We may update this Privacy Policy from time to time without notice. We will take appropriate steps to notify you of any modifications to this Privacy Policy that might materially affect your rights or the way that we use or disclose your personal information prior to such a change. We encourage you to look for updates and changes to this Privacy Policy by checking the “Last Updated” date on this Privacy Policy when you access our Site.

The types of personal information that we may collect about you include, but may not be limited to: information you provide to us, information collected automatically about your use of our Site, and information from third parties.

• Information You Voluntarily Provide Us
  The personal information that we collect from you may include:
  • Form Submissions: information that you provide by filling in forms that we make available on the Site, such as to request information or assistance, including your name, email address, phone number, and company name.
  • Surveys and Research Studies: information that you provide to IDR and/or IDR customers as part of a research study or other questionnaires to which you agree to provide responses.
  • Telephonic and Electronic Recordings: information that you provide to IDR and/or IDR customers via calls made and received by IDR.
  • For Provision of Business Services: information that you provide to IDR to be matched with an appropriate expert advisor, for transcription and recording services, to determine where your organization fits in with its industry peers based on our research, and for other purposes necessary for us to provide you our business services.
  • Technical Support and Customer Service: information you provide when you report a problem with the Site or otherwise communicate with us by email, via our Site, or through other means, including any records and copies of your correspondence that you provide.
  • Job Applications: your name, email address, phone number, and any attachments you include as part of applying for open positions with us that are listed on our Careers page.
• Information We Collect Automatically.As you navigate through our Site or otherwise interact with IDR, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
  • Information About Your Use of the Services: when you browse our Site, our systems automatically collect information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, domain names, referring and exit pages, and URLs, platform type, pages viewed and the order of these page views, the amount of time spent on particular pages, and the date and time of your request.
  • Device Information: if you access the Site through a mobile device (e.g., a smartphone or tablet), we may be able to identify the general location of your mobile device, your mobile device’s brand, model, operating system, resolution, screen size, system version, mobile network information, and your mobile device’s advertising ID. However, this information resides in server logs and is not used for advertising or marketing purposes.
  • Performance Data: we may collect information about your preferences to make your use of the Site more productive and for our internal analytics.
• Information We Collect from Third Parties.When you interact with our Site or accounts on a social media platform, we may collect the personal information that you or the platform make available to us on that page or account, including your social media account ID and/or username associated with that social media service.

IDR uses your information for business and commercial purposes, including to provide the market research or professional services that you request; to perform customer service functions; for security and fraud prevention; for marketing and promotional purposes; and to perform website analytics.

We may use the information we collect about you in the following ways:

• To Provide You Our Services:providing any services or products that you request or purchase, such as processing your application, fulfilling our contract for services, and providing information in relation to our B2B and B2C services and offerings.
• For Security and Fraud Prevention: keeping you secure and safe while interacting with us or using our Site, which requires us to process your personal information in accordance with this Privacy Policy to combat spam, malware, malicious activities, fraud, or security risks, as part of our ongoing maintenance and enforcement of our security measures.
• To Provide You with Service-Related Communications: contacting you regarding the administration of any features or functions of the Site or our services that you have registered to use and notifying you about changes to our Site and services, our policies, terms, or any products or services we offer or provide though our Site.
• To Provide Customer Support or to Respond to You: responding to your questions or other requests.
• To Send You Marketing and Promotional Emails: contacting you with newsletters, marketing or promotional materials, and other information that may be of interest to you based on the services that you already use or the offerings that you have already enquired about unless you have opted not to receive such information.
• For Internal Use and Services Improvement: accumulating and reporting aggregate, statistical information in connection with the Site and user activity, including determining which features and services users like best to help us operate, enhance, and improve our Site.
• To Maintain Legal and Regulatory Compliance: processing personal information to pay our taxes, fulfill our business obligations, ensure compliance with employment, insurance, and recruitment laws, or as necessary to manage risk under applicable law.
• With Your Consent: for any other purpose disclosed to you prior to you providing us your personal information or which is reasonably necessary to provide the services or other related services requested, with your permission or upon your direction; and
• For Employment Purposes: processing job applications, including communicating with you and conducting applicant and employment-related statistical evaluation and record-keeping.

