Convert Insights - Privacy Notice

This policy will tell you about your privacy rights and how we protect your privacy. If you want to know about cookies, please see our Cookie Policy here

About our privacy notice

We are Convert Insights Inc. and we provide online website optimization services to our customers (which we’ll refer to as the “Services”) to improve the performance of their online businesses and marketing activities. We collect certain personally identifying information from our customers and their websites in the course of performing those Services.

We respect the privacy of our customers and their customers and we want you to know that your personal information (data) is protected and that you have a choice about how it is used. This notice explains your rights, how we use your personal data and how we comply with our legal obligations. As an organization we’re committed to data privacy and security, including the General Data Protection Regulations (known as GDPR) which apply to our EEA resident and you'll find the full GDPR roadmap here, and the GDPR Committing to Compliance here.

Our policy won’t apply to any third parties, including our customers' websites and any social media platforms to which our website links and we have no control over any third party websites. We recommend you read the individual privacy policies for other sites and platforms.

MAKING CHANGES TO THIS PRIVACY NOTICE

This policy is effective from October 9th, 2023

We regularly update this policy and post the updated Notice on the website so it is your responsibility as a customer and/or website user to check it. However, if we make a significant change (i.e. change the way data is processed in a way which you wouldn’t expect) then we will actively let you know, by, for example, emailing you using the last email address you give us. We want you to be able to review the revised policy (and change your mind if you want to) before continuing to use the website and Services.

IN A NUTSHELL

We track users for our test and targeting software but do not store IP addresses to figure out your identity. In addition we do not store sensitive personal data.

ABOUT US

We are Convert Insights Inc. of 2093 PHILADELPHIA PIKE #9985, CLAYMONT, DE 19703, USA and we own and operate this website www.convert.com.

The person responsible for data protection is the Privacy Principles Officer, Dionysia Kontotasiou and you can email them at support@convert.com.

As an organization we are subject to the regulatory and enforcement authority of the United States Federal Trade Commission.

IN A NUTSHELL

You need to know anything about how we protect your privacy? All you need to do is ask us!

WHAT IS PERSONAL DATA?

In the US, there isn’t currently one single federal law which defines personal data (or regulates its protection and security) but the GDPR’s definition of personal data is any information which could identify you, including your name, address and email address and IP address. Special category data is more sensitive, such as information about your health or ethnic origin. We don’t collect special categories of personal data but we do collect personal data.

WHEN AND HOW WE COLLECT PERSONAL DATA

You can visit our website and read information about us and our products and services without revealing any personally identifiable information. However, if you want to become a customer, you must create an account and set up a profile.

IN A NUTSHELL

We collect personal data in a variety of ways and you can find out more here.

We collect personal data from you in the following ways:

  • Forms you complete on the Website. This will contain your email address, first name, last name, location, and any other information you choose to provide to us. You should limit the information you provide to us that is only necessary to answer your questions.
  • When you register and create an account with us you will provide your name, email address, and other information requested. We also enrich your email address with company details. You will also create a profile and select a password and you can decide to provide additional information (e.g. a nickname and certain user preferences).
  • Information you provide to us when you buy from us or ask us to provide services and/or products to you (your first and last name, email address, physical address, credit card or other payment information, phone number, and other information requested).
  • The information you provide when you communicate with us such as by email or when you use our website chat software.
  • When you are a customer - we collect tracking information about your website visitors and process that data on your behalf.
  • When you have opted in to receive marketing communications from us (e.g. newsletter) Any surveys or feedback requests which you choose to complete or competitions which you choose to enter.
  • Automatic information (some of which can be personal data) about your visits to our Website which will include (but are not limited to) your IP address, online tracking such as location, browser and type of device you use and your operating system, your internet service provider’s name, and the name of the website from which you entered our website, if any, as well as the name of the website you visit when you leave our website. We use all this information to analyze trends among our users to help improve our website. Please also see our Cookie Policy.
  • Personal data is provided by our customers using our Services (our Service allows our customers to transmit and store additional information on our servers).

