Privacy Policy

Effective Date: February 27, 2026 | Last Updated: February 27, 2026

Important: This privacy policy explains how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Data Controller & Contact Information

1.1 Who We Are

This platform is operated by the SPQL Team, a meritocratic organization committed to transparency and member privacy.

1.2 Data Protection Officer

To ensure your privacy and data protection rights, you may contact our Data Protection Officer:

Email: [email protected]
General Contact: [email protected]

1.3 Operational Anonymity

To protect the security and privacy of our leadership, the identity of the Data Controller is managed through privacy-focused registration services. This operational anonymity does not diminish our commitment to your data protection rights.

2. Information We Collect

We collect only the information necessary for the functioning of our meritocratic organizational structure and to provide you with membership services.

2.1 Personal Identification Data

Identity Data: Full name, date of birth, email address, phone number
Legal Basis: Contract (necessary for membership) and Consent
Purpose: Member registration, communication, authentication
Retention: Duration of membership + 90 days after termination

2.2 Psychological Assessment Data

Data Types:
- Likert-scale responses to personality assessment questions
- Calculated scores across 6 psychological dimensions (Leadership, Creativity, Decisiveness, Stability, Analytical ability, Social orientation)
- MBTI personality type assessment results
Legal Basis: Explicit consent (required for organizational placement)
Purpose: Ministry assignment, rank determination, team composition optimization
Retention: Until consent is withdrawn or membership ends + 90 days
Your Rights: You may withdraw consent at any time, though this may affect your participation

2.3 Financial Data

Data Types: Membership dues payment records, payment status, transaction history, grant allocations
Legal Basis: Contract (membership obligations) and Legal compliance (tax/accounting requirements)
Purpose: Financial administration, dues collection, budget allocation, reporting
Retention: 7 years (legal requirement for financial records)

2.4 Activity & Participation Data

Data Types:
- Task assignments and completion records
- Project participation and contributions
- Voting records (votes cast, choices made)
- Time tracking entries
- Contribution scores and analytics
- Rank progression history
Legal Basis: Legitimate interests (organizational governance and merit tracking)
Purpose: Performance evaluation, rank advancement, leaderboard calculation, organizational analytics
Retention: Duration of membership + 90 days after termination

2.5 Network & Relationship Data

Data Types:
- Referral relationships ("Invited By" records)
- Peer endorsements for rank promotions
- Ministry affiliations
Legal Basis: Legitimate interests (network transparency and governance)
Purpose: Referral tree visualization, endorsement system, organizational structure
Retention: Duration of membership + 90 days after termination

2.6 Communication Data

Data Types: Chat messages, comments on tasks/projects, announcements
Legal Basis: Legitimate interests (organizational communication)
Purpose: Team collaboration, project coordination, organizational announcements
Security: Messages are encrypted using Web Crypto API
Retention: Duration of membership + 90 days after termination

2.7 Technical & Security Data

Data Types:
- Anonymized IP addresses (last octet removed: xxx.xxx.xxx.0)
- Login/logout timestamps
- Data access audit logs
- Browser type (hashed)
Legal Basis: Legitimate interests (security, fraud prevention, compliance)
Purpose: Security monitoring, breach detection, accountability, regulatory compliance
Retention: 90 days from creation

2.8 Data We Do NOT Collect

❌ Third-party tracking cookies
❌ Advertising identifiers
❌ Social media tracking pixels
❌ Marketing analytics beyond basic platform usage
❌ Biometric data
❌ Sensitive data about race, ethnicity, political opinions, or health (except as voluntarily provided in psychological assessments)

3. How We Use Your Data

3.1 Primary Purposes

Purpose	Data Used	Legal Basis
Membership Management	Identity, Contact	Contract
Ministry Assignment	Psychological Profile, Skills	Consent
Rank Calculation	Activity, Contributions, Endorsements	Legitimate Interests
Democratic Voting	Voting Records, Weighted Ballots	Legitimate Interests
Financial Administration	Payment Records, Dues Status	Contract, Legal Obligation
Communication	Email, Phone, Chat Messages	Contract, Legitimate Interests
Security & Audit	IP Hash, Access Logs	Legitimate Interests

3.2 Automated Decision Making

We use automated processes for:

Contribution Score Calculation: Your activity is automatically scored based on tasks completed, votes cast, projects led, etc.
Leaderboard Rankings: Members are automatically ranked based on contribution scores
Rank Eligibility: System calculates when you meet points requirements for promotion

Your Rights: You have the right to object to automated decision-making and request human review of any automated decisions affecting you significantly.

