Privacy Policy

1. Who We Are

einblick is a research and intelligence platform. We serve two distinct user groups:

• Research Clients (Companies): Organisations that commission research studies through our platform.
• Respondents: Individuals who participate in surveys and AI-moderated interviews, either anonymously or as registered panellists.
• Internal Research: We also conduct our own independent research to generate industry-wide benchmarks and intelligence reports.

Data Fiduciary (Controller): Innodrive Consulting Services Private Limited, India.
Grievance Officer: info@innodrive.in

2. What Data We Collect & Why

We practise strict data minimisation — we collect only what is necessary for the specific purpose described below.

3. Anonymity & Confidentiality

Research Clients receive only anonymised or aggregated insights — they never receive your name, phone, email, or any other directly identifying information unless you have explicitly consented to be contacted.

Your individual audio recordings and AI-derived emotional data are stored securely and are not shared with Research Clients in raw form. All emotional analysis data is presented only at a statistical aggregate level.

For anonymous survey submissions (no account required), your responses are linked only to a temporary session token. No name or phone number is connected unless you voluntarily provide it during the reward claim stage.

4. How We Use & Share Your Data

4.1 Research Clients

Research Clients receive de-identified survey results for the study they commissioned (names, emails, and phone numbers are removed or replaced with respondent IDs). Research Clients sign a Data Processing Agreement with us and are bound by the same data protection obligations.

4.2 Infrastructure Partners (Sub-processors)

All sub-processors are bound by Data Processing Agreements that prohibit them from using your data for any purpose beyond providing services to einblick.

• Database & File Storage: We use secure, encrypted database and storage providers to host all platform and research data.
• Security & Bot Protection: We use industry-leading security services to protect our API endpoints and detect automated bot activity.
• AI & Processing Models: We partner with specialized AI providers to power our interview moderation and behavioural analysis systems.
• Authentication & Communications: We use trusted authentication services and communication channel partners for secure login and notifications.
• Cloud Hosting & Infrastructure: Our platform is hosted across various global cloud infrastructure providers to ensure high availability and performance.

4.3 Research Reports & Aggregated Insights

For research conducted internally by einblick, we may analyse findings to create industry benchmarks and market intelligence reports. We may sell these final reports to third parties. Important: These reports contain only high-level, statistical, and fully anonymised insights. Individual responses or identifying data are never included in these sold reports.

We do not sell, rent, or trade your personal data.

5. Payment Processing (If Applicable)

While einblick is currently in a closed beta and does not process payments, we may integrate third-party payment processors in the future for Reward Payouts or Client Subscriptions.

In such cases, your payment details (such as credit card numbers or bank account info) are handled directly by the payment processor. We do not store or process your sensitive financial information on our own servers.

6. Cookies & Tracking

We use essential functional cookies only to provide a secure and reliable experience. We do not use third-party tracking or advertising cookies.

Our functional tracking includes:

• Security & Auth: To keep you signed in and protect your account from unauthorised access.
• Research Integrity: To prevent duplicate survey submissions and ensure the validity of research data.
• Session Management: To maintain the continuity of AI-moderated interview sessions and track response timing for behavioural analysis.
• Preferences: To remember your acknowledgement of our platform notices (such as this one).

7. Data Retention

• Survey responses & audio recordings: Retained for the duration of the research project, then archived or deleted per client agreement — in no case longer than 3 years per DPDPA guidelines.
• Identity / PII data: Retained while your account is active. Deleted within 30 days of an account deletion request.
• Waitlist emails: Retained until the platform exits beta or until you request removal.
• Technical/session data: Retained for a maximum of 90 days for security auditing.

8. Your Rights as a Data Principal

Under the Digital Personal Data Protection Act (DPDPA) 2023 and the Information Technology (SPDI Rules) 2011 under the IT Act 2000, you have the following rights:

• Right to Access: Request a summary of what personal data we hold about you.
• Right to Correction: Request correction of any inaccurate personal data.
• Right to Erasure: Request deletion of your personal data. Note: this may affect your ability to claim pending rewards.
• Right to Withdraw Consent: Withdraw consent at any time — responses already submitted become permanently anonymised.
• Right to Nominate: Nominate a person to exercise these rights on your behalf in the event of your incapacitation.
• Right to Grievance Redressal: File a complaint with us, and if unresolved, escalate to the Data Protection Board of India once operational.

9. Data Security

We implement enterprise-grade security safeguards to protect your data as mandated by the SPDI Rules and DPDPA:

• Encryption: All data is encrypted both while in transit across the internet and while stored on our servers.
• Access Control: We enforce strict internal access policies to ensure that your data is only accessible to authorised systems and personnel.
• Threat Protection: We use advanced security services to protect our platform against bot activity, brute-force attacks, and other malicious threats.
• Breach Notification: In the event of a significant data breach, we will notify affected users and the Data Protection Board of India within the legally mandated timeframe.

10. Intellectual Property & Ownership

Research insights and aggregated analysis generated from your responses become the property of the Research Client who commissioned the study. Your individual responses, once anonymised, form part of the research dataset.

Your personal identity data (name, email, phone) always remains your property and may be requested for deletion at any time per Section 7.

All platform software, Intenally developed AI models, branding, and research methodologies are the exclusive intellectual property of Innodrive Consulting and are protected under applicable Indian IP law.

11. Applicable Law & Jurisdiction

This Privacy Policy is governed by the laws of India, including:

• Digital Personal Data Protection Act (DPDPA) 2023 (Act No. 22 of 2023)
• DPDP Rules 2025 (notified January 3, 2025)
• Information Technology Act 2000 and the SPDI Rules 2011
• Consumer Protection Act 2019

Any disputes shall be subject to the exclusive jurisdiction of the courts in India. For data protection complaints unresolved by us, you may approach the Data Protection Board of India once its complaint mechanism is fully operational.

12. International Data Transfers

As a global platform, your data may be processed on servers located outside of India (including the United States and European Union) by our cloud infrastructure partners.

We ensure that such transfers are compliant with the DPDPA 2023 and that our partners adhere to strict data protection standards (such as Standard Contractual Clauses or equivalent adequacy mechanisms) to maintain the same level of protection as required under Indian law.

13. Children's Privacy

einblick is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal data without verifiable parental consent, we will take immediate steps to delete such information.