Privacy Statement
1. General Provisions
1.1 Purpose of this Policy
At Dialog Insight (“Dialog Insight“, “we“, “us” or “our“), protecting personal information is an integral part of our commitment to our customers, their users, our business partners and visitors to our websites.
This Privacy Policy (the “Policy“) describes Dialog Insight’s practices regarding the collection, use, disclosure, retention and protection of personal information in connection with its business activities.
This Policy applies, in particular, to:
- the Dialog Insight website;
- the Dialog Insight platforms (including app.dialoginsight.com and app.mydialoginsight.com);
- specialized modules developed by Dialog Insight, including the Journey module and behavioural measurement tools;
- applications, interfaces, APIs and integrations offered by Dialog Insight;
- communications with our customers, partners, suppliers and website visitors; and
- any individual using our products or services.
1.2 Applicable Laws
Dialog Insight is committed to processing personal information in accordance with applicable privacy laws, including:
- Québec’s Act respecting the protection of personal information in the private sector;
- Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA);
- Canada’s Anti-Spam Legislation (CASL);
- the European Union General Data Protection Regulation (GDPR);
- applicable French privacy laws, including guidance published by the French Data Protection Authority (CNIL); and
- any other applicable privacy legislation.
Our objective is to ensure that personal information is handled responsibly, transparently and securely throughout its lifecycle.
1.3 Definitions
For the purposes of this Policy, the following terms have the meanings set out below.
- Personal Information : Any information relating to an identifiable individual, either directly or indirectly. Depending on the context, certain information may also be considered sensitive personal information under applicable laws.
- Customer : Any organization using Dialog Insight’s products or services.
- Data Subject : Any individual whose personal information is processed by Dialog Insight or through its services.
- Platform : The collection of applications, cloud services, APIs, modules and functionalities developed or operated by Dialog Insight.
- Processing : Any operation performed on personal information, including its collection, use, consultation, storage, disclosure, modification, anonymization or destruction.
2. Governance
2.1 Privacy Officer
Dialog Insight has appointed a Privacy Officer (Data Protection Officer or “DPO“) responsible for overseeing the organization’s compliance with applicable privacy laws and serving as the primary point of contact for questions or requests relating to the processing of personal information.
If you have any questions regarding this Policy, wish to exercise your privacy rights, or would like to report a privacy incident, you may contact us at: dpo@dialoginsight.com
For general inquiries regarding our products or services, please contact: info@dialoginsight.com
2.2. Our Role
Depending on the circumstances, Dialog Insight may act either as a Data Controller or as a Data Processor (or service provider) under applicable privacy laws.
2.2.1 Data Controller
Dialog Insight acts as a Data Controller when it collects and processes personal information for its own business purposes, including to:
- operate its website;
- administer customer accounts;
- manage business relationships;
- process billing;
- respond to requests for information;
- provide technical support;
- organize events and webinars;
- communicate with customers and business partners; and
- comply with applicable legal obligations.
In these situations, Dialog Insight determines the purposes and means of processing.
2.2.2 Data Processor
The Dialog Insight Platform enables customers to manage their own personal information as part of their marketing, communications, marketing automation and customer relationship management activities.
In this context:
- personal information remains the exclusive property of the customer;
- the customer remains responsible for the processing carried out through the Platform;
- Dialog Insight acts solely as a technology provider or Data Processor; and
- Dialog Insight processes personal information only in accordance with its customers’ documented instructions.
Customers are responsible for, among other things:
- determining the purposes of processing;
- identifying the applicable legal basis;
- obtaining any required consents;
- complying with transparency obligations;
- responding to requests from data subjects;
- determining applicable retention periods; and
- ensuring that their use of the Platform complies with applicable laws.
Where users access Dialog Insight’s services through an authorized reseller or partner, references to “customer” in this Policy also include such authorized resellers and partners.
3. Processing of Personal Information
Dialog Insight processes personal information solely for the purposes described in this Policy, in accordance with applicable laws and the contractual commitments made to its customers. Personal information is processed in accordance with the principles of lawfulness, fairness, transparency, data minimization, accuracy, storage limitation, integrity and confidentiality established under applicable privacy laws.
Depending on the services used and Dialog Insight’s role, personal information may be collected directly from individuals, from our customers or, where permitted by law, from authorized third parties. The categories of personal information collected, the purposes of processing and the processing activities performed vary depending on the circumstances.
