Glocal Insight

Legal

Privacy policy

Last updated May 19, 2026

Glocal Insight LLC ("Glocal Insight," "we," "us") respects your privacy. This policy explains what personal information we collect through www.glocalinsight.com, how we use it, who we share it with, and the rights you have over your information.

1. Who we are

Glocal Insight LLC is a US-based ISO management system consulting firm registered in Kansas. We are the data controller for any personal information processed through this website. You can contact us about privacy matters at .

2. Information we collect

We collect information in three ways.

2.1 Information you provide directly

When you fill out our contact form, request a scope call, or sign up for our newsletter, we collect the information you choose to share — typically your name, email address, company, role, the type of engagement you are considering, and any free-text message you include. Form fields marked optional do not need to be completed.

2.2 Information collected automatically

When you visit this website, our infrastructure providers (Cloudflare and the underlying hosting service) automatically log basic technical information: your IP address, browser type, device type, referring URL, pages visited, and timestamps. This data is used for security, fraud prevention, and aggregate site analytics. We use Cloudflare Web Analytics, a privacy-respecting and cookieless analytics service. We do not use Google Analytics or any cookie-based tracking on this site.

2.3 Cookies

This site does not set any first-party tracking cookies. Cloudflare, our CDN and security provider, may set strictly necessary cookies required for site security, bot protection, and DDoS mitigation. We do not have access to or use these cookies for tracking. Because we set no analytics or marketing cookies, no cookie consent banner is required under GDPR or ePrivacy directives.

3. How we use your information

We use the information we collect to:

  • Respond to inquiries you initiate through the contact form
  • Schedule and conduct scope conversations with prospective clients
  • Send our newsletter to subscribers who have opted in
  • Provide ISO consulting services we agree to under separate engagement
  • Maintain site security and prevent abuse
  • Comply with legal obligations
  • Operate and improve the website

We do not use your information for automated decision-making, profiling, cross-context advertising, or any purpose beyond what you would reasonably expect from a B2B consulting firm you contacted directly.

4. Third-party services

We use a small number of third-party services that process limited personal information on our behalf as data processors. Each is bound by its own privacy policy and applicable data processing agreements.

  • Formspree — processes contact form submissions and delivers them to our email inbox. Formspree is a US-based service. See Formspree's privacy policy.
  • Zoho Mail — our business email provider. Email you send to us is delivered to and stored in our Zoho Mail mailbox. See Zoho's privacy policy.
  • Beehiiv — our newsletter platform. If you subscribe to our newsletter, your email address is stored at Beehiiv until you unsubscribe. See Beehiiv's privacy policy.
  • Cal.com — our calendar booking provider. If you schedule a meeting with us via the embedded calendar, Cal.com processes your name, email, and the meeting details. See Cal.com's privacy policy.
  • Cloudflare — our CDN, DNS, and security provider. Cloudflare processes website traffic on our behalf and operates the cookieless analytics on the site. See Cloudflare's privacy policy.

We do not sell, rent, or trade personal information to any third party for their own marketing purposes.

5. Data retention

We retain personal information only as long as needed for the purposes described in this policy:

  • Contact form submissions: retained for three years from receipt, then deleted, unless they become part of an active client engagement record.
  • Newsletter subscriptions: retained until you unsubscribe, at which point your email is removed from the active mailing list within 30 days.
  • Client engagement records: retained for seven years following the conclusion of an engagement, consistent with US professional services records-retention norms and applicable tax / regulatory obligations.
  • Server and analytics logs: retained according to our providers' default retention windows (typically 30 days for raw logs).

6. Data security

We protect personal information through a combination of technical and organizational controls, including TLS encryption for all data in transit, encrypted storage at our infrastructure providers, access controls limiting personal information access to authorized personnel only, and reasonable administrative safeguards consistent with US small-business B2B norms. No system is perfectly secure; we will notify affected individuals of any data breach in compliance with applicable law.

7. Your rights

Depending on where you live, you may have specific rights regarding your personal information. We honor reasonable requests from any visitor regardless of jurisdiction.

7.1 If you are in the European Economic Area or United Kingdom (GDPR)

You have the right to access, correct, update, port, restrict, or delete personal information we hold about you; to object to certain processing; and to withdraw consent at any time where processing is based on consent. You also have the right to lodge a complaint with your local supervisory authority.

7.2 If you are a California resident (CCPA / CPRA)

You have the right to know what categories of personal information we collect about you and how it is used; to access the specific pieces of personal information we hold; to request deletion; to correct inaccurate information; and to opt out of any "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined in the CCPA / CPRA.

7.3 Other US state privacy laws

Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy laws have substantially similar rights. We will honor requests to access, correct, or delete your personal information in line with applicable state law.

7.4 How to exercise your rights

To exercise any of these rights, please email us at with the subject line "Privacy request." We will verify your identity and respond within 30 days, or sooner if required by applicable law.

8. International data transfers

Glocal Insight is based in the United States. If you are located outside the US, personal information you provide will be transferred to and processed in the US. By submitting information through this website, you consent to that transfer. Our third-party processors listed above maintain GDPR-compliant data transfer mechanisms.

9. Children's privacy

This website is not directed to children under 16. We do not knowingly collect personal information from children. If we learn that we have collected such information, we will delete it promptly.

10. Changes to this policy

We may update this privacy policy from time to time. The "Last updated" date at the top of this page indicates when the policy was last revised. Material changes will be flagged in our footer for a reasonable period and, where required, communicated to affected individuals.

11. Contact

Privacy questions and requests can be sent to .