Privacy Policy

Last Updated: March 4, 2026

At InnerChart, we take your privacy seriously. This Privacy Policy describes how Rapid Dot Expert SRL ("we", "us", or "our") collects, uses, and protects your personal information when you use our personality assessment platform and related services (collectively, the "Service").

By using InnerChart, you agree to the collection and use of information in accordance with this policy.

1. Data Controller Information

Rapid Dot Expert SRL

Strada Știrbei Vodă 154, Bloc 26 A
Etaj 4, Ap. 16, Sectorul 1
Bucharest, Romania

Unique Number: 46296614
Registry Number: J26/347/2024

Email: privacy@innerchart.com
Support: support@innerchart.com
General Inquiries: hello@innerchart.com

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

  • Account Information: Email address, password (encrypted), full name
  • Profile Information: Optional demographic data, preferences
  • Test Responses: Your answers to personality assessment questions
  • Payment Information: Billing address, payment method details (processed securely by Stripe)
  • Communications: Messages you send to our support team, feedback, survey responses

2.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

  • Device Information: IP address, browser type and version, device type, operating system
  • Usage Information: Pages visited, features used, time spent on pages, navigation paths
  • Location Information: Approximate location based on IP address (country and city level)
  • Cookies and Tracking: See Section 6 for detailed cookie information

✓ What We DON'T Collect

  • • We do NOT collect sensitive personal data (health information, race, religion, political views)
  • • We do NOT process children's data (Service is for ages 16+)
  • • We do NOT store credit card numbers (Stripe handles all payment processing)
  • • We do NOT use facial recognition or biometric data

3. How We Use Your Information

We use the collected information for the following purposes:

🎯 Service Delivery

  • • Create and manage your account
  • • Process your personality test responses and generate results
  • • Provide access to your assessment reports
  • • Send service-related notifications

💳 Payment Processing

  • • Process subscription payments and trials
  • • Manage billing and invoicing
  • • Detect and prevent fraud

📧 Communication

  • • Send welcome emails and account confirmations
  • • Provide customer support
  • • Send marketing emails (with your consent - you can opt out anytime)
  • • Notify you of service updates or changes

🔒 Security & Compliance

  • • Protect against fraud and abuse
  • • Comply with legal obligations
  • • Enforce our Terms of Service
  • • Monitor system security and performance

📊 Improvement & Analytics

  • • Analyze how users interact with our Service
  • • Improve our personality assessments and algorithms
  • • Develop new features and services
  • • Understand user demographics and preferences (anonymized)

⚠️ Important: No Automated Decision-Making

We do NOT use automated decision-making or profiling that produces legal effects or significantly affects you. Your personality test results are generated based on your responses using established psychological frameworks, but these are for informational purposes only and do not affect any decisions about your account or services.

4. Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing is necessary to provide the Service you requested (account creation, test delivery, results generation)
  • Consent: You have given explicit consent for marketing communications and optional data processing
  • Legitimate Interests: Processing is necessary for our legitimate business interests (fraud prevention, service improvement, analytics) that don't override your rights
  • Legal Obligation: Processing is required to comply with legal requirements (tax, accounting, anti-fraud laws)

5. Data Sharing and Third-Party Services

We may share your information with trusted third-party service providers who help us operate our Service:

💳 Payment Processing

Stripe (https://stripe.com)

Processes all payments and subscription management. Stripe is PCI-DSS Level 1 certified. We do NOT store your credit card information on our servers.

📧 Email Services

Resend (https://resend.com)

Sends transactional emails (account confirmations, password resets) and marketing emails (with your consent).

🗄️ Database & Hosting

Supabase (https://supabase.com) - Database
Vercel (https://vercel.com) - Hosting & CDN

Stores your account data, test responses, and results. Both providers offer EU data center options for GDPR compliance.

📊 Analytics

Vercel Analytics (https://vercel.com/analytics)

Privacy-friendly analytics to understand how users interact with our Service. No personal identifiers are collected.

5.1 Other Disclosures

We may also share your information in the following circumstances:

  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: If we're involved in a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share your information
  • Aggregate Data: Anonymized, aggregated data that cannot identify you personally

✓ We Will NEVER:

  • • Sell your personal information to third parties
  • • Share your personality test responses with anyone without your explicit consent
  • • Use your data for purposes other than those described in this policy

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience and analyze Service usage.

