Privacy Policy

Account and profile data. Your name, email address, and professional role, provided when you are invited to the platform or create an account.

MQ Assessment responses and scores. Your answers to the MQ assessment questionnaire and the resulting dimension scores. These are used to personalise your coaching experience.

Coaching conversation content. The messages you exchange with your AI coach in the coaching room. These are stored to maintain continuity within and across sessions.

Personal notes. Anything you write in the My Notes section of the platform. These are stored securely and are private to you.

Values ratings. If your organisation has set up a Values in Action check-in, your self-ratings against company values and behaviours are stored and used to personalise coaching.

360 feedback responses. If you participate in or request 360 feedback, the responses and themes are stored and used to inform your coaching experience.

Usage data. Session counts, login activity, and engagement metrics (for example, whether you have completed the assessment). This is used to improve the platform and generate anonymised cohort-level reporting.

We use your personal data to provide, personalise, and improve the MQ platform. Specifically:

To deliver coaching. Your assessment scores, conversation history, and values ratings are used to generate personalised coaching responses. This processing is necessary to perform our contract with you.

To maintain continuity. A brief summary of key themes from your coaching sessions is stored so your coach can build on previous conversations. You can request deletion of this memory at any time.

To send reminders and nudges. We may send you email reminders, coaching nudges, or engagement prompts to help you get the most from the platform. You can opt out of non-essential emails at any time.

To improve the platform. We may use anonymised and aggregated data to analyse patterns, improve coaching quality, and develop new features. This data cannot be used to identify you individually.

Our legal basis for processing is primarily the performance of a contract (providing you with the platform) and legitimate interests (improving the platform in a way that does not override your rights).

Your coaching conversations are private. They are not accessible to your employer, your HR or People team, or any other person within your organisation. This is fundamental to how coaching works. You will only be open and honest if you know the conversation is yours.

Your personal notes, anything you write in the My Notes section of the platform, are stored securely in our database and are private to you. They are never visible to your organisation, your HR or People team, or any other participant. Only you can read, edit, or delete your notes.

Mindset Quotient® staff do not read individual coaching conversations or personal notes except where strictly necessary for technical operations (for example, investigating a reported error). Access in these circumstances is logged and restricted to authorised personnel.

Your individual MQ assessment scores are also private and are not shared with your employer without your explicit consent.

Your coaching is powered by Anthropic's Claude AI. Here is exactly how your data is handled:

Your data is never used to train AI models. Anthropic's API terms explicitly prohibit the use of customer data for model training. Your conversations, scores, and personal information are never used to improve or fine-tune any AI system.

Zero data retention by the AI provider. When you send a message to your coach, it is processed via a real-time API call. Anthropic does not permanently store the content of these requests. Your data exists only in our own secure database.

Temporary safety logs. For trust and safety purposes, Anthropic may retain temporary logs of API requests for up to 30 days. These logs are used solely for abuse detection and are automatically deleted. They are never used for training or shared with third parties.

Your data stays yours. Your coaching conversations, assessment scores, and personal notes are only used to provide your personalised coaching experience. Nothing is shared, sold, or repurposed.

Organisations that commission MQ programmes receive a cohort-level reporting dashboard. This shows:

· Average and distribution of MQ scores across the cohort as a whole
· Engagement metrics, for example, what percentage of participants have completed the assessment or logged in
· Aggregate thematic patterns, where the data permits

This reporting is always aggregated. Your organisation cannot use it to identify your individual scores, session content, or responses. Individual-level data is never included in organisational reporting.

We never sell your personal data. We use the following third-party services to operate the platform. Each is subject to a Data Processing Agreement and processes data only on our behalf and in accordance with our instructions.

Anthropic (Claude AI). Your coaching messages are processed by Anthropic's Claude AI to generate coaching responses. Anthropic does not use this data for model training. Data transfers to the US are covered by appropriate safeguards under UK GDPR. Anthropic maintains SOC 2 Type II certification.

Supabase (database). We use Supabase to store your account data, assessment scores, coaching conversation history, notes, and values ratings. Data is stored on EU-based servers. Supabase maintains SOC 2 Type II certification.

Resend (email). We use Resend to deliver transactional emails such as account invitations, reminders, and nudges. Email content is not stored beyond delivery confirmation.

Vercel (hosting). Our platform is hosted on Vercel's infrastructure. Vercel processes limited technical data (such as IP addresses and request logs) as part of serving the application. Vercel maintains SOC 2 Type II certification.

A Data Processing Agreement is available on request for enterprise customers.

We take appropriate technical and organisational measures to protect your personal data. These include:

Encryption in transit. All data sent between your browser and our servers is encrypted using TLS (HTTPS), enforced at the infrastructure level.

Encryption at rest. All data stored in our database is encrypted using AES-256 encryption, managed by Supabase.

Row-level security. Database-level access controls ensure that each user can only access their own data. This is enforced at the database layer, not just the application layer.

Secure authentication. Passwords are hashed using bcrypt. We never store passwords in plain text. Session tokens are securely managed and regularly rotated.

No system is completely secure, but we continuously review and improve our security practices.

We retain your data for as long as your account is active and for a reasonable period afterwards to comply with legal obligations. Specifically:

· Account and profile data: retained while your account is active, then deleted within 12 months of account closure unless we are required to retain it longer by law.
· Assessment scores, coaching conversations, and personal notes: retained for the duration of your programme and for up to 12 months after its conclusion.
· Anonymised and aggregated usage data: may be retained indefinitely for product improvement purposes.

You can request deletion of your data at any time by contacting us at privacy@mindsetquotient.com. We will process deletion requests within 30 days.

We believe in being transparent about how AI is used in coaching. Here is what MQ does and does not do:

No workplace monitoring. MQ is a self-directed coaching platform. It does not monitor your work, track your productivity, or report on your behaviour to your employer.

No automated decision-making. Your MQ scores and coaching insights are for your personal development only. They are never used to make or inform employment decisions, performance reviews, promotions, or disciplinary actions.

No emotion recognition for evaluation. While your coach may discuss emotions as part of coaching, we do not use AI to detect, classify, or evaluate your emotional state for any purpose beyond the coaching conversation itself.

EU AI Act compliance. Our use of AI in coaching is designed to comply with the EU AI Act. MQ does not engage in social scoring, behaviour manipulation, or any prohibited AI practice as defined by the regulation.

Under UK GDPR, you have the following rights:

· Access. You can request a copy of the personal data we hold about you.

· Rectification. You can ask us to correct inaccurate or incomplete data.

· Erasure. You can ask us to delete your personal data, subject to any legal obligations we have to retain it.

· Restriction. You can ask us to restrict how we process your data in certain circumstances.

· Portability. You can request a copy of your data in a structured, machine-readable format.

· Objection. You can object to processing based on our legitimate interests.

To exercise any of these rights, contact us at privacy@mindsetquotient.com. We will respond within one calendar month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

We use only essential cookies that are necessary for the platform to function. These include:

· Authentication cookies to keep you signed in
· Session cookies to maintain your coaching session state

We do not use advertising cookies, third-party tracking cookies, or analytics cookies that track your behaviour across other websites.