Privacy Policy
Effective date: Aug 21, 2023
Privacy Policy
We've made an effort to keep this policy straightforward and free from legal jargon so that you can easily understand the data we gather, how we handle it, and your options related to it. While we encourage you to read the entire policy, here's a concise overview of its main highlights:
We don’t sell your personal data to anyone. Never have, never will.
• All we know about you is what you share by visiting and exploring our website. We don’t collect any of your personal information from any third parties, so it’s completely up to you to decide what you want to share.
• When you use our website, even if you aren’t logged in, we receive some personal information from you like the type of device you’re using and your IP address. You can choose to share additional information with us by creating an account. We use this information for improving our services and for keeping our website functional and secure.
• You are free to opt in and out of our newsletters, update your account details, or delete it entirely at any time. You can also ask us to give you a copy of the information you’ve submitted.
• When you fill out the IMX Direct personality test, we use your answers to determine your personality traits. You’re completely free to decide which package you choose.
• If you have any questions or comments regarding this policy, please don’t hesitate to get in touch!
How Do We Collect Information?
First, we collect, store, and use information you share on our website. This means only your e-mail address and your name when you register for our services.
Second, if you purchase something for yourself or for your company on our website, we’ll collect payment and tax information (e.g., country of residence), contact information (e.g., e-mail address), and details of what you bought.
Finally, we record certain technical information whenever you use our website. This includes information about your device and about your visits to and use of our website, such as your IP address, browser type and version, page views, etc.
We also use cookies (small encrypted data files stored and sent by your browser whenever you visit our website) to store and retrieve your login status, personality test results, and various website settings. Some of the cookies are account-specific while others are not. For more information about cookies, please see the following section.
Cookies
Most of the functionality on our website (such as viewing your personality test results or logging in) requires cookies. By using our website, you consent to our use of cookies as described in this policy.
We use “persistent” cookies on our website. Persistent cookies will remain stored on your device until deleted, or until they reach a specified expiry date.
We use cookies to enable our website to recognise you (as distinct from other users) when you visit and keep track of your preferences in relation to your use of our website.
We use Google Analytics to analyze the use of our website. These third party services may use cookies and other technologies to collect technical data on your behavior and your device (such as your device’s IP address or screen size). For further details, plese see Google’s privacy policy. You can also opt out of Google Analytics tracking at any time.
Most browsers allow you to reject all cookies, while some browsers allow you to reject just third party cookies. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including ours.
Whether Information Has to Be Provided by You and Why
The provision of contact and other relevant information is required from you to enable us to communicate with you and to provide the services available on our website. We’ll inform you at the point of collecting information from you (including via this Privacy Policy), whether you’re required to provide the information to us.
If you don’t provide the information requested we may not be able to provide the services which require the use of this information (e.g., certain features or assessments).
How Do We Use the Information We Collect?
We use the information we collect to provide you with our services as well as content that’s relevant and personal to you. Consequently, it’s necessary for us to use your information to:
• send you your personality test results,
• send you account-related messages, such as password recovery e-mails;
• identify you and ensure the security of your account – e.g., by verifying that you own the e-mail address linked to your account;
• collect payments from you and send you e-mails with your order details, if you decide to purchase something from us;
• provide you with content and services relevant to you – e.g., information for people with your personality type;
• respond to your questions or complaints, or to complaints made about your use of our website.
We have a legitimate interest in using your information in these ways. It’s necessary for us to do that to make our services and content as relevant to you as possible, and that’s in both of our interests.
In addition, we have a legitimate interest in maintaining our relationship with you, improving our website and services, and protecting both you and other users.
Consequently, we use your information to:
• conduct analytics on how you use our website in order to better understand your needs and to optimize our service and experience. For instance, by measuring the time you spend on a certain page before and after a design change, we can understand whether there’s anything we need to tweak. In order to do that, we use third party services, Google Analytics to collect standard internet log information and details of visitor behaviour patterns (for example, how much time you spent reading your personality test results). We’ve already mentioned these services in the Cookies section above.
This information is only processed in a way which does not identify anyone. For example, we don’t make, and don’t allow Google to make, any attempt to match such information with personal data we hold about you.
• improve our website and develop new functionality. For example, if the majority of respondents in one of our profile say they’d like to learn more about dealing with a difficult colleague or manager, we’ll certainly take that into account.
• conduct internal analysis and scientific / statistical research to improve our services and understanding of personality traits.
• keep the website secure and prevent fraud – e.g., by logging authentication attempts or activities related to your account;
• keep both you and other users safe, including working with law enforcement where necessary. For instance, we may inform the police if something you’ve posted makes us believe that it’s highly likely you or someone else is in immediate physical danger.
• verify compliance with the terms and conditions governing the use of the website.
While our legitimate interests cover a lot of what we do, in the following circumstances other legal grounds apply to how we process your personal data:
• where we expressly require consent from you for the processing in question;
• where we provide services to you as a member – in which case we’ll have a contract with you for this and we’ll process your data in accordance with our contract with you (see our Terms and Conditions). In particular, our contract allows us to retain and delete data in ways which override certain rights you may otherwise have had if we were relying on consent or our legitimate interests for the data processing in question.
