You can download this policy here

TermSet (registered as ‘Document Insights’) offers software tools on multiple platforms to enhance document management using the latest AI technology with enriched metadata and PII info to help organisations comply with the new GDPR legislation which comes into effect on Friday 25th May, 2018. TermSet understands the importance of protecting personal information. For this reason, TermSet strives to have business procedures and security safeguards in place to protect personal information under its control.

Application and Scope:

This Privacy Policy (“Policy”) is intended to establish responsible and transparent practices for the management of personal information and to satisfy the relevant and applicable legal requirements. This Policy sets out the standards, responsibilities and obligations of TermSet in respect of any personal information collected, accessed or processed by TermSet in the course of its business operations and specifies the obligations of TermSet that arise from the End user license, maintenance and support agreement (the “EULA”) governing the use of TermSet Product and from the Terms of Service (the “Terms”) governing the use of SGO Product, entered into between TermSet and its corporate customers (each, a “Customer”), whereby TermSet might handle or have access to personal information.

This Policy also governs personal information collected about TermSet’s website users and explains how TermSet uses and discloses personal information collected from people who visit its website and otherwise interact with TermSet through (the “website”). It also explains how TermSet uses cookies and similar technologies.

International Compliance:

TermSet complies with: (i) data protection laws applicable to TermSet; and (ii) applicable industry standards concerning data protection, confidentiality or information security. TermSet has no global operations and therefore information managed by Termset is not at risk of being transferred, processed and stored in other countries., although at all times, TermSet will ensure that personal information is protected by confidentiality and security procedures and protections that are, at a minimum, equivalent to those employed by TermSet itself.

Definition of Personal Information:

Personal information is defined as “any information about an identifiable individual”. This may include, for example, email addresses and contact details and any similar information provided to TermSet in the course of its business operations, or which TermSet may receive from business inquiries. Personal information that is aggregated and cannot be associated with an identifiable individual is not considered to be personal information.

Collection and Use of Personal Information through the Products and Services:

When providing products and services, TermSet only processes personal information in accordance with the EULA, the Terms and applicable laws. TermSet generally uses personal information from or about its Customers or which is received from Customers and belongs to their own customers or end users (hereinafter referred to as “Customer’s Personal Information”) for the following purposes:

to create, establish and administer Customer’s subscription to TermSet products and services, to respond to Customer inquiries related to its subscription and to contact Customer about TermSet’s products and services or subscription -related matters;

to provide products, including to provide Customer with TermSet Product and customer support related to TermSet Products;

to measure and analyse user behaviour in order to, among others, monitor, maintain and improve TermSet’s products, services or features and to create new products, services or features;

to meet legal and regulatory requirements and to allow TermSet to meet contractual requirements relating to the products and services provided to Customer;

to conduct surveys on the quality of TermSet products and services or to collect feedbacks on the products and services; and

to provide Customer with offers for additional products and services that TermSet believes may be of interest to Customer.

Unless required or authorised by law, when providing products and services, TermSet will not use personal information for any other or new purpose without obtaining its Customers’ consent.

Collection and Use of Personal Information through the Website:

TermSet generally collects and uses personal information from or about its website users as follows:

Information provided by users: In many cases, TermSet collects personal information directly from users when they visit or use the website. For instance, TermSet may collect the following types of information:

Enquiries: TermSet may collect users’ name, contact information, e-mail address and any information provided when users make an enquiry or contact TermSet through the website, download documentation or gated content from the website, sign up for a webinar through the website and/or sign up to receive TermSet’s newsletter/blog updates. TermSet will only use this information to process and answer users’ request or to manage TermSet everyday business needs in connection with such request. However occasionally TermSet may send offers for additional products and services that TermSet believes may be of interest to Customer based on the information that was submitted. TermSet will always offer the ability to unsubscribe and subscription preferences can be updated any time by contacting

Requests for a Trial and/or Product and/or Service. TermSet may collect users’ name, contact information, e-mail address and any other information provided to TermSet when users submit a request or an order for a TermSet trial and/or product and/or service. TermSet will only use this information to process and answer users’ request or to manage TermSet everyday business needs in connection with such request. However occasionally TermSet may send offers for additional products and services that TermSet believes may be of interest to Customer based on the information that was submitted. TermSet will always offer the ability to unsubscribe and subscription preferences can be updated any time by contacting

Personalisation of Website: When users visit the website, they may, from time to time, be invited to provide information such as user’s title and company size to help TermSet personalise or customise the users experience when using the website.