We share your information as needed to fulfill the purposes described in this Privacy Policy and as permitted by applicable law. We may share your information in the following circumstances:

• Within Our Corporate Organization:We may share information between and among IDR subsidiaries and affiliated companies for purposes of management and analysis, decision-making, and other business purposes relating to insurance underwriting and claims administration.
• When We Work with Service Providers: We may share your information with service providers that provide us with support services, such as secure website hosting, service delivery, lawyers, tax consultants, advisors, payment processing, secure videoconferencing, and analytics.
• Corporate Transactions: We may disclose personal information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or sale, or transfer of some or all our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred. By engaging with IDR or using our Site, you understand and agree to our assignment or transfer of rights to your personal information.
• As Required by Law: We may disclose your information if we believe that the disclosure is required by law, if we believe that the disclosure is necessary to enforce our agreements or policies, in response to valid requests by public authorities (e.g., a court or a government agency), or if we believe that the disclosure will help us protect the rights, property, or safety of IDR or our customers.
• With Your Consent: We may disclose your personal information for any purpose with your consent.

Like most websites, our Site uses cookies and similar tracking technologies to perform functions necessary for you to use the website, for analytics, and for advertising-related purposes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow it) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information.

You may be able to reject cookies by adjusting the appropriate settings in your browser. Each browser is different, but many browsers have preferences or options that may be adjusted to allow you to either accept or reject cookies and certain other technologies before they are set or installed or allow you to remove or reject the use or installation of certain technologies altogether.

If you want to learn the correct way to modify your browser settings, please use the Help menu in your browser or review the instructions provided by the following browsers: Internet Explorer, Google Chrome, Mozilla Firefox, Safari Desktop, Safari Mobile and Android browser Please note that if you turn cookies off, some features of the Site will be disabled, will not run as efficiently, or may not function properly.

IDR protects your information using administrative, technical, and physical security measures to reduce the risk of loss, misuse, unauthorized access, disclosure, or modification of your information. We strive to ensure that information is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.

However, no system can be guaranteed to be 100% secure, and due to the inherent nature of the Internet, we cannot guarantee that data, including personal information, is absolutely safe from intrusion or other unauthorized access by others. You are responsible for protecting your password(s) and always maintaining the security of your devices.

We store personal information as needed to accomplish the purposes identified in this Privacy Policy and to meet legal requirements, including record retention, resolving disputes, and enforcing our agreements. The storage period may extend beyond the term of your relationship with IDR.

When personal information is no longer needed, or in any event, after legal authority to retain it has expired, personal information will be destroyed, in accordance with applicable law and pursuant to procedures established in relation to the relevant IDR system or process.

To provide service to you, we may send you communications related to your transactions, security, or the administration of the Site. From time to time, we may also send you other messages or updates about IDR, our Site, and our service offerings or other activities. If you do not wish to receive non-transaction or security-related communications from us, you may opt-out by clicking the “unsubscribe” link in the communication or by contacting us as specified in the “Contact Us” section below. Please note that if you opt out of receiving communications from us, we may still send you service communications such as emails about your account or the status of your application.

When you access or use our Site, please be aware that your personal information will be processed in the United States. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to, processed, or maintained outside of the country or jurisdiction where you are located, you should immediately stop accessing our Site or using our services.

This section provides general information about how IDR collects, stores, uses, transfers and otherwise processes personal data in or from certain countries in the European Economic Area (“EEA”), the United Kingdom, and Switzerland (together, for purposes of this section of the Privacy Policy, “EEA+”), in accordance with the General Data Protection Regulation (GDPR) and its local implementations.

Where IDR is acting as a data controller that determines the purposes and means of processing your personal data, such as when we collect, use, and share personal data as described in the Information We Collect, How We Use Your Information, and How We Share Your Information sections above, we must have a lawful processing basis for doing so.

• to conclude or perform a contract with you, for example to:
  • process your purchases of or requests for products and services, including market research and accessing advisors from our expert network.
  • communicate with you about purchases, professional services, accounts, and programs.
• for our legitimate business purposes, including to:
  • respond to your customer service inquiries and requests for information.
  • maintain, improve, and analyze our websites, mobile applications, advertisements, and the products and services we offer.
  • detect, prevent, or investigate security breaches or fraud; and
  • facilitate the functionality of our Site and digital properties.
• to comply with our legal obligations, for example, to maintain appropriate records for internal administrative purposes and as required by applicable law.
• based on your consent, for example, to send you via email and other electronic means personalized promotions and special offers or informing you about our professional services, offerings, events, or other promotional purposes.

You can withdraw your consent at any time by contacting us as described in the 'Contact Us' section below.

