Privacy Policy

Your privacy is important to us. It is True North Insights’s ("TNI") policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, https://www.truenorthinsights.com, and other sites we own and operate.

We adhere to the principles of the General Data Protection Regulation (GDPR), the UK Data Protection Act (DPA), and the California Consumer Privacy Act (CCPA). These regulations guide our approach to handling personal data.

If you reside in the European Union, please see General Data Protection Regulation (GDPR) below.

If you reside in the United Kingdom, please see UK Data Protection Act (DPA) below.

If you reside in the State of California, please see California Consumer Privacy Act (CCPA) below.

You can contact our Data Protection Officer (DPO) at compliance@truenorthinsights.com for any privacy-related concerns.

‍

What Information We Collect

“Personal data” as defined by the GDPR and UK DPA, refers to any information related to an identified or identifiable individual, and “personally identifiable information” under the CCPA. The personal data that we collect may include one or more of the following:

Name
Email
Work history
Professional background
Social media profiles
Phone/mobile number
Financial information (to process any invoices)

Children’s Privacy

We do not knowingly collect personal information from children under the age of 13. TNI’s expert network requires that all members be at least 18 years of age.

‍

Why We Collect Personal Data

We only collect and use your personal data when we have a legitimate reason for doing so. In such instances, we only collect personal information that is reasonably necessary to provide our services to you, our clients, or potential clients:

to contact and communicate with you
utilize personal data collected to market our services to our affiliates, clients, potential clients, or you
for surveys, we use individual information to generate demographic data relating to the responses we receive to particular surveys; however, this is disclosed in the aggregate to our clients
develop, support, and improve our business and, in the case of Advisors, match you with consulting opportunities or notify you of potential TNI engagement opportunities
to process invoices
for internal record keeping and administrative purposes
legal obligations or to comply with orders or requests by a court or other governmental body

Our processing of personal data is based on one or more of the following legal bases:

Performance of a contract, which allows us to provide expert network services to our clients.
We rely on legitimate interests to maintain and improve our services, ensure security, and prevent fraud.

‍

How We get the Data

We may collect limited data from public databases, partners, and other external sources.
When you contact us via email, social media, phone, or on any similar technologies we may collect personal data as stated above.
When you visit our website, using a mobile device or web browser, our servers may automatically log the standard data provided by your web browser. It may include your device’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, other details about your visit, and technical details that occur in conjunction with any errors you may encounter.

Please be aware that while this information may not be personally identifiable by itself, it may be possible to combine it with other data to personally identify individual persons.

We process personal data only where a valid legal basis applies under applicable data protection laws. Where processing is based on consent, your consent will be obtained through a clear affirmative action and may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal. Please note that we may combine the information we collect about you with general data or information obtained from other trusted sources.

‍

Security of Your Personal Information

We do not sell or share your personal data with third parties for their marketing or solicitation purposes. We do not use IP addresses or web page request information to try to identify you. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

When we collect and process personal information, and while we retain this information. We will be implementing security measures, including encryption, access controls, and regular audits, to protect personal data against unauthorized access, loss, or alteration.

Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is absolutely secure. We are committed to protecting your information and have implemented a robust Information Security Management System (ISMS) in accordance with ISO 27001 standards. We will comply with laws applicable to us in respect of any data breach.

‍

Cookies and Tracking

Our website uses cookies to personalize content and ads, to provide social media features, and to analyze our traffic. Cookies are small data files stored on your device when you visit a website, helping us understand how you interact with our site and improve our services. We also share information about your use of our site with our social media, advertising, and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission.

Non-essential cookies are deployed only after you provide explicit consent through our cookie management platform. You may withdraw or modify your consent at any time. Certain third-party partners may act as independent data controllers, and their processing is governed by their own privacy notices.

‍

Cookies Used:

Some cookies are placed by third party services that appear on our pages. You can at any time change or withdraw your consent from the Cookie Declaration on our website.

This site uses different types of cookies to optimize your experience, including:

Necessary Cookies: Helps our website be usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Statistics Cookies: To understand how visitors interact with websites by collecting and reporting information anonymously.
Preference Cookies: Enable our website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Marketing Cookies: Used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.
Unclassified Cookies: We are in the process of classifying, together with the providers of individual cookies.

‍

How Long We Keep Your Personal Information

We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this Privacy Policy. If your personal information is no longer required, we will delete it or make it anonymous by removing all details that identify you.

‍

The GDPR is European Union (EU) law that governs how organizations within and outside the EU handle the personal data of EU residents. We, TNI, under the GDPR, are the data controller for the personal information we collect. This means we determine the purposes for which and the manner in which your data is processed. This includes information that you knowingly provide when you submit your personal data through our website, phone, or email, as well as information automatically transmitted by your devices while accessing our website and services.

Additionally, we may process certain personal data in furtherance of legitimate business or contractual purposes, such as names, addresses, email addresses, and other contact information for designated Client representatives or personnel. In addition, we may distribute marketing materials or communications to potential or existing Clients. For these purposes, we operate as a data processor under the GDPR. The details of our data processing activities in this capacity are outlined in this Privacy Policy.

In addition to our Privacy Policy terms, you have the following rights under the GDPR:

Access your personal data
Correct errors in your personal data
Erase your personal data
Object to the processing of your personal data
Export your personal data

If you would like to exercise your rights, you may contact us at compliance@truenorthinsights.com.

More information on how to exercise these rights is in Your Rights and Controlling Your Personal Information below.