Certain features of our website, Platform and electronic communications rely on cookies, tracking pixels, local storage technologies and similar technologies. Information regarding these technologies, their purposes, applicable consent mechanisms, retention periods and the ways in which users can manage their preferences is described in our Cookie and Tracking Technologies Notice, which forms part of our privacy governance framework.
3.1 Customer and platform user account management
When an organization becomes a Dialog Insight customer or creates a user account, we collect the personal information necessary to establish and manage the business relationship and to provide access to the Platform. Such information may include the individual’s name, email address, telephone number, organization, job title, account preferences and authentication information.
We also collect certain technical information required for the secure operation of the Platform, including login logs, IP addresses, browser and device information, security events and other technical information necessary to deliver our services.
This information is used to establish and manage our customer relationships, provide our services, administer user accounts, secure access to the Platform, prevent unauthorized access, provide technical support, improve our services and resolve technical incidents.
Personal information relating to customer relationship management, such as contact information for designated representatives, administrative information, contracts and billing information, may be retained in our Customer Relationship Management (CRM) system or our accounting system. Personal information processed on behalf of our customers as part of the services we provide remains within systems operated and controlled by Dialog Insight.
3.2 Use of our Website
When you visit our website or complete a form, we collect the information that you choose to provide, including your name, email address, telephone number, organization, job title and any other information you voluntarily submit.
This information may be used to respond to your requests, schedule demonstrations, register you for events or webinars, provide access to specific resources, communicate with you and establish or maintain a business relationship.
3.3 Dialog Insight Communications
When you choose to receive communications from Dialog Insight or interact with them, we may use certain tracking technologies to measure their effectiveness, including email opens, link clicks and certain interactions with our website.
This information helps us improve our communications, better understand the interests of our customers and prospects, enhance the user experience and improve the relevance of our products and services.
3.4 Services provided to our Customers
Dialog Insight provides a Platform that enables customers to manage their communications, marketing campaigns, automated customer journeys and the personal information of their own contacts.
Depending on the features enabled by the customer, the Platform supports contact list management, communication personalization, marketing automation and the measurement of certain interactions with communications sent through the Platform.
Where these features are used, Dialog Insight generally acts as a Data Processor (or service provider) and processes personal information solely in accordance with its customers’ documented instructions. Customers remain responsible for determining the purposes of processing, identifying the applicable legal basis or other lawful grounds, obtaining any required consents, establishing retention periods and ensuring compliance with applicable legal requirements.
3.5 Disclosure of Personal Information
Dialog Insight discloses personal information only where necessary to provide its services, where instructed by a customer, where required by law, or where necessary to protect its rights, those of its customers or those of others.
We do not sell or rent personal information processed as part of our own business activities or on behalf of our customers.
3.6 Legal Obligations
Dialog Insight may use or disclose personal information where required to comply with applicable legal or regulatory obligations, including to:
- respond to court orders or lawful requests from competent authorities;
- comply with legal obligations;
- protect its rights, property or security, or those of its customers or others;
- prevent, detect or investigate fraud, unlawful activities or misuse of its services; or
- enforce its Terms of Use or contractual rights.
In all cases, Dialog Insight limits such disclosures to the personal information strictly necessary for the applicable purpose and ensures compliance with applicable legal requirements.
3.7 New Purposes
Dialog Insight uses personal information only for the purposes described in this Policy or otherwise communicated at the time of collection.
If we intend to use or disclose personal information for a new purpose that is incompatible with the purposes originally identified, we will inform you and obtain your consent where required by applicable law.
Where consent constitutes the applicable legal basis for processing, Dialog Insight ensures that such consent is obtained in accordance with applicable laws. Depending on the circumstances and applicable legal requirements, consent may be express, implied or obtained through another legally recognized mechanism.
4. Sharing of Personal Information
Dialog Insight may disclose certain personal information to authorized service providers or business partners where necessary to provide its services, operate its Platform, or comply with its legal and contractual obligations.
Dialog Insight selects its service providers based on security, privacy and compliance criteria and implements appropriate contractual safeguards to ensure the protection of personal information.
4.1 Service Providers and Subprocessors
Dialog Insight relies on specialized service providers to support the operation, security and continuous improvement of its services, including providers of:
- cloud hosting and infrastructure;
- authentication services;
- electronic communications;
- message delivery services (email, SMS, mobile notifications and other communication channels);
- artificial intelligence services;
- technical support; and
- administrative and collaboration tools.
