Insightrix Communities Software
Research Software that Ensures Data Security
Insightrix Communities Data Policy
Data protection is central to Insightrix Communities a division of Insightrix Research Inc. We are committed to security and privacy, and comply with industry standards, including The Personal Information Protection and Electronic Documents Act (PIPEDA, Canada), The General Data Protection Regulation (GDPR, Europe) and ISO 27001.
Insightrix Communities has two roles regarding the Insightrix Online Community software platform. First is role of the Controller. Insightrix acts as the Controller of Personal Data and/or Personally-Identifiable Information (PII) when it collects Personal Data and/or PII from the Data Subject. As Controller, Insightrix has obligations to the Data Subject regarding the security and privacy of the data Insightrix collects.
Second, is role of the Processor. Insightrix Communities acts as the Processor when clients of Insightrix Communities utilize the Insightrix Online Community software to Collect Personal Data and/or PII from Data Subjects. In these cases, it is the Insightrix Client, acting as Controller, who has obligations to the Data Subject.
Insightrix Clients are encouraged to obtain the consent of Data Subjects before collecting Personal Data and/or PII. The Personal Data and/or Personally-Identifiable Information (PII) disclosed to Insightrix by the Data Subject belong to the Data Subject, and the Data Subject continues to have rights to the Personal Data and/or PII after it is disclosed. Insightrix provides the Data Subject with links to the Insightrix website where information about the ability to control their Personal Data and/or PII can be found. Every Insightrix client using an Insightrix Online Community is encouraged to publish their Data and Security Agreement on the Insightrix Online Community.
The Controller will be identified to the Data Subject at the time of collection of data. The Insightrix Communities Data Policy explains the practices and policies Insightrix Communities employs to protect the Personal Data and PII of Data Subjects when acting in the role of the Controller or Processor.
Insightrix is committed to the following principles:
Transparency
The Insightrix Communities Data Policy is a public statement of the principles and rules governing the Use of Personal Data and PII
-
Insightrix Communities provides education about the Data Policy to Employees and Clients using the Insightrix Online Community to ensure all parties understand permitted Personal Data and/or PII practices.
-
Insightrix Communities in the role of Controller must declare the Permitted Purpose(s) of Personal Data/and or PII Collection when using the Insightrix Online Community and state the use of the Personal Data and/or PII.
-
Insightrix Communities has launched a control centre to make privacy settings easier to understand and update. Users of the Insightrix Online Community receive reminders about how to view and edit their privacy setting.
Accountability
We have Privacy Principles that explain our policies and practices relating to privacy and data protection.
We have a team of trained professionals, including an Data Privacy Officer, who ensure compliance with the Data Policy and applicable privacy principles.
ISO 27001:2013
Palo Alto Networks next generation firewalls
Provide real-time, zero-day protection against exploits and intrusions, as well as denial of service attacks.
These firewalls go beyond Layer 3 into application awareness to block unwanted traffic.
These firewalls provide defense against application-level exploits, and are updated daily.
Barracuda Networks Spam and Virus firewall
Barracuda Networks Spam and Virus firewall protects email systems against malware and attacks.
KnowBe4 Security Awareness
Active Directory servers
Active Directory servers control access to data through partitioning and access control lists.
Shred all policy
A “shred all” policy enforces destruction of all hard copy documents.
VMware virtual environment with redundancy
Protects against physical failures.
Backup
Multiple layers of backup systems ensure data retention and integrity.
On-site Generac generator
Gas-fired on-site generator ensures server uptime.
Business class SaskTel fiber optic internet services
Ensures data connectivity.
24/7 monitoring
Server monitoring – from onsite to offsite, monitored building alarms, closed-circuit security systems and physical area access restrictions.
Privacy and Security
We believe your data belongs to you.
Public or Private Community
Insightrix Communities software empowers community managers to choose whether they prefer closed or open membership. You can choose to develop your Community to be open to any potential member who lands on the site, or you can set it up so you can control who enters. We’re flexible – the choice is up to you.
If you have any concerns about how your privacy is protected at Insightrix Communities please contact our Privacy Officer at privacy@insightrix.com or by phone at +1.306.657.5640 x 224.