Privacy Policy

Last Updated: January 2025

Our Commitment to Privacy

FactorFactory is committed to protecting the privacy and security of all personal information entrusted to us. This policy describes how we collect, use, and protect your data.

Information We Collect

Partner Account Information

• Name and contact information
• Organization details
• Account credentials
• Payment information

Assessment Data

• Assessment taker information (as provided)
• Assessment responses
• Scores and results
• Demographic information (optional)

Usage Information

• Platform usage analytics
• Assessment administration data
• Technical information (IP address, browser)

How We Use Information

We use collected information to:

• Provide assessment services
• Generate assessment reports
• Process payments and commissions
• Improve our services
• Comply with legal obligations
• Communicate with partners

Data Security

We implement enterprise-grade security measures:

• TLS 1.3 encryption for all data in transit
• AES-256 encryption for data at rest
• SOC 2 Type II certified infrastructure (Heroku/AWS)
• Physically secure, redundant data centers with 24/7 monitoring
• Multi-factor authentication and role-based access controls
• Regular third-party security audits and penetration testing
• Employee background checks and data protection training
• Automated intrusion detection and prevention systems

Data Sharing

We do not sell or rent personal information. We share data only:

• With your explicit consent
• To provide requested services
• As required by law
• With service providers under strict agreements

Your Rights

You have the right to:

• Access your personal information
• Correct inaccurate data
• Request deletion of your data
• Opt-out of marketing communications
• Data portability where applicable

GDPR Compliance

For EU residents, we comply with GDPR requirements including:

• Lawful basis for processing
• Data minimization
• Purpose limitation
• Data subject rights
• Data protection by design

Data Retention

We retain data only as long as necessary for:

• Providing services
• Legal compliance
• Legitimate business purposes

Contact Us

For privacy questions or to exercise your rights, contact:

Email: [email protected]

Data Protection Officer: Available upon request