Last updated: June 23rd 2026
Introduction
Equin Limited ("Equin", "we", "our" or "us") is committed to protecting personal data and respecting privacy.
This Privacy Notice explains how Equin Limited collects, uses, stores, shares and protects personal data when you interact with us. This includes using our websites, products and services, attending our events, contacting our support team, applying for a role with us, or otherwise engaging with us. It applies across:
equin.co.uk
Insight (insighttracking.com)
Insight Inform (insightinform.co.uk)
DISCO (disco.org.uk)
If you have any questions about this Privacy Notice or how we handle personal data, please email: dpo@equin.co.uk
Who We Are
Equin Limited is a company registered in England with company number 06347232 and registered address: Unit G Pattern Shop, Trevoarn, Hayle, Cornwall, TR27 4EZ.
ICO data protection reference: Z1904040
Postal Address: Unit 6482, PO Box 6945, London, W1A 6US
Equin provides software and services to schools, trusts and educational organisations.
Our Role
For most educational data processed within Insight, the school or trust is the Data Controller and Equin acts as a Data Processor.
For our websites, events, marketing, recruitment, customer support and sales, Equin acts as the Data Controller.
Parents wishing to exercise rights relating to pupil information held in Insight should normally contact the relevant school or trust first.
Controller and Processor Activities
Activity | Role | Data | Purpose |
Insight pupil records | Processor | Pupil and assessment data | Provide software services |
Insight user accounts | Processor | Staff account information | Software access management |
Customer support and sales | Controller / Processor | Support communications | Provide sales and support |
Website visitors | Controller | Website usage information and form submissions | Operate websites and respond to enquiries |
Events and webinars | Controller | Registration information | Manage attendance and event-related functions |
Recruitment | Controller | Applications and CVs | Recruit staff |
Marketing | Controller | Contact information | Send relevant product updates and marketing communications |
Testimonials and contributor content | Controller | Name and content | Marketing and educational content |
Personal Data We Collect
Depending on the nature of your relationship with us we may collect:
Names, job titles and contact details.
User account information.
Pupil and assessment information uploaded by customers.
Support tickets, emails, call recordings and attachments.
Event registrations and attendance information.
Recruitment information including CVs, interview notes and references.
Marketing preferences.
Technical logs and diagnostic information.
Website analytics information.
We may collect publicly available information about you and your school which is available from external sources, including the government’s Get Information About Schools service and school or trust websites. Personal information collected this way may include your name, phone number, email address and role. This may be combined with non-personally identifiable information about you, your school, and any trusts or other groups that your school may belong to, including your position at your school, the school’s and/or trust’s name, contact and DfE details. If we contact you using information from a third party, we will tell you where we obtained your contact details.
How We Use Personal Data
We only use personal data where we have a lawful reason to do so.
Processing Activity | Legal Basis | Purpose |
Providing contracted services | Contract | Deliver Insight and related services |
Customer sales and support | Contract / Legitimate Interests | Sales and onboarding, resolve issues and improve support |
Service improvement | Legitimate Interests | Improve products and documentation |
Events and webinars | Legitimate Interests / Contract | Deliver events |
Recruitment | Legitimate Interests | Assess candidates |
Marketing | Consent or Soft Opt-In | Send relevant communications |
Regulatory compliance | Legal Obligation | Meet legal obligations |
Use of AI in Customer Support
We use AI tools to generate summaries of customer support requests.
These tools:
Are hosted within our secure cloud environment.
Are used for support and service improvement.
Do not make decisions about individuals.
Do not use customer data to train AI models.
Do not share data with third parties.
Website Analytics and Cookies
Our websites are designed to protect visitor privacy while allowing us to understand usage by providing aggregated analytics information.
Our analytics software:
Does not use advertising cookies.
Does not use third-party tracking cookies.
Does not build individual visitor profiles.
Marketing Communications
We may send newsletters, product updates, educational content and service announcements.
Marketing communications are managed using appropriate services that support mailing list management, unsubscribe handling and engagement monitoring. All communications are compliant with the Privacy and Electronic Communications Regulations (PECR).
Sharing Information
We may share certain personal data:
With our service providers, such as for cloud storage, technical analysis, customer support, accounts and billing, business intelligence analytics, event management and other purposes.
In aggregated or anonymised form, using anonymisation and pseudonymisation techniques, for analysis or with our partners for marketing and strategic development purposes.
Where we have consent to do so.
Where we are required to or permitted to in order to comply with our legal, regulatory, financial and professional obligations, to protect our rights, property and safety of others.
If we or substantially all our assets are merged or acquired by a third party and personal data forms part of the transferred or merged assets.
We do not sell personal data.
International Transfers
Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are implemented in accordance with UK GDPR requirements.
Retention Schedule
Record Type | Typical Retention |
Emails | Up to 36 months |
Call recordings | Up to 12 months |
Event registrations | Up to 24 months |
Recruitment records | Up to 12 months |
Marketing contacts | Reviewed after 36 months inactivity |
Security
We maintain appropriate technical and organisational measures designed to protect personal data against accidental or unlawful loss, destruction, alteration, disclosure or access.
Access to personal data is limited to authorised employees who are trained, bound by confidentiality obligations and subject to access controls and logging where appropriate.
Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
The right to be informed about how we collect and use your personal data.
The right of access to the personal data we hold about you.
The right to rectification of inaccurate or incomplete personal data.
The right to erasure of your personal data in certain circumstances.
The right to restrict processing of your personal data in certain circumstances.
The right to data portability, allowing you to obtain and reuse your personal data across different services.
The right to object to the processing of your personal data in certain circumstances.
Rights relating to automated decision-making and profiling.
For more information about these rights and when they apply, please visit the UK Information Commissioner's Office (ICO) website.
To exercise any of your rights, please contact us at dpo@equin.co.uk. We may need information to verify your identity and locate the information relevant to your request.
Complaints
If you have concerns about how personal data has been handled, please contact dpo@equin.co.uk
We will:
Acknowledge complaints within 30 days.
Investigate concerns appropriately.
Keep complainants informed where appropriate.
Respond without undue delay.
Further details are available in our Data Protection Complaints Policy.
You also have the right to complain to the UK Information Commissioner’s Office (ICO).
Changes to this Notice
We may update this notice from time to time. The latest version will always be available on our website.