Privacy Policy

Last updated: 24 May 2026 · Effective date: 24 May 2026

1. Who we are

KnowYourProfile™ operates the following instruments under one platform:

• Archetype Compass — Jungian archetype + numerology profiling (archetypecompass.knowyourprofile.com)
• InvestorDNA — investor risk profiling aligned with Singapore MAS frameworks (investordna.knowyourprofile.com)
• WorkCompass — leadership and team dynamics assessment (workcompass.knowyourprofile.com)

For any privacy-related enquiry, contact us at [email protected].

2. What data we collect

2.1 Information you provide directly

• Name — used to personalise your report and, where applicable, to enable retrieval of your results.
• Email address (optional, where requested) — used to deliver your report and respond to enquiries.
• Date of birth (Archetype Compass only) — used to compute numerology values that feed into your archetype reading.
• Role / occupation (WorkCompass only) — used to contextualise your assessment.
• Assessment answers — your responses to quiz questions, used to compute your archetype, risk profile, or work-style scores.
• Financial profile inputs (InvestorDNA only) — age range, income range, net worth range, investment experience, time horizon, and similar data required for MAS-aligned risk profiling. Ranges are collected (not exact figures) and are used solely to compute your investor archetype and suitability indicators.

2.2 Information collected automatically

• Standard server logs (IP address, browser type, referring URL, timestamps) for security and operational monitoring.
• Local browser storage (localStorage) is used to save your in-progress quiz state for up to 7 days, so you can resume without re-entering data. This data stays on your device.

2.3 Information we do NOT collect

• We do not collect government identifiers (NRIC, passport, tax ID).
• We do not collect bank account numbers, credit card numbers, or exact financial figures.
• We do not use third-party advertising trackers or behavioural ad networks.

3. How we use your data

• To generate your personalised assessment results and AI-augmented reading or briefing.
• To email your report to you, where you have requested it.
• To allow you to retrieve your results later via a unique result link.
• To improve the accuracy and quality of our instruments through aggregated, de-identified analysis.
• To respond to your support enquiries.
• To comply with legal obligations.

4. Lawful basis for processing (GDPR)

Where the GDPR applies, we rely on the following lawful bases:

• Consent — when you voluntarily complete an assessment and provide your data.
• Legitimate interests — for security, fraud prevention, and operational analytics.
• Contract — to deliver the assessment results you have requested.

5. Third parties we share data with

We share limited data with the following service providers strictly for the purposes described:

• Supabase (database hosting) — stores your assessment record (name, email if provided, archetype, scores, answers). Data is hosted in their secured cloud infrastructure.
• OpenRouter / Anthropic (AI reading generation) — when you request the AI-augmented reading or briefing, we send your computed archetype, scores, and selected inputs to generate the narrative report. We do not send your raw personal identifiers (such as email) for AI generation beyond what is needed for the reading.
• Resend (email delivery) — when you opt to receive your report by email, your email address and the generated report are transmitted to Resend for delivery.
• Netlify (web hosting) — our sites and serverless functions are hosted on Netlify infrastructure.

We do not sell your personal data. We do not share your data with advertisers.

6. Data retention

Assessment records are retained for up to 24 months from the date of completion, after which they are deleted or fully anonymised. You may request earlier deletion at any time (see Section 8).

Server logs are retained for up to 90 days.

7. Data security

• All traffic between your browser and our services is encrypted via HTTPS/TLS.
• Database access is restricted by row-level security policies and service-role keys held only on the server.
• API keys for third-party services are stored as server-side environment variables and never exposed to the browser.
• We apply security headers (X-Frame-Options, X-Content-Type-Options, Referrer-Policy) to our pages.

8. Your rights

Under the PDPA and GDPR (where applicable), you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Request deletion of your data.
• Withdraw consent for further processing.
• Object to processing based on legitimate interests.
• Request portability of your data in a machine-readable format.
• Lodge a complaint with your local data protection authority. In Singapore, this is the Personal Data Protection Commission.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

9. Cookies and local storage

We use minimal browser storage:

• localStorage — to save your in-progress quiz state for up to 7 days so you can resume. You can clear this at any time through your browser settings.
• We do not use cookies for tracking or advertising.

10. International data transfers

Our service providers (Supabase, Netlify, OpenRouter, Resend) may process data outside Singapore or the EEA. Where transfers occur, we rely on standard contractual clauses and the providers' own compliance frameworks to ensure adequate protection.

11. Children's privacy

Our instruments are not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us and we will delete it promptly.

12. Changes to this policy

We may update this policy from time to time. Material changes will be highlighted on this page with a revised "Last updated" date. Continued use of our services after a change constitutes acceptance of the revised policy.

13. Contact

Questions, requests, or complaints: [email protected]