HOW WE USE YOUR PERSONAL INFORMATION

We use personal data in a variety of ways and you can find out more here.

We use personal data so that we can:

  • Supply you with Services and/or products you have asked us for.
  • Deal with any queries and resolve any problems and disputes.
  • Send you any information you have asked for or which we think will interest you, where you have consented to this happening, or information we need to tell you about.
  • Deal with any request for help or answer your queries and customer support generally.
  • Personalize and customize our content and to give you the best user experience and to enable you to participate in interactive features of our Website.
  • To analyze and monitor how our Website is used and to help us administer and improve it (including security and fraud detection) and to run our business generally.

We do not make any automated decisions or undertake any profiling.

IN A NUTSHELL

It’s important that you understand how we use your personal data.

THE LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA

We only process (collect, use or store) your information when we have a lawful basis for doing so. You can find out more here.

There are several lawful bases which we rely on, particularly in relation to GDPR, including:

  • Contract – to fulfil our contractual obligations to you or because you have asked us to do something before we enter into a contract together (for example when you register as a customer and/or buy from us or when you are a customer using our services).
  • Consent – when you agree that we can use your personal data in a particular way (for example, when you have opted in to receive marketing communications from us).
  • Legal obligation – when the law says that we must, such as for tax reasons (for example copies of invoices and information relating to payments we receive.
  • Legitimate interest – when we use your personal data in ways you would reasonably expect, and which have a minimal privacy impact, or where there is a compelling justification.

IN A NUTSHELL

We need a lawful basis before we can process your personal data.

CONTROLLING WHAT PERSONAL DATA YOU GIVE US

Our customers can place an opt-out link on their website and we respect your privacy when you turn off tracking features and other security settings in your browser. You can find out more here.

Each of our customers is invited to place an opt-out link on their website that can be used by visitors to their websites who do not want their information given to us, Convert Insights Inc. By clicking on the link, those visitors can activate our opt-out process. We will implement each opt-out election in the shortest amount of time possible after receipt.

We have placed a general opt-out on the home page of our Site. By using the general opt-out, our customers can direct us to purge all or a portion of the data that we have received or collected in the course of performing the Services.

You can opt-out of our Services for each individual customer website and for all of our Services for all customer sites. We provide the opt-out functionality at: https://www.convert.com/opt-out/.

Upon receiving your opt-out request, we will purge the information submitted to us pertaining to that request.

DO NOT TRACK SETTINGS
Some web browsers have settings that enable you to request that our website not track your movement within our website. Our website obeys such settings when transmitted to and detected by our website. You can alter tracking features and other security settings in your browser by referring to your browser’s user manual.

WHAT HAPPENS IF YOU CHOOSE NOT TO GIVE US YOUR PERSONAL DATA?

If you do not wish to provide us with the personal data which we need from our customers, (or you provide us with the data but then change your mind), you will be unable to use our Services.

IN A NUTSHELL

You can control what data you give us but we'll need some if you want be our customer.

ACCURACY OF PERSONAL DATA – UPDATING YOUR PROFILE

We want your data to be accurate and up-to-date so please keep us up to date when anything changes. Customers (registered users) can do this by updating their profile. Alternatively, you can email us at support@convert.com or visit https://www.convert.com/contact-us/.

WHO DO WE SHARE PERSONAL DATA WITH?

There are likely to be times when we must share your personal data with others, for example, where the law requires or to enforce our rights or protect others, such as for fraud prevention or if we sell all or part of our business or it is otherwise acquired by someone else. We could also:

  • Allow authorized third parties (for a list of our authorized third parties see here) to track and store information about visitors to our website (including IP addresses).
  • Disclose your personal data to those who are providing services to us if they have appropriate processes to protect it.

Otherwise we will only share your personal information if you have consented to this.