6.1 Types of Cookies We Use

🔒 Essential Cookies (Required)

Necessary for the Service to function. Enable authentication, security, and basic functionality. Cannot be disabled.

⚙️ Functional Cookies

Remember your preferences, language settings, and choices. Improve your user experience.

📊 Analytics Cookies

Help us understand how users interact with the Service. Used to improve features and performance. Data is anonymized.

6.2 Managing Cookies

You can control cookies through:

  • Browser Settings: Most browsers allow you to block or delete cookies
  • Cookie Consent Banner: Manage your preferences when you first visit
  • Account Settings: Control analytics and functional cookies in your account

Note: Blocking essential cookies may affect Service functionality.

7. Your Privacy Rights

7.1 Rights for All Users

Regardless of your location, you have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and data
  • Opt-Out: Unsubscribe from marketing communications
  • Data Portability: Receive your data in a machine-readable format

7.2 Additional Rights for EU/EEA Users (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights under GDPR:

  • Right to Restrict Processing: Limit how we use your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time (doesn't affect prior processing)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority
  • Automated Decision-Making: Right not to be subject to automated decisions (we don't use this)

7.3 How to Exercise Your Rights

To exercise any of these rights:

  1. Email us: privacy@innerchart.com
  2. Account Settings: Many actions (export, delete) can be done in your account
  3. Response Time: We will respond within 30 days (EU) or as required by local law

8. Data Retention

We retain your personal data for as long as necessary to provide the Service and fulfill the purposes described in this policy:

  • Active Accounts: Data retained while your subscription is active
  • Cancelled Accounts: Data deleted 30 days after cancellation (unless you request immediate deletion)
  • Legal Requirements: Some data may be retained longer to comply with legal obligations (tax records, fraud prevention)
  • Backups: Backup copies are deleted within 90 days

To delete your account and data immediately, email privacy@innerchart.com or use the "Delete Account" option in your account settings.

9. Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption: All data transmitted over HTTPS (SSL/TLS encryption)
  • Password Security: Passwords are hashed using bcrypt (never stored in plain text)
  • Access Controls: Limited employee access to personal data on a need-to-know basis
  • Regular Monitoring: Security monitoring and incident response procedures
  • Secure Infrastructure: Data hosted on secure, SOC 2 certified platforms

Important: While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by GDPR.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

10.1 EU Data Transfers

For users in the EU/EEA, we ensure appropriate safeguards are in place:

  • EU Servers: We use Supabase EU region for database storage
  • Standard Contractual Clauses: Our service providers use EU-approved SCCs
  • Adequacy Decisions: Transfers only to countries deemed adequate by EU Commission

11. Children's Privacy

InnerChart is NOT intended for children under 16 years of age.

We do not knowingly collect personal information from children under 16. If you are under 16, please do not use our Service or provide any personal information. If you are between 16 and 18, you may only use the Service with parental or guardian consent.

If we discover that we have collected personal information from a child under 16, we will delete that information immediately. Parents or guardians who believe we may have information from a child under 16 should contact us at privacy@innerchart.com.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons.

When we make material changes, we will:

  • Post the updated policy on this page
  • Update the "Last Updated" date at the top
  • Send you an email notification (for significant changes)
  • Request your re-acceptance if required by law

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Inquiries:

Email: privacy@innerchart.com
Response Time: Within 30 days

General Support:

Email: support@innerchart.com

Mailing Address:

Rapid Dot Expert SRL
Attn: Privacy Department
Strada Știrbei Vodă 154, Bloc 26 A
Etaj 4, Ap. 16, Sectorul 1
Bucharest, Romania
Registry Number: J26/347/2024

14. Supervisory Authority (EU Users)

If you are located in the EU/EEA and have concerns about our data processing practices that we haven't resolved, you have the right to lodge a complaint with your local data protection authority.

Romanian Data Protection Authority:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP)
Website: www.dataprotection.ro

You can also find your local EU data protection authority at:
https://edpb.europa.eu/about-edpb/board/members_en

By using InnerChart, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and disclosure of your information as described.

Last Updated: March 4, 2026
Version 1.0