Technical information: When users visit the website, TermSet may collect, using electronic means such as cookies, technical information. This information may include information about visits to the website, including IP address of the users’ computer and which browser was used to view the website, the users’ operating system, resolution of screen, location, language settings in browsers, the site the user came from, keywords searched (if arriving from a search engine), the number of page views, information entered, advertisements seen, etc. This data is used to measure and improve the effectiveness of the website or enhance the experience for users. While most of the time this information is depersonalised, if this information relates to an identifiable individual, TermSet will treat this information as personal information. TermSet may also, without limitations, collect and use the following type of information when users visit and/or interact with TermSet on the website:

Google Analytics: TermSet uses Google Analytics which allows it to see information on user website activities including, but not limited to, page views, source and time spent on our website. This information is depersonalised and is displayed as numbers, meaning that it cannot be tracked back to individuals. Users may opt-out of TermSet’s use of Google Analytics by visiting the Google Analytics opt-out page.

Lead Forensics: TermSet uses Lead Forensics ( which allows TermSet to see information on user website activities including, but not limited to, page views, source and time spent on our website. However, this information is depersonalised. Through our Lead Forensic portal, we have access to a data base of contacts of which we can access to establish a business contact from ‘Said’ business that has been actively interacting with our website for 30 seconds or more and meets the Legitimate Interest Assessment (LIA) set out by the  ICO. You can access Lead Forensics full privacy policy HERE

Google AdWords: TermSet uses Google AdWords Remarketing to advertise TermSet across the Internet and to advertise on third party websites (including Google) to previous visitors to the website. AdWords remarketing will display ads to users based on what parts of the TermSet website they have viewed by placing a cookie on the users’ web browser. It could mean that TermSet advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the user or give access to the users’ computer or mobile device. The cookie is only used to indicate to other websites that the user has visited a particular page on the website, so that they may show the user ads relating to that page. If users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager.

Interest-based Advertising: TermSet may also allow a limited number of trusted third parties to install cookies on users’ hard drive from the website. The website may include third-party advertising and links to other websites which may be used to generate personalised advertisements. Personalised ads, sometimes referred to as interest-based or behavioural ads, are ads based upon information about users, such as page views on the website, information requests or purchases on the website. TermSet does not provide any personal information to advertisers or to third party sites that display interest-based ads on the website. However, advertisers and other third-parties (including the ad networks, ad-serving companies, and other service providers they may use) may assume that users who interact with or click on a personalised ad or content displayed on the website are part of the group that the ad or content is directed towards. Advertisers or ad companies working on their behalf sometimes use technology to serve the ads that appear on the website directly to users’ browser. They may also use cookies to measure the effectiveness of their ads and to personalise ad content. TermSet does not have access to or control over cookies or other features that advertisers and third-party sites may use, and the information practices of these advertisers and third-party websites are not covered by this Policy. Please contact them directly for more information about their privacy practices.

Choice with Cookies: Users can block the use of cookies by activating the settings in their browser. The “Help” feature on most browsers will tell users how to prevent their browser from accepting new cookies, how to have the browser notify the users when they receive a new cookie, or how to disable cookies altogether. If users choose to withhold consent, or subsequently block cookies, they may not be able to access all or part of the content of the website. Additionally, users can disable or delete similar data used by browser add-ons, by changing the add-on’s settings or visiting the website of its manufacturer.

Privacy Policies of other Websites: This Policy only addresses the use and disclosure of information by TermSet. Other websites that may be accessible through the website have their own privacy policies and data collection, use and disclosure practices.

Personal Information from other Sources: TermSet may obtain from third parties additional personal information about a website user if such user gave permission to those third parties to share its information

Sharing of Personal Information:

TermSet will not sell, rent or trade personal information to any third party. However, TermSet may share personal information when authorised and/or required by law or as follows:

Service providers: TermSet may grant access to personal information to third party services providers in connection with the performance or the improvement of its website, services and products. Before sharing any personal information with any of its third-party service providers, TermSet will ensure that the third party maintains reasonable data management practices for maintaining the confidentiality and security of personal information and preventing unauthorised access.

As permitted or required by law: TermSet may disclose personal information as required by applicable law or by proper legal or governmental authority. TermSet may also disclose information to its accountants, auditors, agents and lawyers in connection with the enforcement or protection of its legal rights. TermSet may also release certain personal information when it has reasonable grounds to believe that such release is reasonably necessary to protect the rights, property and safety of others and itself, in accordance with or as authorised by law. In the event TermSet receives a governmental or other regulatory request for any Customer’s Personal Information, it agrees to immediately notify Customer in order that Customer shall have the option to defend such action. TermSet shall reasonably cooperate with Customer in such defence.

Business transaction: TermSet may disclose personal information to a third party in connection with a sale or transfer of business or assets, an amalgamation, re-organization or financing of parts of our business. However, in the event the transaction is completed, personal information will remain protected by applicable data protection laws. In the event the transaction is not completed, TermSet will require the other party not to use or disclose the personal information received in any manner whatsoever and to delete such information.

