Privacy Policy
At HR Insights Lab, we treat your data the way we treat HR data in practice: with rigour, transparency, and purpose. This Privacy Policy explains what information we collect, why we collect it, how we use it, and what rights you have over it.
This policy applies to all visitors, subscribers, and users of hrinsightslab.com (the “Site”), including the blog, newsletter, downloadable resources, and any associated digital properties.
1. Information we collect
We collect only the data necessary to deliver content, improve user experience, and communicate with our audience. We follow a data minimisation principle: if we do not need it, we do not collect it.
Information you provide directly
- Newsletter subscription: Your email address when you subscribe to the HR Insights Lab newsletter.
- Contact forms: Your name, email address, and any message content you submit through contact or feedback forms.
- Comments: Your name, email address, and comment text when you leave a comment on a blog post.
- Downloadable resources: Your email address (and optionally, your job title or organisation type) when you download templates, checklists, or guides.
Information collected automatically
- Device and browser data: IP address, browser type and version, operating system, screen resolution, and device type.
- Usage data: Pages viewed, time spent on pages, referring URLs, click patterns, and scroll depth.
- Location data: Approximate geographic location derived from your IP address (country and city level only).
- Cookies and similar technologies: See Section 3 for full details.
2. How we use your information
We use your data for defined, legitimate purposes. Every use case listed below ties directly to delivering, improving, or communicating about our content.
| Purpose | Data used | Legal basis |
|---|---|---|
| Deliver newsletter content | Email address | Consent (opt-in) |
| Respond to enquiries | Name, email, message content | Legitimate interest |
| Analyse site performance and content engagement | Usage data, device data, IP address | Legitimate interest |
| Improve user experience and content strategy | Usage data, scroll depth, click patterns | Legitimate interest |
| Prevent spam and ensure site security | IP address, browser data | Legitimate interest |
| Deliver downloadable resources | Email address, optional job title | Consent (opt-in) |
| Comply with legal obligations | As required by applicable law | Legal obligation |
We do not sell your personal information. We do not use your data to build advertising profiles. We do not share your email address with third-party marketers.
3. Cookies and tracking technologies
Cookies are small text files stored on your device when you visit the Site. We use them to understand how readers interact with our content and to maintain basic site functionality.
Types of cookies we use
| Cookie type | Purpose | Duration |
|---|---|---|
| Essential / Technical | Required for core site functionality: navigation, form submissions, security. These cannot be disabled without breaking the Site. | Session or up to 1 year |
| Analytical / Performance | Help us understand which articles are read, how long readers stay, and which sections generate the most engagement. We use this data to improve content quality. | Up to 2 years |
| Functional | Remember your preferences such as cookie consent choices, comment form details, and display settings. | Up to 1 year |
| Marketing / Advertising | Used by third-party platforms (e.g., social media embeds) to track browsing activity across sites. We minimise these and disclose them transparently. | Up to 2 years |
Managing your cookie preferences
When you first visit the Site, you will see a cookie consent banner that allows you to accept or reject non-essential cookies. You can change your preferences at any time through the cookie settings link in the Site footer.
You can also control cookies through your browser settings. Most browsers allow you to block or delete cookies. Note that disabling essential cookies may affect site functionality.
4. Third-party services
We use a limited number of third-party services to operate the Site. Each service has its own privacy policy, and we encourage you to review them.
| Service | Purpose | Data accessed |
|---|---|---|
| WordPress | Content management and hosting | Usage data, comments, form submissions |
| Google Analytics | Website traffic analysis and content performance | Anonymised usage data, IP address (truncated), device info |
| Email service provider | Newsletter delivery and subscriber management | Email address, open rates, click rates |
| Social media platforms | Share buttons and embedded content (LinkedIn, Twitter/X, Instagram) | May set their own cookies when embeds load |
| Anti-spam services | Spam filtering on comments and forms | IP address, form submission content |
We evaluate every third-party integration against a simple test: does it serve the reader, or does it serve the vendor? If a tool does not directly improve your experience on the Site, we do not use it. We do not integrate tracking pixels from data brokers, and we do not participate in real-time bidding or programmatic advertising networks.
5. Data sharing and disclosure
We do not sell, rent, or trade your personal data. Period.
We may share limited data in the following circumstances:
- Service providers: With trusted third-party service providers who process data on our behalf (hosting, email delivery, analytics) under strict data processing agreements.
- Legal requirements: If required by law, regulation, legal process, or enforceable government request.
- Protection of rights: To protect the rights, property, or safety of HR Insights Lab, our users, or the public as required or permitted by law.
- Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.
6. Data retention
We retain your personal data only for as long as necessary to fulfil the purposes described in this policy.
- Newsletter subscribers: Your email address is retained until you unsubscribe. Every email includes a one-click unsubscribe link.
- Contact form submissions: Retained for up to 12 months, then deleted unless an ongoing conversation requires longer retention.
- Comments: Retained indefinitely as part of the published content, unless you request deletion.
- Analytics data: Aggregated and anonymised analytics data is retained for up to 26 months. Individual-level data is not retained beyond this period.
- Server logs: Retained for up to 90 days for security and debugging purposes.
7. Your rights
Depending on your location, you may have the following rights regarding your personal data. We honour these rights regardless of where you are based, to the extent technically feasible.
For all users
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, subject to legal retention requirements.
- Unsubscribe: Opt out of newsletter communications at any time via the unsubscribe link in every email.
Additional rights under GDPR (EEA, UK, Switzerland)
- Restriction of processing: Request that we limit how we use your data.
- Data portability: Receive your data in a structured, commonly used, machine-readable format.
- Objection: Object to processing based on legitimate interest.
- Withdraw consent: Where processing is based on consent, withdraw that consent at any time.
- Lodge a complaint: File a complaint with your local data protection authority.
Additional rights under CCPA / CPRA (California residents)
- Right to know: Request disclosure of the categories and specific pieces of personal information collected.
- Right to delete: Request deletion of personal information collected.
- Right to opt out: We do not sell personal information. If this changes, we will provide a “Do Not Sell or Share My Personal Information” link.
- Non-discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, contact us at privacy@hrinsightslab.com. We will respond within 30 days (or within the timeframe required by applicable law).
8. International data transfers
Your data may be transferred to, stored in, and processed in or other countries where our service providers operate.
Where we transfer data outside your jurisdiction, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission where applicable, or reliance on service providers who participate in recognised data protection frameworks.
9. Children’s privacy
HR Insights Lab is a professional publication designed for HR practitioners, Talent Acquisition specialists, and HR leaders. The Site is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will delete it promptly.
10. Changes to this policy
We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other operational factors. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify newsletter subscribers via email.
We encourage you to review this policy periodically. Your continued use of the Site after changes constitutes acceptance of the updated policy.
11. Contact us
If you have questions about this Privacy Policy, want to exercise your data rights, or have concerns about how your information is handled, reach out to us:
HR Insights Lab
Email: privacy@hrinsightslab.com
Website: hrinsightslab.com
For general enquiries: hello@hrinsightslab.com
This privacy policy was drafted with the same standard we apply to all HR Insights Lab content: precise, transparent, and practitioner-focused. No legalese for the sake of legalese.