COURAGE-COMPASS PRIVACY POLICY

Effective Date: July 9, 2025
Last Updated: July 9, 2025

1. INTRODUCTION AND SCOPE

Courage-Compass (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy while providing our Entrepreneur Readiness Score assessment platform and website (collectively, the “Service”). This Privacy Policy (“Policy”) describes our practices regarding the collection, use, storage, sharing, and protection of your information.

BY ACCESSING OR USING OUR SERVICE, YOU EXPRESSLY CONSENT TO THE COLLECTION, USE, DISCLOSURE, AND RETENTION OF YOUR INFORMATION AS DESCRIBED IN THIS POLICY. IF YOU DO NOT AGREE WITH THESE TERMS, DO NOT ACCESS OR USE OUR SERVICE.

This Policy applies to all users, visitors, and others who access or use the Service regardless of method of access. This Policy constitutes a legally binding agreement between you and Courage-Compass.

2. INFORMATION COLLECTION

2.1 Information You Provide to Us

We collect information you provide directly to us, including:

Account Information: Email address and any optional profile information you choose to provide
Assessment Data: All responses, answers, and information submitted through assessments, evaluations, forms, and surveys
Communication Data: Content of messages, inquiries, feedback, reviews, testimonials, and support requests
Transaction Information: Payment details, billing information, and purchase history, if applicable
Marketing Preferences: Subscription choices, notification settings, and communication preferences
Voluntary Information: Any additional information you voluntarily provide through open-ended questions, optional fields, or direct communications

2.2 Information We Collect Automatically

When you access or use our Service, we automatically collect certain information, including:

Device Information: IP address, device type, unique device identifiers, browser type and settings, operating system, and mobile network information
Usage Data: Date and time of access, pages viewed, features used, links clicked, search terms, referring/exit pages, time spent, and other actions taken within the Service
Technical Data: Error logs, crash reports, system activity, hardware settings, and performance metrics
Location Data: General geographic location (e.g., country or city) based on IP address or other location-aware technologies
Behavioral Data: Click patterns, scrolling behavior, mouse movements, session recordings, heat maps, and interaction metrics
Assessment Interaction Data: Time spent on questions, revision patterns, completion rates, abandonment points, and interaction sequences
AI Processing Data: Data generated through our artificial intelligence systems, including pattern recognition, predictive analytics, and automated scoring algorithms

2.3 Information from Third Parties

We may receive information about you from third parties, including:

Service Providers: Analytics providers, data processors, payment processors, and hosting services
Business Partners: Marketing partners, co-branded services, affiliates, and referral sources
Public Sources: Publicly available databases, social media platforms, and professional networking sites
Integration Partners: Third-party services you connect to our Service (with your authorization)
AI and Technology Partners: Machine learning platforms, form builders, survey tools, and data processing services (including DatumProcessor)

2.4 Cookies and Similar Technologies

We use cookies, web beacons, pixels, and similar technologies to collect information about your browsing behavior and deliver certain features. These technologies allow us to:

Keep you logged in and authenticate your access
Remember your preferences and settings
Track Service usage and effectiveness
Deliver targeted content and advertising
Analyze traffic patterns and user behavior
Protect against fraud and improve security

You can configure your browser to refuse cookies or alert you when cookies are being sent. However, disabling cookies may limit your ability to use certain features of our Service.

3. USE OF INFORMATION

We have legitimate business interests in processing your information, including operating our business, providing the Service, improving our offerings, and communicating with you. We use the information we collect for the following purposes:

3.1 Provision of Service

Operate, maintain, and deliver the Service to you
Process and complete transactions
Send administrative notifications, confirmations, and service-related announcements
Authenticate users and prevent unauthorized access
Provide customer support and respond to inquiries
Fulfill your requests and deliver assessment results
Customize your experience and preferences
Maintain internal records and business operations

3.2 Improvement and Development

Monitor, analyze, and improve the Service and user experience
Develop new features, functionalities, and services
Troubleshoot and resolve technical issues
Conduct testing and debugging
Generate insights about Service usage and effectiveness
Optimize website design, content, and performance
Understand user needs and preferences

