INSIDEA
Legal

Privacy Policy

Effective 8 June 2026Last updated 8 June 2026

INSIDEA respects your privacy. This notice explains what personal data we collect, how we use it, who we share it with, how long we keep it, and the rights you have under GDPR, UK GDPR, CCPA, CPRA, LGPD, and other applicable privacy laws.

Who we are

INSIDEA, Inc. ("INSIDEA", "we", "us", "our") is a Delaware-registered company headquartered at 8 The Green, Ste R, Dover, DE 19901, United States. We deliver HubSpot implementation, RevOps, growth marketing, and AI services to businesses worldwide.

For the purposes of GDPR and UK GDPR, INSIDEA is a data controller when you visit insidea.com or otherwise interact with us directly, and a data processor when we handle personal data on behalf of our clients as part of a paid engagement.

Data we collect

We collect personal data in three ways: data you give us directly, data we collect automatically when you interact with insidea.com, and data we receive from third parties.

Data you give us directly

  • Contact details (name, work email, phone, company, role) when you submit a form, book a call, download a resource, or contact our team.
  • Project information you share with us during scoping, onboarding, or engagement delivery.
  • Communications you send us, including emails, chats, support tickets, and meeting recordings where you have consented.
  • Marketing preferences and feedback.

Data we collect automatically

  • Device and browser information, IP address, approximate location, and referring URLs.
  • Pages viewed, time spent, scroll depth, clicks, and other interaction signals on insidea.com.
  • Cookie and similar-technology data, as described in our Cookie Policy.

Data from third parties

  • Enrichment data from business directories and lead intelligence providers (for example, publicly available company and role information).
  • Engagement data from ad platforms, partner referrals, and marketing programs you have opted into.
  • Data from clients when we act as a service provider on their behalf. This data is processed under the client's privacy notice, not ours.

How we use your data

  • Run our services. Respond to inquiries, scope engagements, deliver work, invoice, support, and account-manage you as a customer.
  • Improve insidea.com. Understand which content helps businesses choose INSIDEA so we can publish more of what works.
  • Marketing and communications. Share blog posts, guides, case studies, and event invites with people who have shown interest. You can unsubscribe at any time.
  • Advertising. Run campaigns on Google, LinkedIn, Meta, and similar platforms, and measure whether they drive qualified conversations.
  • Security and fraud prevention. Detect abuse, block bots, and protect our systems and yours.
  • Legal and compliance. Meet our obligations under tax, accounting, employment, and data-protection laws.

Under GDPR and UK GDPR we rely on the following legal bases:

  • Consent for marketing emails, non-essential cookies, and any sensitive data processing.
  • Contract when we process data to deliver a service you or your company has asked us to perform.
  • Legitimate interests for analysing aggregated traffic, securing our systems, account management, and contacting business prospects in line with applicable law. We balance these interests against your rights.
  • Legal obligation where we must keep records or respond to lawful requests.

Who we share data with

We share personal data with the following categories of recipients, under contracts that require appropriate safeguards:

  • Service providers who help us run our business, including HubSpot (CRM and marketing automation), Google (Workspace, Analytics, Ads), LinkedIn, Meta, Microsoft (Clarity), Apollo, Slack, Zoom, Canva, and cloud-hosting providers.
  • Professional advisors including legal counsel, accountants, and auditors.
  • Partners and integrators where you have opted in to a joint program.
  • Authorities when we are legally required to do so, or to protect rights, safety, or property.
  • Successors in a corporate transaction such as a merger, acquisition, or sale of assets, in which case we will provide notice.

We do not sell or share your personal information as those terms are defined under the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and similar laws. We do share certain information with advertising partners (such as Google, LinkedIn, and Meta) for the purpose of running and measuring our own marketing campaigns. California residents and visitors from jurisdictions with similar rights can opt out of this sharing at any time by rejecting advertising cookies in our consent banner, which functions as a "Do Not Sell or Share My Personal Information" signal, or by emailing privacy@insidea.com.

International transfers

INSIDEA is headquartered in the United States and operates globally. Personal data we collect may be transferred to and processed in countries outside your home country. Where required by law, we use approved transfer mechanisms such as the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, and adequacy decisions where they apply.

Data retention

We keep personal data only as long as we need it for the purposes set out in this notice, or as required by law. In practice:

  • Prospect and lead data is retained while there is active engagement and reviewed periodically. Dormant records are archived or deleted.
  • Customer engagement records and contracts are retained for the duration of the relationship plus the period required by tax, accounting, and legal obligations.
  • Marketing-consent records are retained until you withdraw consent.
  • Analytics data is aggregated or pseudonymised where possible.
  • Backup and security logs are retained for the period necessary to maintain integrity and audit trails.

Security

We use administrative, technical, and organisational measures designed to protect personal data, including access controls, least-privilege defaults, encryption in transit, vendor reviews, and incident-response procedures. No system is perfectly secure, so we cannot guarantee absolute security, but we work continuously to reduce risk and respond promptly to issues.

Your rights

Depending on where you live, you have different rights over the personal data we hold about you. You can exercise any of these rights by emailing privacy@insidea.com. We may ask for information to verify your identity before acting on a request.

EU, UK, EEA (GDPR and UK GDPR)

Right of access, rectification, erasure, restriction, portability, objection (including to direct marketing), and the right to withdraw consent at any time. You also have the right to lodge a complaint with your local data protection authority.

California (CCPA and CPRA)

Right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of the sale or sharing of personal information, and the right to limit use and disclosure of sensitive personal information. You can authorise an agent to act on your behalf. We will not discriminate against you for exercising these rights.

Other US states

Residents of Colorado, Connecticut, Virginia, Utah, and other US states with comprehensive privacy laws have comparable rights including access, deletion, correction, portability, and opt-out of targeted advertising and sales.

Brazil (LGPD)

Right to confirmation of processing, access, correction of incomplete or inaccurate data, anonymisation, blocking or deletion of unnecessary data, portability, deletion of data processed with consent, information about sharing, and revocation of consent.

Other jurisdictions

Other privacy laws may grant you comparable rights. Reach out to privacy@insidea.com and we will route your request to the appropriate framework.

Children's privacy

insidea.com is a business-to-business service and is not directed to children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact us and we will delete it.

Cookies and similar technologies

We use cookies, pixels, and similar technologies on insidea.com to operate the site, measure traffic, and run marketing. For a full inventory and to manage your preferences, see our Cookie Policy.

Automated decision-making

We do not use solely automated decision-making, including profiling, that produces legal or similarly significant effects on you.

Changes to this policy

We may update this notice from time to time. When we make material changes, we will update the date at the top of this page and, where appropriate, give you notice by email or through the site.

Contact us

For privacy questions, rights requests, or any concern about how INSIDEA handles personal data, contact us at:

INSIDEA, Inc.
8 The Green, Ste R
Dover, DE 19901
United States

Email: privacy@insidea.com

EU and UK visitors may also contact their local data protection authority if they believe their data has been mishandled.

Get Started
With Us

Book a demo and discovery call to get a look at:

How INSIDEA works
The subscription plan that best fits your needs
Pricing, onboarding, and anything else
HubSpotSalesforcePipedriveAircallApolloTrustpilot

Book a Call With Us

By clicking next, you agree to receive communications from INSIDEA in accordance with our Privacy Policy.