Security of Personal Information:

TermSet will store and process the personal information in a manner consistent with industry security standards. TermSet has implemented technical, organisational and administrative systems, policies, and procedures to help ensure the security, integrity and confidentiality of personal information and to mitigate the risk of unauthorised access to or use of personal information, including (i) appropriate administrative, technical and physical safeguards and other security measures designed to ensure the security and confidentiality of the personal information it manages; (ii) a security design intended to prevent any compromise of its own information systems, computer networks or data files by unauthorised users, viruses or malicious computer programs; (iii) appropriate internal practices including, but not limited to, encryption of data in transit or at rest; using appropriate firewall and antivirus software; maintaining these countermeasures, operating systems and other applications with up-to-date virus definitions and security patches so as to avoid any adverse impact to the personal information that it manages; appropriate logging and alerts to monitor access controls and to assure data integrity and confidentiality; permitting only authorised users access to systems and applications; and (iv) all persons with authorised access to personal information must have a genuine business need-to-know prior to access (“Security Program”).

Training and Supervision:

TermSet maintains adequate training programs to ensure that its employees and any others acting on its behalf are aware of and adhere to its Security Program. TermSet shall exercise necessary and appropriate supervision over its relevant employees to maintain appropriate confidentiality and security of the personal information it manages.

Data Incidents involving Customer’s Personal Information:

TermSet shall immediately notify Customer of any reasonably suspected or actual loss of data or breach or compromise of its Security Program which has or may result in the loss or unauthorised access, disclosure, use or acquisition of Customer’s Personal Information (including hard copy records) or otherwise presents a potential threat to such information (“Data Incident”). While the initial notice may be in summary form, a comprehensive written notice shall be given within 48 hours to Customer. The notice shall summarise in reasonable detail the nature and scope of the Data Incident (including each data element type) and the corrective action already taken or to be taken by TermSet. TermSet shall promptly take all necessary and advisable corrective actions, and shall cooperate fully with Customer in all reasonable efforts to mitigate the adverse effects of Data Incident and to prevent its recurrence.

Request to Object:

In all correspondence with you we will give you the right to object from receiving further correspondence from TermSet.  On any emails you receive from TermSet there will be the option to ‘unsubscribe’ from receiving any further email correspondence.  If you receive a telephone call from us, you have the right to request not to receive any further calls. TermSet has a CRM system, your request to object will be logged within our CRM system to ensure that you do not receive any further calls.

Should you wish to object to receiving communication from TermSet, you can do so in a variety of ways:

  • Please click the ‘unsubscribe’ link at the bottom of every email
  • If you have received a call, please tell the representative that you do not wish to receive any further communication
  • Please call (+44) 0203 086 8080 and ask to speak with the Data Compliance Team

You can also make your request by emailing: 

Or by writing to:

Data Compliance, TermSet, Unit 19 , Malvern Science Park, Geraldine Road, WR14 3SZ,

All requests will be processed within 30 days. Your details will be added to a suppression file to ensure that your details cannot be processed by the TermSet (Hubspot) CRM system in the future. Please note this applies only to the processing of your personally identifiable data, not that of the business data which does not fall under the remit of GDPR.

Request for Deletion

It is important to understand the difference between a right to object and a request for deletion.  If you make a request for deletion, we will remove any data we hold about you from the TermSet (Hubspot) CRM system. This will also mean that we will remove you from our suppression files.  If you are removed from our suppression files, there is a risk that your data may be processed again in the future if your details are re-added to our CRM system by a member of our sales team who genuinely believes that your business would benefit from TermSet.  If you do not wish for us to contact you again about TermSet, we would recommend you request to object rather than a request for deletion, as this will ensure that your details are always suppressed from processing.

The option however is yours, and in either case we will process your request within 30 days.

Please make your request in writing by emailing:

Or by writing to:

Data Compliance, TermSet, Unit 19 , Malvern Science Park, Geraldine Road, WR14 3SZ

Request for Data Held;

You may request that we send you all of the data we hold that relates to you.  Please make your request in writing;

By emailing:

Or by writing to:

Data Compliance, TermSet, Unit 19 , Malvern Science Park, Geraldine Road, WR14.

We will process and respond to your request within 30 days, this service will be free of charge.

How to Contact Us

Any questions or complaints regarding this Policy or TermSet’s handling of personal information can be addressed by sending an email to or

Change of Privacy Policy:

This policy was last reviewed and updated on the 23rd May,2018.  Policies are periodically reviewed to ensure compliance with the current compliance environment.

For questions relating to this policy, please contact