Cookies & Opt-Out

We deploy only analytical cookies via Google Analytics. To opt out, disable cookies in your browser or install Google’s Opt-out Add-on; we honor Do-Not-Track where supported.

11. Your Privacy Rights

You may at any time:

• Access the personal data we hold about you.
• Correct inaccuracies.
• Delete your data.
• Withdraw Consent for consent-based processing.
• Opt-Out of sale/sharing under CCPA.

To exercise rights, email privacy@inspect-data.com. We’ll verify and respond within applicable legal timelines.

12. Data Retention

We retain personal data only as long as necessary to fulfill the purposes—e.g., license registration data persists until you delete your records (plus a brief backup period), after which we securely delete or anonymize it.

13. Security

We use industry-standard administrative, technical, and physical safeguards (e.g., TLS encryption, access controls) to protect data from unauthorized access or disclosure. We do not store sensitive payment card information.

14. Children’s Privacy

Our Site, Risk Finder tool, and Classification Intelligence SDK are not directed to children under 18. We do not knowingly collect minors’ data.

15. Changes to This Policy

We may update this Policy periodically. We’ll post the revised Effective Date at the top, and your continued use after changes constitutes acceptance.

16. Contact Us

For privacy questions or data-subject requests:

• Email: privacy@inspect-data.com
• Address: Inspect-Data, Inc. 141 W 5th St., Unit 5198 Chico, CA 95927