Where message delivery services are used, only the personal information strictly necessary to deliver the communication is shared with the relevant service providers, such as the destination address, telephone number, notification token, message content and certain technical information required for transmission.
These service providers act solely on behalf of Dialog Insight or its customers and are authorized to process personal information only for the purpose of providing the agreed services, in accordance with the contractual obligations applicable to them.
A list of our principal service providers and subprocessors is available upon request or through our compliance documentation.
4.2 Third-Party Integrations and Services
To provide certain functionalities, Dialog Insight offers integrations with services operated by third parties.
These integrations are enabled only when selected by the customer or user, or where required to deliver the requested service. Any personal information accessible through these integrations is limited to what is necessary for the relevant functionality.
4.2.1 Use of Google Services and Google API Data
When you choose to connect your Google Account to the Dialog Insight Platform, we access certain information from your Google Account solely to provide the integration that you have requested.
Scope of Access | Dialog Insight accesses only the information required to use Google Ads Customer Match for the purpose of creating, updating and managing audience lists within your own Google Ads account. No other Google Account data is accessed or used. |
Purpose of Processing | The information obtained is used exclusively to synchronize contact segments from Dialog Insight to your Google Ads account, enabling you to manage your advertising audiences in accordance with your settings and instructions. |
Processing of Data | Contact information transmitted to Google Ads is hashed prior to transmission, in accordance with Google Customer Match requirements. Dialog Insight does not retain, reuse or share Google API data beyond what is strictly necessary to provide the requested functionality. |
User Consent | Access to your Google Account information occurs only after you have granted your explicit authorization through Google’s OAuth authorization process. You may revoke this access at any time through your Google Account settings. |
Limited Use of Google API Data | Dialog Insight complies with the Google API Services User Data Policy, including its Limited Use requirements. Google API data is used solely to provide the functionality requested by the user. Such data is never used for unauthorized purposes, including advertising, profiling, independent analytics or training artificial intelligence models. |
In-Application Notice | When enabling a Google integration, Dialog Insight displays an in-application notice identifying the Google data to which access will be requested, together with a link to this Privacy Policy. |
4.3. Hosting and International Data Transfers
Dialog Insight operates various technology infrastructures to meet the needs of its customers and applicable regulatory requirements. Depending on the services used, personal information may be hosted or processed in Canada, France, the European Union or other jurisdictions where authorized service providers are located.
Where possible, Dialog Insight provides hosting environments that meet its customers’ contractual or regulatory requirements, including data residency requirements.
Where personal information is transferred outside its jurisdiction of origin, Dialog Insight implements appropriate safeguards to ensure an adequate level of protection, including contractual commitments, transfer risk assessments where required, appropriate technical and organizational measures, and recognized transfer mechanisms under applicable privacy laws.
Dialog Insight ensures that any service provider with access to personal information maintains a level of protection consistent with applicable privacy and security requirements.
5. Protection of Personal Information
Protecting personal information is a fundamental responsibility of Dialog Insight. We implement reasonable administrative, organizational, physical and technical safeguards to protect personal information against loss, theft, unauthorized access, use, consultation, reproduction, modification, disclosure or destruction.
5.1 Security
Our security measures are established based on the nature and sensitivity of the personal information processed, the risks identified and recognized industry best practices.
Depending on the services provided, these measures may include:
- access management based on the principle of least privilege;
- multi-factor authentication, where appropriate;
- encryption of data in transit and, where appropriate, at rest;
- environment segmentation;
- logging of activities and access;
- infrastructure monitoring;
- vulnerability and security patch management;
- regular backups and recovery procedures;
- business continuity mechanisms;
- employee awareness and training; and
- contractual confidentiality obligations applicable to employees, service providers and subprocessors.
Our website and applications use recognized security technologies to protect personal information against unauthorized access. Only authorized personnel, to the extent necessary to perform their duties, are permitted to access personal information. All personnel with access to personal information are subject to appropriate confidentiality obligations.
Personal information entrusted to Dialog Insight by its customers is primarily processed within systems operated and controlled by Dialog Insight. Only certain administrative or commercial information required to manage the business relationship (for example, customer information, contracts or billing information) may be retained in enterprise systems such as our Customer Relationship Management (CRM) system or our accounting system.
