EU GDPR compliant.png

PRIVACY POLICY FOR CPS ENNEAGRAM COMPASS

We are fully compliant with the General Data Protection Regulation. Our servers are located within the EU so no data is sent outside the EU jurisdiction. Every individual has rights as to how their personal data is handled, and we recognize the need to treat all such data in an appropriate and lawful manner, according to the classification of such data. Personal data, including sensitive data, are subject to certain legal safeguards with the provisions under the GDPR and we fully comply with these legal guidelines.

At CPS Enneagram Compass all data (personal and otherwise) that we collect as a result of use of our Questionnaire based assessments is handled in accordance with the Privacy Policy outlined below and we can reassure you that we will not share that information for any use whatsoever other than to provide the service for which we have been contracted. This statement explains how we use the personal information that you give us. Please do not send us any personal data about anyone else without their permission.

Legal Basis for Processing

 Our legal basis for processing personal data is legitimate interest. Whenever you give us personal data via our website, you are consenting to its collection and use in accordance with the service we provide and in alignment with this privacy policy.

How Do We Collect Information from You?

 We obtain information about you when you complete our questionnaires. We also collect some data from our website. For example, when you contact us about products and services, when you place an order.

What Information We Collect

The personal information we collect might include your name, order details, email address, and information regarding the pages you access and when. We will only collect your mailing address if you specifically request our newsletter or some other correspondence from us. In addition, we store information you give us about your preferences, interests and typical behaviours as contained within your answers to the questions within the questionnaires. We may also learn about these from your use of our goods and services.

How Will We Use the Information You Give?

 The personal information that we collect is used:

  • to provide you and your coach with a range reports containing your results and related goods or services;

  • for customer administration;

  • for Direct marketing communications (see Direct Marketing Communications section below);

  • to personalise our service to you;

  • to seek your views on products and services;

  • for technical administration of our websites.

We also automatically collect data about visitors to our website (for example on browsing patterns) by using cookies. This data is used only in an anonymous form; no individual is identified. Please see the section on Cookies in this privacy policy for more details.

Future Research and Direct Marketing Communications

We would like to be able to contact you in future with details of research projects we may be conducing; or in relation to further products and services that we think you may be interested in. We will only send you further emails in regards to our future research projects or marketing communications if you directly consent to us doing so- there is a specific question that asks for your consent. We will always contact you by email or other electronic means. We will treat your personal details with the utmost care and will never sell them to other companies for marketing purposes

We use MailChimp to send our email newsletters. By signing up to receive Enneagram Profiling email communications, you agree to the transfer of data to MailChimp.

Updating Your Data, Erasure and Requesting a Copy of Your Records

If you would like to:

  • Update your details

  • Withdraw your consent/opt out of marketing communications

  • Request erasure of the data we hold on you

  • Request a copy of the data records we hold on you (we will endeavour to fulfil the request within twenty four hours but no more than 14 days)

Please contact compass@cpenneagram.com  and we will respond within 24 hours.

Cookies

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to enable a client to return to the same place within a questionnaire should they be interrupted and have to discontinue the session.

Cookies can also be used to store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. We will send you a link to continue the questionnaire so cookies are not essential for you to enjoy our services. It may be that you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers

Data Security

 At Enneagram Compass we demand the highest levels of data security. Our server provider has achieved ISO 27001 certification. We use Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data. Surveys can be protected with passwords and HTTP referrer checking. Our services are hosted by trusted data centres that are independently audited using the industry standard SSAE-16 method. The servers are protected by high-end firewall systems, and scans are performed regularly to ensure that any vulnerabilities are quickly found and patched.

In order to comply with GDPR we understand that data collected from the participant’s PC in Europe cannot be transferred to a server in another jurisdiction such as the US. So that we do not breach EU data protection law our server is located in Ireland. The data we collect in Europe is therefore stored and processed in Europe and is not moved to another jurisdictional area.

Disclosure – Sharing Your Data

We will not disclose your personal information to third parties except:

  • as necessary to fulfil your order(s) for our goods and services and to validate your payment details;

  • to suppliers that process data on our behalf;

  • where we believe, in good faith, that it is necessary to comply with the law or to protect the safety of Enneagram Compass, our customers or their clients, or the public.

  • We may use and disclose aggregated and anonymised information for marketing, product development, strategic or research purposes. In such data, no individual customer will be identifiable.

Credit Card Payments

 For those using the site to purchase access to our services Stripe and PayPal are used to collect personal information related to credit card processing including . Full Name, Email Address, Billing Address, Credit Card number.

Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”)—an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US. To ensure the adequate protection of personal data, we have certified to the EU-U.S. and Swiss-U.S. Privacy Shield.

PayPal are still to provide their understanding of whether they are fully GDPR compliant. Their privacy policy can be read here https://www.paypal.com/uk/webapps/mpp/ua/privacy-prev . PayPal argue that they are compliant with various financial regulation laws but we suggest not using PayPal if this is something you are concerned about.

Sending Result Reports to a Third Party

 Where an individual takes one of our instruments under the direction of one of our professional customers, (such as a consultant, a coach, a line manager, an Enneagram teacher etc.) and Enneagram Compass performs a service hosting, administering and scoring that instrument for the customer, then we will send the individual’s results to that customer in order that they may provide appropriate feedback, or similar service, to the individual who took the instrument. By taking the questionnaire you are giving permission for that Third Party to receive a copy of your report for the sole purpose of aiding your understanding of the Report, and in order for you to derive maximum benefit from the process. In completing the questionnaire you are agreeing for the report to be sent to such a third party. We at Enneagram Compass assume that the data will be used for the developmental purposes outlined here. However, we do not accept any responsibility whatsoever for the actions of our third party customers. Enneagram Compass is therefore not responsible for the use, storage or distribution of such data, or the consequences thereof that may arise as a result of such actions.

Retention Period - Anonymisation

Personal data shall be kept for no longer than is necessary for the purposes for which it is being processed. Questionnaire responses will be identifiable with name and email address but will be anonymised twenty four months after the completion of the questionnaire. This time period allows for the client to complete further questionnaires and benefit from the information contained in their previous responses. All other personal data is destroyed once the report has been sent. All personal data and questionnaire responses will be deleted within 48 hours of Enneagram Compass receiving a request from a client to do so.

Research

We use data collected through completion of our psychometric questionnaires for research purposes in order to produce statistics of the type described in our technical product manuals, eg psychometric norms and validity data. You may be asked, as part of the testing process, to give your consent to the use of your personal data for research purposes, and to answer additional research questions. If you decline from doing so, certain data is not collected or used for research purposes. If you do consent, the personal data collected may include sensitive personal data where you have submitted such but this will only be used for research purposes. In such instances your data will be stored in an identifiable form beyond the normal twenty four month period so that your future responses can be compared with those you have already offered. An example might be a validity study where your responses on one questionnaire are compared with those of another that you have taken three years previously.

Links to other sites

This policy applies only to information collected by Enneagram Compass. Links within our sites to those of other organisations are not covered by this policy.

Changes to this policy

This privacy policy was last updated in February 2023. Enneagram Profiling reserves the right to modify or update the policy from time to time.

Contact Us

Enneagram Compass is a trading name, it is a subsidiary that is wholly owned by Sullivan Business psychologists (uk) ltd. If you have any questions about this privacy policy, or wish to opt out of direct marketing or you wish to update or request any information about or copies of your personal data held by us, please e-mail: compass@cpenneagram.com : or write to us at;

 

Compass Enneagram Test

Sullivan Business Psychologists

138 Lennard Road

London SE10 8QT

United Kingdom