3.3 Research and Analytics

Conduct scientific and academic research
Perform statistical analysis and data mining
Develop and refine assessment methodologies
Create industry benchmarks and comparative metrics
Generate aggregated insights and trend analysis
Validate assessment effectiveness and reliability
Study entrepreneurial psychology and development
Publish findings in academic and professional contexts (using anonymized data only)

3.4 AI and Automated Processing

Train and improve machine learning algorithms
Generate automated assessment scores and interpretations
Identify patterns and correlations in user behavior and responses
Create personalized recommendations and insights
Detect anomalies and quality issues in assessment data
Optimize assessment design and question effectiveness
Generate predictive models for entrepreneurial success factors

3.5 Marketing and Communication

Send you assessment results and follow-up content
Provide educational resources and related information
Inform you about new features, services, and updates
Deliver promotional offers and special opportunities
Create targeted marketing campaigns
Measure marketing effectiveness and engagement
Invite participation in surveys and research studies

3.6 Legal and Protection

Comply with legal obligations and regulatory requirements
Enforce our Terms of Service and other policies
Detect, investigate, and prevent fraudulent or illegal activities
Protect our rights, property, safety, and security
Respond to legal requests and prevent harm
Establish, exercise, or defend legal claims
Meet audit, compliance, and record-keeping requirements

4. ARTIFICIAL INTELLIGENCE AND AUTOMATED PROCESSING

4.1 AI Systems and Technologies

Our Service incorporates sophisticated artificial intelligence technologies, including but not limited to:

Machine Learning Algorithms: For assessment scoring, pattern recognition, and data analysis
Natural Language Processing: For text analysis, sentiment detection, and language understanding
Predictive Analytics: For forecasting potential outcomes and success indicators
Cognitive Computing: For simulating human thought processes and decision-making
Neural Networks: For identifying complex patterns and relationships in data
Recommendation Engines: For generating personalized insights and guidance
Behavioral Analysis Systems: For identifying behavioral patterns and tendencies
Automated Decision Systems: For generating scores, interpretations, and recommendations

4.2 AI Data Processing Activities

Our AI systems may process your information to:

Score and interpret assessment responses
Identify patterns in your decision-making approaches
Analyze emotional intelligence indicators and tendencies
Evaluate entrepreneurial readiness and potential
Generate personalized feedback and recommendations
Identify areas for development and improvement
Compare individual results to relevant benchmarks
Create predictive models about entrepreneurial outcomes

4.3 Automated Decision-Making and Profiling

We use automated decision-making systems to generate assessment scores, interpretations, and recommendations. These automated systems:

Apply standardized scoring algorithms to assessment responses
Generate profiles based on psychological and behavioral patterns
Compare individual results to established benchmarks and norms
Create personalized recommendations based on response patterns
Identify potential developmental areas and growth opportunities
Generate predictive insights about entrepreneurial tendencies

Important Notice: Our automated systems generate information for educational and developmental purposes only. These systems do not make decisions with legal or similarly significant effects on users. All automated results should be considered informational in nature and not as professional advice.

4.4 Human Oversight and Intervention

While we utilize automated systems, human oversight is maintained for:

System design, development, and validation
Quality assurance and accuracy verification
Handling unusual or complex cases
Addressing disputed results or interpretations
Responding to user questions about automated outcomes
Reviewing system performance and effectiveness
Ensuring ethical and responsible AI implementation

5. DATA SHARING AND DISCLOSURE

5.1 Service Providers and Sub-Processors

We share information with trusted third-party service providers and sub-processors who perform services on our behalf, including:

Technology Infrastructure: Cloud hosting, servers, database management, and storage providers
Analytics and Measurement: Data analytics, performance monitoring, and business intelligence tools
Customer Support: Help desk, ticket management, and communication platforms
Marketing and Communication: Email delivery, CRM systems, and marketing automation tools
Payment Processing: Payment gateways, fraud detection, and financial transaction processors
AI and Data Processing: Machine learning platforms, data analysis tools, and algorithmic processing services
Security and Compliance: Security monitoring, fraud prevention, and compliance management systems
Research Partners: Academic institutions, research organizations, and scientific collaborators

Important Notice: We reserve the right to engage any sub-processors or service providers at our sole discretion without prior notification to users. By using our Service, you acknowledge and consent to such data sharing arrangements. We make reasonable efforts to ensure service providers maintain appropriate safeguards, but cannot guarantee identical privacy practices.

