Data Privacy Policy

Last updated: April 10, 2025

We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our self-assessment questionnaire and related services.

1. Who We Are

OMSTRAT LTD
26 Evagora Pallikaridi
Ofc. 101
8010 Paphos
Cyprus

E-mail: privacy @ upmindr. com

We are established in the European Union and subject to the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

2. What Data We Collect

We collect the following types of personal data:

  • Your name and email address
  • Your responses to the self-assessment questionnaire
  • Your action plan settings and preferences

We do not collect or process any special categories of personal data (such as health-related or psychological conditions).

3. How We Collect Your Data

All personal data is provided voluntarily by you when:

  • You fill out our online questionnaire and action plan preferences
  • You submit a form or sign up for follow-up content

We also use essential session cookies strictly necessary for the secure operation of our website. These do not require consent under the ePrivacy Directive and are not used for tracking or analytics.

4. Why We Use Your Data

We use your data to:

  • Generate personalized feedback and recommendations based on your responses
  • Create an action plan tailored to your preferences
  • Improve the quality and usability of our tool
  • Send follow-up resources and relevant content by email

5. Legal Bases for Processing

We process your data on the following legal grounds:

  • Consent – when you participate in the questionnaire and receive follow-up emails (which you may withdraw at any time)
  • Legitimate interest – to analyze and improve our services in a privacy-respecting way
  • Contract – if you access specific services that require data processing to fulfill a request

6. Third-Party Services and Data Processors

We work with the following GDPR-compliant service providers:

  • Auth0 – for secure authentication
  • Cloudflare – for DNS, CDN, and cyber protection
  • Mailgun – for sending follow-up emails

Your data is stored within the European Union or under equivalent legal safeguards.

7. How Long We Keep Your Data

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or until you request its deletion. We regularly review our retention practices to ensure ongoing compliance.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Request correction or deletion
  • Object to or restrict processing
  • Withdraw consent at any time

To exercise any of these rights, contact us at: privacy @ upmindr. com

You also have the right to lodge a complaint with your local data protection authority or the Office of the Commissioner for Personal Data Protection in Cyprus.

9. Security Measures

We implement appropriate technical and organizational measures to protect your data from unauthorized access, loss, or misuse. These include:

  • SSL encryption
  • Industry-standard authentication controls
  • Secure infrastructure and encrypted communications

10. Changes to This Policy

We may update this Privacy Policy from time to time. The most recent version will always appear on this page, and the "Last updated" date at the top will reflect the latest changes. Continued use of our website implies your acceptance of any updates.

If you have any questions or concerns about this policy or your personal data, please contact us.