Privacy Policy & GDPR Compliance

Your privacy and data protection rights are important to us

Last updated: January 2025

Request Your Data

Get a copy of all data we have about you

Email Request

Delete Your Data

Request complete deletion of your information

Request Deletion

Contact Us

Questions about your privacy rights

privacy@stratagems.com

What Data We Collect

Assessment Data

• Your responses to the 25 assessment questions
• Calculated scores and readiness levels
• Assessment completion timestamp

Contact Information

• Full name
• Company email address (business emails only)
• Company name
• Website (optional)

Technical Data

• IP address (for security and analytics)
• Browser type and version
• Device information
• Usage analytics (anonymized)

How We Use Your Data

Primary Uses

• Generate your personalized assessment report
• Send your report via email
• Provide customer support
• Improve our assessment tool

Legal Basis (GDPR)

• Consent: You explicitly agree to receive reports
• Legitimate Interest: Service improvement
• Contract: Providing the assessment service

Data Storage & Security

Where We Store Data

Your data is securely stored using Supabase (PostgreSQL) with servers located in the EU/US. All data is encrypted in transit and at rest using industry-standard encryption.

How Long We Keep Data

• Assessment data: 3 years (for service improvement)
• Contact information: Until you request deletion
• Analytics data: 2 years (anonymized)

Security Measures

• SSL/TLS encryption for all data transmission
• Database encryption at rest
• Regular security audits and updates
• Access controls and authentication

Your Rights Under GDPR

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data ("right to be forgotten").

Right to Portability

Request your data in a machine-readable format.

Right to Object

Object to processing based on legitimate interests.

Right to Withdraw Consent

Withdraw consent for data processing at any time.

How to Exercise Your Rights: Email us at privacy@stratagems.com with your request. We will respond within 30 days as required by GDPR.

Data Sharing & Third Parties

We do not sell, trade, or rent your personal information to third parties. We only share data with:

• Service Providers: Supabase (database), Resend (email), OpenAI (report generation)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In case of merger or acquisition (with notice)

All third-party providers are GDPR compliant and have appropriate data processing agreements in place.

Contact & Complaints

Data Controller

STRATAGEMS

Email: privacy@stratagems.com

Website: www.stratagems.com

Supervisory Authority

If you're not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection authority.

Policy Updates

We may update this privacy policy from time to time. We will notify you of any material changes by email or by posting a notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised.

This privacy policy complies with GDPR, CCPA, and other applicable data protection regulations.

Back to Assessment