IN A NUTSHELL

We share data with others but we want you to know all about it.

DATA FROM OUR CUSTOMERS AND THEIR WEBSITES

Customers can specify the categories of data they wish to receive and you can find out more here.

The Services we provide to customers consists of tracking visits to their websites and collecting information about the behavior of those visitors. The data we collect helps you (the customer) optimize your website and to use it strategically. This data can include the web addresses (URLs) of pages visited, the URLs of web pages that referred your visitors to your website, details about the web browsers that visitors use to browse your website, the operating systems used by those visitors, the number of screen colors and the screen resolution used by the visitors to view your websites and external geodata elements connected to your visitors' IP address, including country, city, region, etc.

Our Service is organized so that our customers can specify the categories of data they wish to receive. The foregoing categories of information do not necessarily enable us or others to identify you or the visitors to your website. However, if the URLs we collect contain information that in themselves include personally identifiable information, such as a name or phone number, or if they link to pages that contain personally identifiable information, then we can collect that information as well.

Our Service allows our customers to transmit and store additional information on our servers. This additional information can be anything, including personally identifiable information, except that we don't permit URLs or internet addresses to be stored. We have no control over what information is transmitted by our customers to our servers. Our customers can also request that we receive personally identifiable information that has been rightfully obtained by those customers, such as the email addresses of those who visit their websites and the information those visitors to their websites choose to post.

All of the information that we collect from our customers, retain and store, that identifies them and the visitors to their websites belong to our customers. We treat that information as proprietary, confidential customer property. Convert Insights Inc. is merely a limited agent that possesses and uses the information only for purposes of performing the Services requested by our customers. We recommend that our customers include information in their own privacy policies that describes their use of hosted optimization services such as those we provide. We also recommend that each of our customers provides its visitors with information regarding their ability to opt-out of permitting disclosure of their personally identifiable information to providers such as Convert Insights Inc. We urge visitors to our customers' websites to review the privacy policies of those websites. Those privacy policies govern the use of visitors' personally identifiable information by our customers and also by us.

GDPR RIGHTS FOR EUROPEAN UNION INDIVIDUALS

The law gives you certain rights in relation to your personal data and to exercise or discuss these rights contact Dionysia Kontotasiou at support@convert.com.

You can find our more about your rights here

The following rights can apply to personal data we collect and process (these can vary according to the lawful basis we rely on to process personal data) so that you can:

  • Access personal data that we hold about you (Right to access your personal data).
  • Make changes to your personal data if it is incomplete or inaccurate (Right to rectification) – see ACCURACY OF PERSONAL DATA – UPDATING YOUR PROFILE.
  • Restrict the processing of your personal data in certain circumstances, including where we are relying on legitimate interest as a lawful basis to process your personal data and you need us to check this basis.
  • Ask us to erase your personal data (Right to be forgotten) and prevent processing in specific circumstances, particularly when your consent is the lawful basis for us processing your data.
  • Object to us processing your personal data in certain circumstances, including for direct marketing purposes, and where we rely on legitimate interest as a lawful basis to process your personal data.
  • Obtain and reuse your personal data (in a structured, commonly used and machine readable format) for your own purposes across different platforms (data portability) where the processing is based on your consent or for the performance of a contract.

IN A NUTSHELL

GDPR gives EU residents specific data rights and we comply with those rights.

EXERCISING YOUR RIGHTS

You can exercise your GDPR rights by contacting us at support@convert.com and can find out more about our process here

When you choose to exercise any of your data protection rights:

  • We will ask you for some information (primarily identification and clarification) and we can supply an optional form for you to complete if you would like to use it.
  • We will deal with your request as soon as we are able to; usually, that’s within one month of receiving it.
  • If there is going to be a delay in dealing with your request (for example, because it’s complex) or there is a reason why we can’t comply with your request, we will let you know and explain why within one month of receiving your request.
  • There is usually no charge unless your request is manifestly unfounded or excessive.