Your EEA+ Data Subject Rights – Under certain circumstances, by law you have the right to:

• Right to Access:Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you. Please note that you must verify your identity and request before further action is taken. As a part of this process, government identification may be required.
• Right to Rectification: Request correction of the personal information that we hold about you.
• Right to Erasure: Request the erasure of your personal information. However, we may not always be able to comply with your request of erasure for specific legal and regulatory reasons which will be notified to you, if applicable, at the time of your request.
• Right to Object: Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party), or where we are processing your personal information for direct marketing purposes.
• Right to Restrict: Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you.
• Right to Data Portability: Request the transfer of your personal information to another party, when possible.
• Right to Withdraw Consent: Where you have given us your consent to process your personal data, you have the right to change your mind at any time and withdraw that consent.
• Right to ask not to be subjected to automated decision making and profiling: Not be subject to automated decision-making producing legal or significant effects on an individual, which we do not engage in. IDR puts the human factor at the heart of our service, so there are no circumstances when profiling or other automated decision making will have a legal impact on you without a person reviewing and making a decision on the result. If you feel you may have been unfairly impacted by profiling, our team can manually assess whether the decision is fair and discuss the situation with you.

To exercise any of these rights, please contact us as set forth in the “Contact Us” section below and specify which GDPR privacy right(s) you wish to exercise. Please note we will ask you to verify your identity before proceeding with any request you make. Once we have verified your identity, we will endeavour to respond to your request within a month from receiving a valid request.

• Transfers -When we transfer or receive personal data from the EEA+, we do so pursuant to appropriate safeguards.
• Retention - As described in the “Retention and Disposal of Your Information” section above, as a general rule, we keep your data for only as long as it is needed to complete the purpose for which it was collected or as required by law. We may need to keep your data for longer than our specified retention periods to honor your requests, including to continue keeping you opted out of marketing emails, or to comply with legal, regulatory, accounting, or other obligations.
• Complaints - If you have any issues with our compliance, you have the right to lodge a complaint with an EEA+ supervisory authority (link). We would, however, appreciate the opportunity to first address your concerns and would welcome you directing an inquiry first to us per the “Contact Us” section below.

IDR's Site and services are not directed towards children under the age of 16 and we do not knowingly collect any personal information from children under the age of 16. If a parent or guardian becomes aware that their child under 16 provided our Site with personal information, please contact us immediately so that we may be take appropriate steps to promptly remove such information from our systems.

If you are a California resident, you have the rights outlined in this section. Please see the “Exercising Your Rights” section below for instructions regarding how to exercise these rights. If there are any conflicts between this section and any other provision of this Privacy Policy and you are a California resident, the portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at privacy@idr.co

• Access: You have the right to request certain information about our collection and use of your Personal Data over the past 12 months. We will provide you with the following information:
  • The categories of Personal Data that we have collected about you.
  • The categories of sources from which that Personal Data was collected.
  • The business or commercial purpose for collecting or selling your Personal Data.
  • The categories of third parties with whom we have shared your Personal Data.
  
  

  California residents also have a right to opt out of the sale of their Personal Data by a business and a right not to be discriminated against for exercising one of their Californian privacy rights. IDR does not sell the Personal Data of any of its clients and does not discriminate in response to privacy rights requests.

  
  

  In accordance with the CCPA, IDR will also (a) never share your Personal Data with third parties for their own direct marketing purposes without your consent or (b) collect new categories of Personal Data or use them for materially different purposes without first notifying you.

  
  

  If we have disclosed your Personal Data for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third party recipient.

• Exercising Your Rights
  To exercise the rights described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data, and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify you and complete your request. You do not need an account to submit a Valid Request.

If there are any questions regarding this privacy policy, please contact us at your convenience using the information below.

Insights Driven Research, Inc.
66 Hudson Blvd E (Spiral Building),
23rd Floor, New York, NY 10001
privacy@idr.co

If you feel that your personal data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with your national Data Protection Authority.

In the UK, this is the Information Commissioner’s Office. You can contact them by
visiting  https://ico.org.uk/global/privacy-notice/how-you-can-contact-us/

In Ireland, this is the Data Protection Commission. You can contact them by
visiting  https://www.dataprotection.ie/en/contact/how-contact-us/

For a complete list of all European Data Protection Authorities, click
here https://ec.europa.eu

For US customers, complaints can be made to the Federal Trade
Commission https://www.ftc.gov

For Canadian customers, you have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada, or in some Canadian provinces, your local Privacy Commissioner.

We reserve the right to amend this Policy from time to time without notice in order to be consistent with Data Protection Law requirements. Where we do make significant changes to this Policy, we will take appropriate steps to bring those changes to your attention.

Published on: Jan, 10th 2024

Last Updated On: Jan, 10th 2024