Privacy Policy

01 · What we collect

When you complete the assessment:

• Email address — to send your stress profile and 7-day protocol sequence
• Assessment responses — your answers to the 45 stress pattern questions
• Calculated results — stress scores, multiplier, top patterns, recommended protocols
• Professional context — role type, industry, company size (entered before assessment)
• Device metadata — browser type and OS, for compatibility only

Automatically collected:

• Session storage — stored locally in your browser to preserve progress. Cleared when you close the tab.
• Anonymous analytics — pages viewed, time spent, completion rate. No personal identifiers.

02 · How we use your data

• Generate your results — stress profile, compound load forecast, evidence-ranked protocol recommendations
• Email delivery — your assessment PDF and 7-day protocol sequence via MailerLite
• Product improvement — anonymous aggregated patterns to improve assessment quality
• Relevant communications — workshops, retreats, and programmes matched to your results

03 · Storage and security

• Supabase (PostgreSQL) — secure cloud database on AWS, encrypted at rest and in transit
• MailerLite — GDPR-compliant email platform, used for email delivery only
• Your browser — session storage only, not cookies. Cleared on tab close.

Security measures: End-to-end HTTPS encryption, row-level security database policies, regular audits. No sensitive health data stored beyond self-reported stress levels.

04 · Third-party services

• MailerLite — GDPR-compliant email delivery · Privacy policy
• Supabase — AWS-hosted PostgreSQL database · Privacy policy
• Analytics — privacy-friendly, no cookies, no personal identifiers. Page views and performance metrics only.

05 · Your rights (GDPR & CCPA)

• Access — request a copy of all data we hold about you
• Correction — update inaccurate information
• Deletion — request complete removal ("right to be forgotten")
• Portability — receive your data in machine-readable format (JSON)
• Opt-out — unsubscribe from emails at any time via link in every email
• Objection — object to specific data processing activities

06 · Data retention

• Assessment data — 3 years from last interaction, then automatically deleted. Earlier deletion available on request.
• Email lists — until you unsubscribe (automatic removal from MailerLite)
• Session data — cleared on browser tab close
• Analytics — anonymized, retained 12 months

07 · Additional terms

Children's privacy: This assessment is not intended for individuals under 18. We do not knowingly collect data from minors. Contact us immediately if you believe we have collected information from a minor.

International transfers: Data may be processed in the EU (Supabase, GDPR-compliant) and the US (MailerLite). All transfers comply with GDPR Standard Contractual Clauses.

Cookies: We use no advertising cookies, third-party tracking pixels, or social media trackers. Session storage only — not cookies.

Legal basis for processing (GDPR): Consent (you voluntarily submit your email), legitimate interest (improving the tool and delivering personalized results), and contractual necessity (delivering the service you requested). You may withdraw consent at any time by emailing us or unsubscribing.

Policy updates: We update the date above for any changes. Significant changes are notified by email if you're subscribed. Continued use constitutes acceptance.