STORING PERSONAL DATA

We keep your data:

  • For as long as it is necessary for the purposes for which the personal data are processed.
  • To enable us to comply with our legal obligations, for example for tax purposes.

Details about how long we retain data is here.

Please check that the retention periods meet your other compliance obligations:

Data Subject How long is personal data kept?
Customers We will retain personal data for 7 years from the date that you ceased to be a customer.
Potential Customers We will retain personal data for 12 months from the date of our last contact.
Potential Suppliers We will retain personal data for 6 months from the date of the last time you contacted us.
Suppliers We will retain personal data for 7 years from the date that you ceased to be a supplier.
Employees We will retain personal data for 7 years from the date that you ceased to be an employee.
Potential employees We will retain personal data for 12 months from the date of the last time you contacted us.

IN A NUTSHELL

We store personal data for only as long as we need to.

TRANSFERRING PERSONAL DATA

Our company is registered and based in the US and so your data will be processed, transferred or stored outside the EU and the UK to countries including the US, which do not have the same data protection as the EU. However, wherever we transfer, process or store your personal data, we will take reasonable steps to protect it.

We comply with GDPR and the Data Privacy Framework when transferring the personal data of EU, UK and Swiss individuals, and you can find out more here.

EU and UK Residents – transfers

Since some countries do not have the same level of data protection the law restricts the transfer of your personal data so that this can only take place if:

  • Certain conditions are met. These include, for example:
    • There is a list of countries (approved by the European Commission) which provide an adequate level of data protection.
    • There is an obligation on us to ensure that appropriate safeguards are in place, such as; binding corporate rule; compliance with an approved code of conduct, using contractual data protection clauses approved and/or adopted by the European Commission; certification under an approved mechanism. An example would be the EU-US Data Privacy Framework where organizations self-certify that they meet the Data Privacy Framework standards – see EU, UK and Swiss individuals – Data Privacy Framework for transfers to the U.S., below.
  • There is a derogation or exemption, including your informed, compliant and valid consent or contractual performance obligation (including pre-contractual steps) which we would usually rely on and which allows us to do this.
  • It’s a one-off transfer which meets the relevant criteria.

EU, UK and Swiss individuals – the EU-US Data Privacy Framework (EU-US DPF), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework

Convert Insights, Inc. complies with the EU-US Data Privacy Framework (EU-US DPF) and the UK Extension to the EU-US DPF as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries (and Iceland, Liechtenstein, and Norway), and the United Kingdom (including Gibraltar) transferred to the United States pursuant to EU-US Data Privacy Framework. Convert Insights, Inc. complies with the Swiss-US Data Privacy Framework (Swiss-US DPF) as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from Switzerland transferred to the United States pursuant to the Swiss-US DPF. Convert Insights has certified that it adheres to the Data Privacy Framework Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification page, please visit https://www.dataprivacyframework.gov/.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Convert Insights is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the DPF Principles, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the DPF, should direct their query to support@convert.com. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to support@convert.com.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Convert Insights’ accountability for personal data that it receives in the United States under the Data Privacy Framework Principles and subsequently transfers to a third party is described in the DPF Principles. In particular, Convert Insights remains responsible and liable under the DPF Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Convert Insights proves that it is not responsible for the event giving rise to the damage.

Data Privacy Framework Enforcement & Disputes

In compliance with the Data Privacy Framework Principles, Convert Insights Inc. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF. European Union, United Kingdom and Swiss individuals with DPF inquiries or complaints should first contact should Convert Insights Inc. at:
Convert Insights Inc.
Department: Data Privacy Framework Principles
2093 PHILADELPHIA PIKE #9985
CLAYMONT, DE 19703, USA

We have also committed to refer unresolved privacy complaints under the EU-US DPF Principles to an independent dispute resolution mechanism, DATA PRIVACY FRAMEWORK SERVICES, operated in the United States by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. The services of DATA PRIVACY FRAMEWORK SERVICES are provided at no cost to you.