5.2 Business Transfers and Corporate Transactions

In connection with any merger, sale of company assets, financing, acquisition, dissolution, bankruptcy, reorganization, or similar corporate event, your information may be transferred, sold, or shared as part of the transaction. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy.

5.3 Legal Requirements and Protection

We may disclose your information if required to do so by law or in good faith belief that such action is necessary to:

Comply with legal obligations, court orders, or valid legal processes
Respond to claims that content violates the rights of third parties
Protect the rights, property, safety, and security of the Company, our users, or the public
Detect, prevent, or address fraud, security, or technical issues
Defend against legal claims or liability
Fulfill audit, compliance, or regulatory requirements
Prevent or investigate possible wrongdoing in connection with the Service

5.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5.5 Aggregated and De-identified Information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for any lawful business purpose, including:

Industry reports and benchmarking
Academic research and publications
Marketing materials and case studies
Business development and partnerships
Product development and improvement
Statistical analysis and data science
Public presentations and educational materials

6. DATA RETENTION AND STORAGE

6.1 Retention Periods

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

Account Information: Retained indefinitely until deletion is requested
Assessment Data: Retained indefinitely for research and service improvement purposes
Usage Data: Retained according to our internal data retention schedule
Communication Records: Retained for legal, business, and customer service purposes
Technical Data: Retained according to technical requirements and security protocols
Aggregated Data: May be retained indefinitely in anonymized form

Important Notice: Even after information is deleted from our active systems, residual copies may remain in our backup systems for technical, legal, or business continuity purposes. Furthermore, we may retain certain information as necessary to prevent fraud, assist with investigations, enforce our terms, or comply with legal requirements.

6.2 Data Storage and Security

Your information may be stored and processed in any country where we maintain facilities or engage service providers. By using the Service, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules.

We implement reasonable technical, administrative, and physical safeguards designed to protect your information from unauthorized access, destruction, use, modification, or disclosure. However, no security system is impenetrable, and we cannot guarantee the absolute security of our systems.

6.3 Sub-processor Data Retention

Please be aware that our sub-processors and service providers may retain your data according to their own data retention policies, which may differ from ours. We have limited control over their data retention practices once information is shared.

7. YOUR RIGHTS AND CHOICES

7.1 Access and Control

Depending on your jurisdiction, you may have certain rights regarding your personal information. You may request to:

Access personal information we hold about you
Correct inaccurate data
Delete certain information (subject to exceptions)
Restrict or object to certain processing activities
Receive your data in a structured, machine-readable format
Withdraw consent for certain processing activities
Obtain information about how your data is processed

To exercise these rights, please contact us at info@courage-compass.com. We will respond within the timeframe required by applicable law. We may need to verify your identity before fulfilling your request.

7.2 Limitations on Rights Fulfillment

We strive to honor all valid requests within the parameters of applicable law. However, please be aware that our ability to fulfill certain requests may be limited by:

Technical architecture of our Service
Use of sub-processors and third-party services
Legal and regulatory requirements
Legitimate business interests
Technical feasibility constraints
Data retention requirements
Protection of trade secrets and intellectual property
Privacy rights of other individuals

7.3 Opt-Out Options

You may opt out of certain data uses:

Research Participation: You may request to opt out of research use of your data by emailing info@courage-compass.com
Marketing Communications: You may unsubscribe from marketing emails using the unsubscribe mechanism in each communication
Cookies and Tracking: You may disable certain cookies through your browser settings
Promotional Content: You may request not to receive certain promotional materials

Important Notice: Even if you opt out of certain data uses, we may continue to process your information for other purposes as permitted or required by law. Complete cessation of all data processing may require termination of your access to our Service.

