Your Privacy is Our Priority

At BridgePoint, we understand that burnout assessment involves sensitive workplace experiences. This policy explains how we collect, use, protect, and respect your data.

Effective Date: 12 May 2026 · Last Updated: 12 May 2026

Our Privacy Principles

🔒

Anonymity First

Individual responses are never identifiable. We aggregate data to protect privacy.

🎯

Purpose Limitation

We only collect data necessary for burnout assessment and organisational insights.

👁

Transparency

You'll always know what data we collect and why.

🛡

Security

Industry-standard encryption and security practices protect your information.

✋

Your Control

You decide what information to share and can request deletion at any time.

Information We Collect

From Survey Respondents

•Your answers to the 36-item burnout assessment

•Time taken to complete the survey

•Date and time of completion

•Optional demographic information (department, role level, tenure)

•Anonymous session identifiers and device type

What we never collect:

✕ Your name✕ Your email address✕ Your employee ID✕ Any directly identifying information

From Administrators

•Name and email address

•Organisation name and job title

•Assessment settings and engagement configuration

•Organisational structure (departments/teams)

How We Use Information

For Respondents

•Calculate burnout scores and domain analysis

•Aggregate responses to show organisational patterns

•Identify risk areas (only when groups meet minimum size thresholds)

For Administrators

•Provide dashboard access to aggregated results

•Send important notifications about assessments

•Customer support and assistance

What We Never Do

•Sell your data to third parties

•Use responses for marketing purposes

•Share individual responses with employers

•Track behaviour outside the assessment

How We Protect Anonymity

Minimum Group Size Enforcement

Results are only displayed for groups with at least the configured minimum number of respondents. Small groups could allow identification of individuals through process of elimination.

✓ Department with 12 people — results shown

✕ Team with 3 people — results hidden

Data Aggregation

Individual responses are immediately aggregated. Raw response data is never presented to administrators — only averages, distributions, and counts.

No Identifying Metadata

Timestamps are rounded, session identifiers are randomised and regularly purged, and IP addresses are hashed for security only.

Access Controls

Role-based permissions limit who can view which results. Audit logs track all data access by administrators.

How We Secure Your Data

Encryption

•TLS 1.3 for data in transit

•AES-256 encryption for data at rest

•Encrypted database backups

Infrastructure

•ISO 27001 certified cloud hosting

•Regular security audits and penetration testing

•DDoS protection and web application firewall

Access Controls

•Multi-factor authentication for admin accounts

•Role-based access with least privilege

•Session timeout after inactivity

Data Retention

•Survey responses: 3 years or engagement closure

•Aggregated results: retained for benchmarking

•Account information: deleted upon request

•Audit logs: 1 year for security purposes

Your Privacy Rights

For Survey Respondents

Right to Know

Request information about how your responses are used.

Right to Deletion

Request deletion of your data via your organisation's administrator or by emailing us directly.

Right to Opt-Out

Participation is voluntary. You may close the survey at any time without penalty.

Right to Complain

Lodge complaints with your local data protection authority if you believe your rights have been violated.

How to Exercise Your Rights

Email: contact@thebridgepoint.coResponse time: within 30 days as required by GDPR

International Data Transfers

EU/EEA Users: Data is stored in EU data centres and processed under GDPR.

UK Users: Data is processed in accordance with UK GDPR and Data Protection Act 2018.

Other Regions: Standard contractual clauses and appropriate safeguards are used for any international transfers.

Questions About Privacy?

Email: contact@thebridgepoint.coResponse time: We aim to respond within 2 business days.