How OneInsight supports GDPR

We have aligned our policies and practices with the General Data Protection Regulation (GDPR). This page provides a high level summary. Please contact us at privacy@oneinsight.io with any questions.

Overview

OneInsight, as a Data Processor, collects and stores a minimum of Personal Data only as instructed by our Customer, the Data Controller, to deliver the OneInsight Services.

This page covers:

  • The data we collect and store on behalf of our customers
  • How we comply with GDPR concerning obtaining consents, honoring Data Subject Requests, putting in place the appropriate contracts, and maintaining appropriate safeguards.

Looking for more information? Here are some reference pages:

The Data We Collect and Store

OneInsight collects, processes, and stores Personal Data about people who interact with the Customer via Marketo, a service from Marketo Inc., or a service that connects to the Customer’s Marketo instance (e.g., website, chat, webinar), only as directed by the Customer. 

OneInsight does not sell any Contact Data collected on behalf of the Customer or market its services to the Customer’s contacts.

Categories of Data Subjects:

  • Customer’s end-user subscribers, prospects or customers
  • Customer’s employees or other authorized users or administrators of OneInsight

Categories of Personal Data:

  • Personal master data (e.g., Name)
  • Contact information (e.g., company, business email address, and phone number)
  • Activity information (e.g., on the website, via email or forms)
  • Contract master data (contractual relationship, interest in products or contracts)

How we comply with GDPR

Appropriate Safeguards

Per Article 32 of the GDPR, we have appropriate technical and organizational measures in place to keep your data secure. All data is stored securely in Google's Cloud Platform (GCP).

Contracts

We have the appropriate Data Processing Agreements (DPAs) in place with all vendors and subprocessors that process data on our behalf. Please visit our Subprocessors page for more information on how we vet and contract with our subprocessors.

Respecting the Data Subject's rights

We have processes in place to respect the requests from data subjects. OneInsight exports corrects or deletes Contact Data upon request by the Customer. If we receive a request directly from a Data Subject, we work with the Customer to respect the request.