QA mode · Tier:PUBLIC(override via ?tier=paid | premium)
← All Vendors
data_enrichment

Hginsights

HG Insights deploys 40 scripts with behavioral biometrics, session recording, and identity resolution capabilities — transforming what is marketed as technology intelligence into a client-side surveillance operation that fires pre-consent on 14% of deployments.

220 IOCs observed1 detections100% pre-consent1 sites
90
Vendor Risk Score
Tier: HOSTILE
Observation Coverage

BLACKOUT observes runtime behavior in the browser. This dossier reflects browser-side execution, which is one of five vendor data-egress classes. Server-to-server transfers, backend integrations, and offline data flows are outside this observation boundary.

BLACKOUT observes runtime behavior and cites the regulations that address that behavior pattern. Legal determinations are the customer's counsel's call.

How This Briefing Works

This dossier opens with key findings, then maps the gap between what Hginsights discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.

Key Findings

At a Glance

Detections
1

across 1 sites

Pre-Consent Rate
100%

vendor fires before consent

Disclosure Gaps
1

1 HIGH

Summary

Briefing

HG Insights is a technology intelligence and data enrichment vendor detected on 26 sites with 28 detections in our observation corpus. The platform provides B2B technology adoption data, but BLACKOUT analysis reveals a client-side footprint that far exceeds data enrichment requirements: defeat device behavior (C01), behavioral biometrics (C06), session recording (C07), consent bypass (C09), device fingerprinting (C10), identity resolution (C14), and tag manager capabilities (C15). With 40 scripts, 2 domains, and 3 cookies, HG Insights operates an extensive behavioral capture infrastructure from what is ostensibly a technographic data platform.

Customer Impact

What This Means For You

If you deploy HG Insights, you are not just adding technology detection to your site — you are installing a 40-script behavioral surveillance infrastructure with identity resolution capabilities. Your visitors' keystroke patterns, mouse movements, and complete browsing sessions are captured and fed into HG Insights' commercial intelligence products. The identity resolution capability means your anonymous visitors are deanonymized and their company affiliations added to a database that your competitors can purchase. Your privacy policy likely describes HG Insights as a "technology intelligence" or "analytics" partner — it is functionally a behavioral data harvester with the ability to identify and profile your visitors for commercial resale.

Collapse Engine

Risk Channel Breakdown

Oracle
Truth Collapse
25

Signal corruption score of 25 reflects HG Insights' identity resolution and fingerprinting capabilities contaminating the boundary between technographic intelligence and behavioral surveillance. When a data enrichment vendor also captures behavioral biometrics and session recordings, the enrichment data itself becomes unreliable — it is unclear where legitimate technology detection ends and behavioral profiling begins.

Broker
Control Collapse
100

Maximum CAC subsidization score (100). HG Insights' 40-script infrastructure captures behavioral biometrics, session recordings, and identity data from your site visitors. As a technology intelligence vendor, this data directly enriches HG Insights' commercial datasets — your visitors' behavioral data becomes a product sold to your competitors for competitive intelligence.

Reaper
Safety Collapse
0

Expands attack surface

Counselor
Legitimacy Collapse
100

Maximum legal tail risk (100). Despite a lower 14% pre-consent rate, HG Insights' 7 BTI behavioral codes create significant regulatory exposure. Behavioral biometrics (C06) and session recording (C07) constitute personal data processing under GDPR. Identity resolution (C14) from a data enrichment vendor means your visitors are being deanonymized to enrich a commercial database — processing most sites have not disclosed or obtained consent for.

BTI Codes

Threat Indicators

Runtime-observed (BTI-C)

BTI-C01
Defeat Device

Evasion infrastructure, auditor bypass

BTI-C06
Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07
Session Recording

Full session replay

BTI-C09
Consent Bypass

Ignoring CMP signals

BTI-C10
Fingerprinting

Device identification

BTI-C14
Identity Resolution

PII deanonymization

BTI-C15
Tag Manager

Container/loader (neutral)

7
BTI Consequences Identified

Per-code narrative explanations of what each detected behavior means for your organization

Available in VIDB Subscription

Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →

Disclosure Gaps

Claims vs. Reality

1
Gaps Observed
1 HIGH

BLACKOUT analyzed Hginsights's public claims against observed runtime behavior and identified 1 contradiction.

Available in VIDB Subscription

Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →

Recommended Actions

What To Do

Recommended Actions
8

4 for current users · 4 for evaluators

Negotiation Leverage
5

contractual leverage points

Available in VIDB Subscription

Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →

Ecosystem

Supply Chain & Pairings

Available in VIDB Subscription

Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →

Profile: hginsightsFirst Seen: 2026-01-22Last Updated: 2026-01-22