Privacy Policy
Last updated: June 30, 2026
This Privacy Policy explains how GlobalInsight ("we," "our," "us"), a registered DBA of Crisis Logic, collects, uses, and protects personal information in connection with the Global Demand Loop℠ Service. We are committed to data minimization and to handling your information lawfully, including under the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA).
1. Information We Collect
- Account data: name, email, and profile details from Google sign-in or signed SSO; organization/workspace membership and role.
- Contact & marketing data: email addresses you submit (e.g., to subscribe to the Weekly EMBI Movers digest or to request market research).
- Usage & security data: log data, IP address, and audit events (logins, access links, administrative actions) used to secure and operate the Service.
- Content you provide: reports, subject requests, and inputs you submit to a workspace.
The market data presented by the Service is generated by the GlobalInsight Analysis Engine℠ from publicly and human-expressed signals; it is not collected from your device.
2. How & Why We Use It (Legal Bases)
- To provide the Service (performance of a contract): authentication, workspaces, research delivery.
- To communicate (consent / legitimate interests): digest emails and fulfillment notifications, which you can opt out of at any time.
- To secure & improve (legitimate interests / legal obligation): fraud prevention, audit logging, debugging.
3. We Do Not Sell Your Personal Information
We do not sell or share your personal information for monetary or other valuable consideration, and we do not engage in "sharing" for cross-context behavioral advertising as defined under the CCPA/CPRA. We have not done so in the preceding 12 months.
4. Cookies & Similar Technologies
We use only strictly necessary cookies required to operate the Service — namely authentication cookies (a session cookie for Google sign-in and a short-lived access token for email/password and SSO logins). We also store small preference values in your browser's local storage (e.g., your cookie choice and digest-subscribe state). We do not use advertising, analytics, or third-party tracking cookies. Because essential cookies are required for the Service to function, they cannot be disabled without affecting core functionality; you may manage cookies via your browser settings and review your choice via the cookie banner.
5. Sharing & Processors
We share personal information only with service providers acting on our behalf under appropriate safeguards — for example, our authentication provider, email delivery provider (Resend), and hosting/infrastructure. We may disclose information where required by law or to protect rights and safety. Workspace data is confined to the client to which the workspace belongs.
6. International Transfers
We are based in the United States; if you access the Service from outside the U.S., your information may be transferred to and processed in the U.S. Where required, we rely on appropriate transfer mechanisms (such as Standard Contractual Clauses) to protect your information.
7. Data Retention
We retain personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements, after which it is deleted or anonymized.
8. Your Rights
GDPR (EEA/UK): you may request access, rectification, erasure, restriction, portability, and objection, and may withdraw consent or lodge a complaint with your supervisory authority.
California (CCPA/CPRA): you have the right to know, access, delete, and correct your personal information, to opt out of sale/share (we do not sell or share), and to non-discrimination for exercising your rights.
To exercise any right, contact admin@globalinsight.ai. We will verify and respond within the timeframes required by law.
9. Security
We apply reasonable technical and organizational measures — including secure cookies, rate limiting, tenant isolation, role-based access, and audit logging — to protect personal information. No method of transmission or storage is fully secure.
10. Children
The Service is not directed to children under 16, and we do not knowingly collect their personal information.
11. Changes & Contact
We may update this Policy; material changes will be posted with a revised date. Data controller: GlobalInsight (a DBA of Crisis Logic). Contact: admin@globalinsight.ai.