If your Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.

IN A NUTSHELL

We transfer data out of the EU and the UK but we know what we’re doing and comply with the Data Privacy Framework.

  • Customers. That data is stored in the US. For that we have Data Privacy Framework in place.
  • Website visitors on customer sites. That data stays in Europe on German servers and does not leave Europe.

DATA SECURITY

We have implemented technology, security policies and measures to protect the personal information that we have under our control from unauthorized access, improper use, alteration, unlawful or accidental destruction and accidental loss. To find out more, see below.

The data we collect from our customers and their websites in the course of providing the Services is stored on servers operated by third parties under contract with us. The user names and passwords our customers use to access their accounts and the Services are stored on servers operated by different third parties, also under contract with us. Those third parties have instituted reasonable commercial measures to ensure the security of our customers' information, and we rely on the effectiveness of those measures to keep our customers' information secure. These security measures include physical security of the facilities where the servers are located; redundant storage of data in multiple physical locations; access to data based on established privilege levels; firewalls to prevent unauthorized access; and SSL-encrypted API calls. We do not collect, store or transmit any credit card or banking account data from sites installing our code.

Data that our customers submit to us regarding visitors to their websites do not contain any personally identifiable information unless the visitors themselves have included such personally identifiable information in their submissions to our customers' websites. We have no control over this, and we disclaim any responsibility for the unauthorized use or disclosure of such information. However, such data is retained in the servers in an anonymous form and IP addresses are not stored.

IN A NUTSHELL

We take care of your personal data.

COLLECTING AND PROCESSING NON-PERSONAL INFORMATION

When you use the Website we also collect non-personal information or aggregated information – that is any information about more than one individual where the individual’s identity is unknown and cannot be inferred from that information. This helps us run our Website and business effectively. Find out more here.

Our website uses Google Analytics to collect information about the use of our website. We use this information to analyze traffic, improve our marketing, and to improve our website. Google Analytics does not collect your name or other identifying information. We do not combine the information collected using Google Analytics with personal data. For more information on how Google collects and processes your data, visit https://www.google.com/policies/privacy/partners/.

You can prevent Google Analytics from using your information by opting out at this link: https://tools.google.com/dlpage/gaoptout.

We use cookies – please read our Cookie Policy which can be found here.

LINK TO THIRD PARTIES AND SOCIAL MEDIA

You can visit or leave our Website by clicking a link to or from another website or platform operated by a third party – for example, you can use social media icons (such as Twitter). If you do this, please also take the time to read the relevant privacy information provided by other websites/platforms because they will be different to our privacy Notice which only relates to our website.

HIPAA NON-COMPLIANCE

Customers acknowledge that Convert Insights Inc is not a Business Associate or subcontractor (as those terms are defined in HIPAA) and that the Convert Insights Inc. Services is not HIPAA compliant. “HIPAA” means the Health Insurance Portability and Accountability Act and related amendments and regulations as updated or replaced. “Regulated Data” includes HIPAA-regulated data and data covered under the Gramm-Leach-Bliley Act (or related rules or regulations) as updated or replaced.

DATA PROCESSING AGREEMENT

If you or your organization are required under the European Union’s General Data Protection Regulation (GDPR) to enter into a contract, or other binding legal act under EU or Member State law, with your data processors, you can review and accept our Data Processing Agreement here.

Start Your 15-Day Free Trial Right Now.
No Credit Card Required

You can always change your preferences later.
You're Almost Done.
I manage a marketing team
I manage a tech team
I research and/or hypothesize experiments
I code & QA experiments
Convert is committed to protecting your privacy.

Important. Please Read.

  • Check your inbox for the password to Convert’s trial account.
  • Log in using the link provided in that email.

This sign up flow is built for maximum security. You’re worth it!