insyte.ai

GDPR Compliance

Last Updated: May 21, 2025

Our Commitment to GDPR Compliance

At Insyte, we are committed to ensuring the privacy and protection of your personal data in compliance with the General Data Protection Regulation (GDPR). This page outlines how we adhere to GDPR principles and what rights you have regarding your personal data.

Data Controller

Insyte acts as a data controller for the personal data we collect and process. You can contact our Data Protection Officer at [email protected].

Lawful Basis for Processing

We process personal data on the following lawful bases:

  • Consent: We obtain clear consent for specific processing activities.
  • Contract: Processing is necessary for the performance of a contract with you.
  • Legal Obligation: Processing is necessary to comply with legal obligations.
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party.

Your Rights Under GDPR

Under GDPR, you have the following rights:

  • Right to Access: You can request a copy of your personal data.
  • Right to Rectification: You can request correction of inaccurate personal data.
  • Right to Erasure: You can request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing: You can request restriction of processing in certain circumstances.
  • Right to Data Portability: You can request transfer of your personal data.
  • Right to Object: You can object to processing based on legitimate interests.
  • Rights Related to Automated Decision Making: You have rights regarding automated decision-making and profiling.

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.

Data Protection Measures

We implement appropriate technical and organizational measures to ensure the security of your personal data, including:

  • Encryption of personal data
  • Regular testing of security measures
  • Access controls and authentication
  • Staff training on data protection

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

Contact Us

If you have any questions about our GDPR compliance or wish to exercise your rights, please contact us at [email protected].