• where another legal ground applies (which will be rare) – e.g., to protect your or another person’s vital interests, or where we’re required to process the information by law.
Finally, in addition to what we discussed above, we’ll only use your information with your consent:
• to send you e-mail newsletters, if you’ve specifically agreed to receive them.
Please note you may withdraw your consent at any time.
Where you supply us with special category personal data we may also further process this data for research purposes – typically it will be anonymized so that it ceases to be personal data.
We won’t provide your personal information to any third parties for the purpose of direct marketing by those parties.
3. Do We Transfer Your Information Elsewhere?
As a worldwide digital service, we need to work with a number of providers, some of which are located outside the UAE and the European Economic Area (EEA), e.g. in the U.S., in order to be able to operate our website and to make our services available online. Some of our staff also operate outside the EEA. Consequently, some of your personal data may be transferred outside the UAE.
We’ll ensure that any transfer of your personal information outside the UAE where the GDPR or Data Privacy Law applies to such transfer will be subject to the appropriate or suitable relevant safeguards (e.g. European Commission approved contract), as permitted under the GDPR, with those measures designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.
Here’s a list of third party providers we’ll share your information with, if necessary:
• Innermetrix US and IMX Direct UK with regards of the personality profiles. Only name and mail address.
• Microsoft, to deliver our non-newsletter e-mails, e.g., when we respond to your messages. Again, we’ll also collect information regarding e-mail delivery and opening rates to improve deliverability and help with troubleshooting. You can find Microsoft’s privacy policy here.
• Stripe to process payments and conduct anti-fraud checks. Here are links to Stripe’s privacy policy,
• Google, to analyze the behaviour of our visitors. Google’s privacy policy is here.
• Slack for our everyday communication and planning. Their respective privacy policies are here,
We’ve listed all our third party providers here to be as transparent as possible. In practice, “sharing” is a very generous term when it comes to us transferring your information outside our company. We always transfer as little data as we can, also encrypting it where possible. For instance, our e-mail service provider would need to know your e-mail address to deliver a password recovery link, but we won’t tell them your age.
Similarly, we may discuss an issue you’re having on Slack, which technically counts as us transferring your information (such as the e-mail address linked to your account) to Slack servers – however, Slack wouldn’t be permitted to use that information for anything beyond what’s necessary to provide their service to us.
We use all reasonable security and access control measures to secure our accounts on third party websites and the data stored therein.
4. How Long Do We Keep Your Information?
We keep your information only for as long as we need it to provide services to you and to fulfil the purposes described in this policy or as otherwise described in our Terms and Conditions. This also applies to any other parties that we share your information with.
Here are some examples of categories of data along with their periods of retention:
• payment and order data, including relevant access logs – 10 years;
• activity logs, minus the above – 1 year;
• transient activity records, such as e-mail invites or password reset requests – 3 months;
• account details – unlimited;
We’ll regularly delete accounts that aren’t linked to any meaningful activity and have been inactive for more than two years.
• content submitted to our website, such as comments or forum posts – unlimited.
We’ll depersonalize your information or remove it entirely from our systems once we no longer need it to comply with our legal or regulatory obligations, or for other purposes described in this policy.
5. What Can You Ask Us to Do with Your Information?
Under the GDPR you have a number of important rights free of charge. In summary, those include rights to:
• fair processing of information and transparency over how we use your personal information that this Privacy Policy is already designed to address;
• access to your personal information and to certain other supplementary information;
• require us to correct any mistakes in your information which we hold;
• require the erasure of personal information concerning you in certain situations;
• receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format, and have the right to transmit that data to a third party in certain situations;
• object at any time to processing of personal information concerning you for direct marketing;
• object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
• object in certain other situations to our continued processing of your personal information;
• otherwise restrict our processing of your personal information in certain circumstances;
• withdraw your consent to our processing where we are relying on consent as the lawful basis for the processing in question;
• right to lodge a complaint with a supervisory authority.
For further information on each of those rights, including the circumstances in which they apply.
If you’d like to exercise any of those rights, please e-mail us. Keep in mind you’ll need to send the request from the e-mail address associated with your account in order for us to process it. We won’t be able to confirm you’re the account owner otherwise.
6. How Do We Secure Your Information?
We take reasonable technical and organisational precautions to prevent the loss, misuse, or alteration of your personal information. For instance, we store this information on our secure (password and firewall-protected) servers, encrypt traffic to and from the website, and anonymize or pseudonymize personal information where possible.
Still, we can’t guarantee complete security of data sent over the internet – for example, someone may discover a vulnerability in the encryption protocol that we use, your internet service provider may record the data you send, and so on. Please take care when posting sensitive data.
7. How Can You Get in Touch with Us?
You can find our contact information via Contact us sub-page.
8. Miscellaneous
You’re responsible for keeping your password and other login details confidential. Don’t share such information with anyone as whoever has it will have full access to all your information on our website.
Some of our articles and website sections contain links to other websites. We aren’t responsible for the privacy policies or practices of those websites.
We may update this privacy policy from time to time by posting a new version on our website. You should check this page occasionally to ensure you’re happy with any changes.