MyInsightReport

Privacy Policy

Last updated: 5 March 2026

1. Who we are

MyInsightReport ("we", "us", "our") operates the website at myinsightreport.com. For questions about this policy or data requests, contact us at support@myinsightreport.com.

2. What data we collect

Assessment answers

When you complete an assessment, your answers (numerical scores on a 0–3 scale) and your generated report data are stored in our database. This data is associated with a randomly generated Report ID — not with any personal identifier. No name, email address, or login is required.

Payment data

Payments are processed by Stripe. We do not handle or store credit card information directly. When a payment is completed, we receive from Stripe: the Stripe session ID, the Report ID you paid for, and the email address you provided to Stripe. This information is stored to allow you to recover access to your paid report.

Usage analytics

We use Google Analytics 4 to collect anonymised information about how the site is used — including pages visited, time on site, and general geographic location (country/city level). This data is collected via cookies and is processed by Google in accordance with their privacy policy. IP addresses are anonymised.

We also log internal events (page visits, assessment completions, payments) in our own database using a hashed IP address. This data is used only for understanding how the site is being used and is never shared.

Session data

We use standard PHP sessions to maintain your state as you move through the assessment. Session data is stored temporarily on our server and expires after your browsing session ends.

3. How we use your data

  • Assessment data — to generate and display your report, and to allow you to recover a paid report if you lose your session
  • Payment data — to verify your payment and grant access to your full report
  • Analytics data — to understand how the site is used and improve it
  • Email address — stored securely; used only if you contact us for support

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3a. Legal basis for processing (GDPR)

We process your data on the following legal bases under GDPR Article 6:

  • Contract performance (Art. 6(1)(b)) — processing assessment answers and payment data to deliver the service you have requested
  • Legitimate interest (Art. 6(1)(f)) — internal analytics and logging to understand site usage and improve the service
  • Consent (Art. 6(1)(a)) — Google Analytics cookies, collected only after you accept via our cookie banner

Assessment answers relate to personal relationships and may indirectly touch on sensitive matters. We minimise this by collecting only numerical scores (0–3), not free-text descriptions, and by not linking data to any identified individual.

4. Third-party services

  • Stripe — payment processing. See Stripe's Privacy Policy.
  • Google Analytics 4 — usage analytics. See Google's Privacy Policy.
  • OpenAI — your report scores and answers are sent to OpenAI's API solely to generate your personalised full report. OpenAI acts as a data processor under our Data Processing Addendum (DPA). OpenAI does not use API data to train their models. Data is transmitted over encrypted connections and not retained by OpenAI beyond the API call. See OpenAI's Privacy Policy and API data usage policies.

5. Data retention

  • Assessment and report data: stored for 90 days from the date of creation, then automatically deleted
  • Paid report data: retained for 12 months to allow report recovery
  • Analytics events: retained for 24 months

6. Cookies

We use the following cookies:

  • Session cookie — a temporary cookie (PHPSESSID) that maintains your session while you use the site. It is deleted when you close your browser.
  • Google Analytics cookies — used to distinguish users and sessions for analytics purposes. These persist for up to 2 years.

By using this site, you consent to the use of these cookies. You can disable cookies in your browser settings, though some functionality may not work correctly.

7. Your rights (GDPR)

If you are located in the European Economic Area, you have the following rights regarding your personal data:

  • Right of access — request a copy of the data we hold about you
  • Right to erasure — request deletion of your data
  • Right to rectification — request correction of inaccurate data
  • Right to object — object to processing of your data

To exercise any of these rights, contact us at support@myinsightreport.com with your Report ID (if applicable). We will respond within 30 days.

8. Security

We take reasonable technical and organisational measures to protect your data, including encrypted connections (HTTPS), hashed IP addresses in our analytics, and no storage of raw payment card data. No method of transmission over the internet is 100% secure.

9. Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects the most recent update. Continued use of the site after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or requests: support@myinsightreport.com