In this GDPR policy, the following definitions are used:

Data

collectively all information that you submit to True North Insights via the Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;

Data Protection Laws

any applicable law relating to the processing of personal Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations, and secondary legislation;

GDPR

the General Data Protection Regulation;

True North Insights, we or us

True North Insights, a company incorporated in Delaware whose registered office is at 500 Fifth Avenue, 18th Floor, New York, NY 10110, United States

User or you

any third party that accesses the Website and is not either (i) employed by True North Insights and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to True North Insights and accessing the Website in connection with the provision of such services; and

Website

the website that you are currently using, https://www.truenorthinsights.com/, and any sub-domains of this site, unless expressly excluded by their own terms and conditions.

‍

General Data Protection Regulation (GDPR) – European Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), TNI has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:

by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

‍

UK Data Protection Act (DPA):

The UK DPA 2018 is the UK’s implementation of the GDPR, which includes additional provisions such as Lawfulness of Processing, Children’s Data, and Criminal Offense Data.

Data Subject Rights

As a data subject, you have the following rights:

The right to access – You have the right to request copies of your personal data.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data.
The right to object to processing – You have the right to object to our processing of your personal data.
The right to portability – You have the right to request your personal data to be transmitted to another controller if technically feasible.

If you make a request, we generally have one month to respond to you.

More information on how to exercise these rights is in Your Rights and Controlling Your Personal Information below.

If you would like to exercise any of these rights, please contact us at compliance@truenorthinsights.com.

‍

UK General Data Protection Regulation (GDPR) - UK Representative

Pursuant to Article 27 of the UK GDPR, TNI has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:

by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom

If you feel that we have not addressed your concerns satisfactorily, you have the right to lodge a complaint with the relevant supervisory authority at Information Commissioner’s Office (ICO) at ico.org.uk and European Data Protection Board's website at edpb.europa.eu.

‍

California Consumer Privacy Act (CCPA):

The CCPA provides California residents with enhanced privacy rights and greater control over their personal information. Under the CCPA, we ensure:

Right to Know: You have the right to know what personal information is collected, used, shared, or sold.
Right to Delete: You can request the deletion of your personal information held by us, subject to certain exceptions.
Right to Opt-Out: You have the right to opt out of the sale of your personal information to third parties.
Non-Discrimination: We do not discriminate against individuals for exercising their CCPA rights, such as denying services or providing a different quality of service.
Right to correct: You may ask businesses to correct inaccurate information that they have about you.
Right to limit use and disclosure of sensitive personal information: You can direct businesses to only use your sensitive personal information for limited purposes, such as providing you with the services you requested.

Although TNI does not sell or share personal information as defined under the CCPA/CPRA, California residents may exercise their right to opt out by contacting us at compliance@truenorthinsights.com.

More information on how to exercise these rights is in Your Rights and Controlling Your Personal Information below.

TNI’s CCPA approach is to help ensure all members benefit from increased control and clarity, which is in line with our commitment to putting our members first and working every day to maintain the trust they put in us.

Scope of this CCPA policy

This CCPA policy applies only to the actions of True North Insights and Users with respect to this Website. It does not extend to any websites that can be accessed from this Website, including, but not limited to, any links we may provide to social media websites.
We have collected the following categories of personal information from consumers within the last twelve (12) months:
- Name
- Email
- Work history
- Resume
- Social media profiles
- Phone/mobile number
- Bank information (to process any invoices)

In this CCPA policy, the following definitions are used:

Data

collectively all information that you submit to True North Insights via the Website. This definition incorporates, where applicable, the definitions provided in the Consumer Protection Laws;

Consumer Protection Laws

any applicable law relating to the processing of personal Data, including but not limited to the CCPA, and any State of California implementing and supplementary laws, regulations, and secondary legislation;

CCPA

California Consumer Privacy Act;

True North Insights, we or us

True North Insights, a company incorporated in Delaware whose registered office is at 500 Fifth Avenue, 18th Floor, New York, NY 10110, United States

User or you

Website

the website that you are currently using, https://www.truenorthinsights.com/, and any sub-domains of this site, unless expressly excluded by their own terms and conditions.

‍

International Transfers of Personal Information

The personal information we collect is stored and/or processed where we or our partners, affiliates, and third-party providers maintain facilities. Please be aware that the locations to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries, we will protect the transferred personal information in accordance with this Privacy Policy.

Where personal data is transferred outside the EEA or UK, we rely on appropriate safeguards, including Standard Contractual Clauses approved by the European Commission or UK authorities, supplemented where necessary by additional technical and organizational measures.

‍

AI Governance

We utilize pre-approved AI technologies in our services. We are committed to ensuring that AI systems are used responsibly in accordance with and in compliance with relevant laws and regulations, and do not infringe on individual rights. TNI does not engage in automated decision-making, including profiling, that produces legal or similarly significant effects on individuals. Where AI tools are used, they are subject to human oversight and are not trained using personal data unless explicitly disclosed and legally permitted.

‍

Your Rights and Controlling Your Personal Information

You always retain the right to withhold personal information from us, with the understanding that your experience of our website may be affected. We will not discriminate against you for exercising any of your rights over your personal information. If you do provide us with personal information, you understand that we will collect, hold, use and disclose it in accordance with this privacy policy. You retain the right to request details of any personal information we hold about you.

If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email database or opt out of communications. You may also contact us at compliance@truenorthinsights.com. Please be aware that we may need to request specific information from you to help us confirm your identity.

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority about your complaint.

‍

Changes to This Policy

At our discretion, we may update our privacy policy to reflect changes in our business processes, current industry practices, or legislative or regulatory developments. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If required by law, we will get your permission or allow you to opt in to or opt out of, as applicable, any new uses of your personal information.

‍

Contact Us

For any questions or concerns regarding your privacy, you may contact us using the following details:

TNI Compliance at compliance@truenorthinsights.com.

This policy was last updated on 17 February 2026.

‍