Privacy Policy for Sandhill Insights
1. Introduction
Sandhill Insights (“we,” “us,” “our”) is committed to respecting and protecting your privacy and personal data. We recognize the importance of safeguarding information entrusted to us and are dedicated to upholding the highest standards of data protection and transparency in accordance with applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you visit or interact with our website (sandhillinsights.com), or otherwise communicate with us.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data processed by Sandhill Insights via our website, digital platforms, and communications. We act as the data controller for the personal data we collect, meaning we determine the purposes and means of processing that data.
By accessing or using sandhillinsights.com, you acknowledge that you have read, understood, and agree to this Privacy Policy.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data, either directly from you or automatically through your interactions with our services:
a) Usage Data: Information about how you use our website, including IP address, browser type and version, operating system, referring URLs, pages visited, time spent on pages, and link clicks.
b) Account Data: Personal identifiers used to create accounts or communicate with us, including your name, email address, mailing address, and phone number.
c) Profile Data: Preferences, interests, purchase history, usage behavior, and other insights generated through engagement with our website or services.
d) Communication Data: Records of your correspondence with us, including support requests, feedback, and contact history.
e) Technical Data: Device-related details such as hardware model, operating system version, device identifiers, web browser settings, and mobile network data.
f) Transaction Data: Information related to purchases made through our platform, including billing details, delivery addresses, and payment confirmations (note: we do not directly process credit card information; this is managed by secure third-party payment processors).
g) Preference Data: Your consents, marketing communication preferences, product or topic interests, and inferred interests based on behavior.
4. Legal Bases for Processing Personal Data
We only process your personal data when there is a lawful basis to do so under the GDPR and, where relevant, the CCPA. These lawful bases include:
– Consent: Where you have explicitly granted permission (e.g., newsletter signup).
– Contractual Necessity: Processing necessary to perform a contract with you or to take steps at your request prior to entering into a contract.
– Legal Obligation: Where processing is required to fulfill legal responsibilities.
– Legitimate Interests: For purposes such as improving our services, preventing fraud, enhancing user experience, internal administration, and marketing where not overridden by your fundamental rights and freedoms.
5. Your Rights
Under applicable data protection laws, including the GDPR and CCPA, you have certain rights in relation to your personal data:
– Right of Access: Request confirmation of whether we process your data and obtain a copy.
– Right to Rectification: Request that inaccurate or incomplete information is corrected.
– Right to Erasure (Right to be Forgotten): Request deletion of your personal data under certain conditions.
– Right to Restriction of Processing: Ask us to limit processing of your data in specific situations.
– Right to Data Portability: Request to receive your personal data in a structured, commonly used, machine-readable format and transfer it to another controller.
– Right to Object: Object to processing based on legitimate interests or for direct marketing.
– Right to Withdraw Consent: Withdraw previously given consent at any time.
– California Rights (CCPA): California residents may also request disclosure of specific information, access to personal data, information about data sharing, and the right to opt out of the sale of their information (Sandhill Insights does not sell user data).
To exercise any of these rights, please contact us at: [email protected].
6. Security Measures
We implement robust administrative, technical, and physical safeguards to protect your personal data from unauthorized access, disclosure, alteration, and destruction. These include:
– Encryption of data in transit and at rest when necessary
– Access controls limiting internal data access to authorized personnel
– Firewalls and security monitoring
– Regular data backups
– Employee training on data protection and privacy protocols
Despite these measures, no system can be guaranteed 100% secure; however, we continuously evaluate and enhance our practices to mitigate risks.
7. International Data Transfers
If your personal data is transferred outside the European Economic Area (EEA), we ensure that such transfers are carried out in accordance with applicable data protection laws. This includes implementing EU Standard Contractual Clauses or relying on adequacy decisions or lawful exemptions. We take appropriate steps to safeguard your data when shared across jurisdictions.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, accounting, or reporting requirements. Specific retention periods include:
– Usage Data: Retained for up to 12 months for analytic purposes.
– Account Data: Retained while you have an active relationship with us and up to 6 years thereafter.
– Transaction Data: Retained for legal and accounting compliance for at least 6 years.
– Communication and Support Data: Retained for 24 months following the last interaction.
– Preference and Marketing Data: Retained until consent is withdrawn or after 24 months of inactivity.
9. Cookie Policy
We use cookies and similar technologies on sandhillinsights.com to enhance your browsing experience, analyze site traffic, and deliver relevant content. Types of cookies used include:
– Essential Cookies: Necessary for the website to function and cannot be switched off.
– Functional Cookies: Enable enhanced functionality and personalization.
– Analytics Cookies: Help us understand how visitors interact with the site.
– Performance Cookies: Used to measure and improve the performance of our site and services.
10. Cookie Management and Compliance with GDPR & CCPA
Upon first visit to our site, you will be presented with a cookie consent banner allowing you to accept, reject, or customize your cookie preferences in alignment with GDPR and CCPA compliance standards.
You can modify your choices at any time by accessing your browser settings or visiting our cookie management tool. Users in California may opt-out of the cookie-based sale of personal information (if applicable), although we do not engage in such practices.
11. Children’s Privacy
sandhillinsights.com is not directed to children under the age of 13. We do not knowingly collect personal data from individuals under 13 years old. If you become aware that a child has provided us with personal information, please contact us at [email protected], and we will take steps to delete such information.
12. Policy Updates and User Notification
We may revise this Privacy Policy from time to time to reflect changes in the law, regulatory guidance, or our practices. Material changes will be communicated via appropriate channels, such as email notifications or prominent announcements on our website.
We encourage you to review this Policy periodically to stay informed about how we manage and protect your personal information.
13. Contact Us
If you have any questions, concerns, or wish to exercise your privacy rights, please reach out to us via email at:
We value your trust and are committed to maintaining your privacy and data protection. This Privacy Policy is designed to keep you informed and in control of your personal data.