Although we implement appropriate safeguards, no security system can guarantee absolute protection against every risk. Dialog Insight regularly reviews and updates its security measures to address evolving threats and technological developments.
5.2 Artificial Intelligence
Dialog Insight is progressively developing certain functionalities that use artificial intelligence or automation technologies to improve the user experience, facilitate certain analyses and assist users in using the Platform.
Where artificial intelligence features are offered:
- they are developed and deployed in accordance with Dialog Insight’s security, privacy and data protection principles;
- they are used solely for their intended purposes; and
- they are subject to appropriate technical and contractual safeguards where specialized AI service providers are used.
Unless otherwise specified, Dialog Insight does not use customer data to train public or shared artificial intelligence models.
Information obtained through tracking features, cookies or tracking pixels is not used to train public artificial intelligence models.
Additional information regarding our responsible use of artificial intelligence is available in Dialog Insight’s Responsible Artificial Intelligence Principles.
5.3 Privacy Incident Management
Dialog Insight maintains procedures to detect, assess, document and respond to privacy incidents involving personal information.
A privacy incident may include, among other things:
- unauthorized access;
- unauthorized use;
- accidental disclosure;
- loss;
- destruction; or
- any other breach affecting the confidentiality, integrity or availability of personal information.
When a privacy incident is detected, Dialog Insight takes appropriate measures to:
- limit its impact;
- determine its cause;
- prevent recurrence; and
- comply with applicable legal notification requirements.
Where required by law, Dialog Insight will notify affected individuals, customers and/or the appropriate authorities in accordance with applicable legal requirements.
5.4 Retention of Personal Information
Dialog Insight retains personal information only for as long as necessary to fulfill the purposes for which it was collected, or as otherwise required to comply with applicable legal, regulatory, contractual or operational obligations.
Retention periods may vary depending on the nature of the information, the services used and applicable legal requirements. Once the applicable retention period has expired, personal information is securely deleted, anonymized or destroyed.
- Where Dialog Insight acts as a Data Controller, personal information is retained in accordance with its internal retention schedule.
- Where Dialog Insight acts as a Data Processor, retention periods applicable to personal information processed through the Platform are generally determined by the customer or by the applicable agreement.
Retention periods applicable to cookies, tracking pixels and similar technologies are described in our Cookie and Tracking Technologies Notice, which also explains the purposes of these technologies and how users may manage their preferences.
5.5 Accuracy of Personal Information
Dialog Insight takes reasonable steps to ensure that the personal information it holds is accurate, complete and up to date, having regard to the purposes for which it is used.
We encourage users to notify us of any changes to their personal information or business contact information. Platform users may also update certain information directly through the functionalities provided for that purpose.
Where Dialog Insight processes personal information on behalf of its customers, data subjects should contact the organization acting as the Data Controller directly to request corrections or updates to their personal information.
6. Your Privacy Rights
Depending on the applicable privacy laws, you may exercise various rights regarding your personal information, including the right to:
- access your personal information;
- request that it be corrected;
- withdraw your consent where consent is the applicable legal basis for processing;
- request the deletion or portability of your personal information;
- object to certain processing activities; and
- file a complaint with the appropriate supervisory authority.
Where Dialog Insight acts as the Data Controller, you may exercise these rights by contacting our Privacy Officer at: dpo@dialoginsight.com
Where Dialog Insight acts as a Data Processor on behalf of one of its customers, certain requests must be directed to the relevant customer, who remains responsible for the processing of your personal information.
7. Changes to this Policy
Dialog Insight may update this Policy from time to time to reflect changes to its services, business practices, or applicable legal and regulatory requirements. The most current version of this Policy is always available on our website.
8. Contact Us
If you have any questions regarding this Policy or our privacy practices, you may contact us at: info@dialoginsight.com
If you wish to exercise your privacy rights, report a privacy incident or submit a privacy-related complaint, please contact our Privacy Officer at: dpo@dialoginsight.com
9. Related Documents
This Policy is supplemented by the following documents, which form part of Dialog Insight’s privacy governance framework:
- Cookie and Tracking Technologies Notice
- Responsible Artificial Intelligence Principles
- List of Principal Service Providers and Subprocessors
- Dialog Insight Platform Terms of Use