7.4 Data Deletion Limitations

While you may request deletion of your data, please be aware of the following limitations:

We may retain certain information as required by law or legitimate business purposes
Deletion requests may not extend to data already shared with third parties
Sub-processors may retain data according to their own policies
Archived and backup copies may persist for technical or operational reasons
Aggregated and anonymized data derived from your information may be retained
Complete data removal from all systems cannot be guaranteed

8. SECURITY PRACTICES

8.1 Data Protection Measures

We implement and maintain reasonable security measures designed to protect your information, including:

Encryption of data transmission (where technically feasible)
Access controls and authentication mechanisms
Regular security assessments and vulnerability testing
Employee training on data protection practices
System monitoring and intrusion detection
Physical security of facilities housing data
Incident response procedures

8.2 Security Limitations

Despite our efforts to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of data. Factors outside our control include:

Inherent limitations of security technologies
Sophisticated cyber attacks and emerging threats
Technical vulnerabilities in third-party systems
Human error and social engineering
Unforeseen security breaches or failures

8.3 User Responsibilities

You play an important role in protecting your information. We recommend:

Using unique and strong passwords
Not sharing access credentials
Maintaining up-to-date security software
Being cautious about sharing personal information
Logging out of your account after use
Promptly reporting suspicious activities

9. INTERNATIONAL DATA TRANSFERS

9.1 Cross-Border Transfers

Your information may be transferred to, stored, and processed in countries other than the country in which you reside. These countries may have data protection laws that differ from those in your country.

Important Notice: By accessing or using the Service, you expressly consent to the transfer of your information to countries outside your country of residence, including to the United States, Canada, and any other country where we or our third-party service providers operate.

9.2 Transfer Mechanisms

For transfers from jurisdictions with data localization or transfer restriction laws, we rely on appropriate transfer mechanisms, which may include:

Standard contractual clauses
Adequacy decisions
Consent mechanisms
Legitimate interest assessments
Other legally recognized transfer mechanisms

9.3 Transfer Limitations

Please be aware that different countries provide different levels of legal protection for personal information. While we take reasonable steps to protect your information, data transferred to another country may become subject to the laws of that jurisdiction.

10. CHILDREN’S PRIVACY

Our Service is not directed to individuals under 18 years of age, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

If you believe we have inadvertently collected information from a child, please contact us immediately at info@courage-compass.com.

11. THIRD-PARTY LINKS AND SERVICES

Our Service may contain links to third-party websites, applications, or services that are not owned or controlled by us. We are not responsible for the privacy practices or content of these third parties. This Privacy Policy applies only to information collected by our Service.

We encourage you to review the privacy policies of any third-party sites or services before providing any personal information or using such services.

12. CHANGES TO THIS PRIVACY POLICY

12.1 Policy Updates

We may modify this Privacy Policy at any time at our sole discretion. Material changes will be communicated through:

Email notification (if we have your email address)
Prominent notice on our website
Updated “Last Updated” date at the top of this Policy

Your continued use of the Service after any modification constitutes your acceptance of the updated Policy. If you do not agree with the changes, you should discontinue using the Service.

12.2 Review Recommendation

We recommend that you periodically review this Privacy Policy to stay informed about our information practices. It is your responsibility to check for updates.

13. CONTACT INFORMATION

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Privacy Officer
Courage-Compass
Email: info@courage-compass.com
Address: Sherbrooke, Quebec, Canada

Data Protection Officer
Email: info@courage-compass.com
Address: Sherbrooke, Quebec, Canada

We will make good faith efforts to resolve any inquiry, concern, or complaint you bring to our attention.

14. ADDITIONAL DISCLOSURES

14.1 No Guarantee of Perfect Security

Despite our security measures, we cannot guarantee that unauthorized third parties will never be able to defeat our security measures or use your personal information for improper purposes. You acknowledge that you provide your personal information at your own risk.

14.2 Business Decisions Based on Service

Our Service provides information for educational and developmental purposes only. Any business, financial, or career decisions you make based on our assessments or recommendations are made at your own risk. We disclaim all liability for outcomes resulting from decisions made in reliance on our Service.

14.3 Research Use Disclaimer

By using our Service, you acknowledge and agree that your anonymized data may be used in perpetuity for research, publication, and educational purposes, even after account deletion, unless specifically prohibited by law.

14.4 Jurisdiction-Specific Provisions

Depending on your jurisdiction, additional terms may apply to our processing of your information. Please contact us for any jurisdiction-specific inquiries.

This Privacy Policy was last updated on July 9, 2025, and is effective as of that date.

By using our Service, you acknowledge that you have read and understand this Privacy Policy and agree to be bound by its terms.