4. Data Storage & Security

4.1 Where We Store Your Data

We prioritize data storage in jurisdictions with strong privacy protections:

Primary Location: Iceland (strong data protection laws, outside EU/US jurisdiction)
Hosting Provider: Privacy-focused hosting services
No International Transfers: Data remains within the European Economic Area unless necessary for service provision

4.2 Security Measures

We implement multiple layers of security to protect your data:

End-to-End Encryption: Sensitive data (psychological profiles, chat messages, financial records) encrypted using Web Crypto API (AES-GCM)
Transport Security: All connections encrypted via TLS 1.3
IP Anonymization: IP addresses automatically anonymized (last octet removed)
Access Control: Role-based permissions system (visitor, member, minister, council, admin)
Audit Logging: All data access logged for accountability
Breach Detection: Automated integrity checks every 5 minutes
Content Security Policy: Headers prevent unauthorized scripts and external tracking
Pseudonymization: Public leaderboards use pseudonyms (PSY-xxx) instead of real identities

4.3 Data Persistence

During active membership:

Data stored in encrypted browser localStorage for session management
Backend database with encryption at rest
Regular automated backups (encrypted)

5. Your Rights Under GDPR

Despite our organizational anonymity, we provide comprehensive tools for you to exercise your data protection rights:

5.1 Right of Access (Article 15)

What: Request a copy of all personal data we hold about you
How: Use the "Export My Data" button in Settings → Privacy Dashboard
Format: Complete JSON file with all 8 data categories
Timeline: Instant download

5.2 Right to Rectification (Article 16)

What: Correct inaccurate or incomplete personal data
How: Edit your profile in Settings or contact [email protected]
Timeline: Immediate for profile data, within 30 days for other corrections

5.3 Right to Erasure / "Right to be Forgotten" (Article 17)

What: Request deletion of your personal data
How: Use the "Delete My Account" button in Settings → Privacy Dashboard
Process:
1. Immediate soft deletion (data anonymized: name → [DELETED], email → [DELETED])
2. Hard deletion after 90-day retention period
3. You receive email confirmation
Exceptions: Financial records retained for 7 years (legal requirement)

5.4 Right to Data Portability (Article 20)

What: Receive your data in a structured, machine-readable format
How: "Export My Data" provides GDPR-compliant JSON format
Includes: All data categories with timestamps, original consents, audit trail

5.5 Right to Restrict Processing (Article 18)

What: Limit how we use your data while investigating a dispute
How: Contact [email protected]
Effect: Data retained but not processed until resolved

5.6 Right to Object (Article 21)

What: Object to processing based on legitimate interests
How: Use consent toggles in Settings → Privacy Dashboard or email [email protected]
Examples: Opt out of analytics, leaderboard display, directory listing

5.7 Right to Withdraw Consent (Article 7)

What: Revoke consent for psychological profiling or optional features
How: Toggle consent switches in Settings → Privacy Dashboard
Effect: We stop processing that data category immediately
Note: Withdrawing essential consent may affect your ability to participate fully

5.8 Right to Lodge a Complaint

What: File a complaint with a data protection authority
Your Options:
- Icelandic Data Protection Authority (Persónuvernd): www.personuvernd.is
- Your local EU/EEA data protection authority

6. Data Sharing & Third Parties

6.1 Who We Share Data With

General Policy: We do NOT sell, rent, or trade your personal data to third parties.

We may share data only in these limited circumstances:

Recipient	Data Shared	Purpose	Legal Basis
Hosting Provider	All data (encrypted)	Infrastructure services	Contract, Legitimate Interests
Payment Processor	Name, Email, Payment Info	Dues collection	Contract
Email Service	Email, Name (encrypted)	Transactional emails only	Legitimate Interests
Other Members	Pseudonymized activity, Ministry affiliation	Leaderboards, Directory (with access control)	Legitimate Interests
Legal Authorities	As legally required	Compliance with law	Legal Obligation

6.2 Third Parties We Do NOT Share With

❌ Advertising networks
❌ Marketing companies
❌ Data brokers
❌ Social media platforms
❌ Analytics companies (except basic, self-hosted analytics)

7. Cookies & Tracking Technologies

7.1 What We Use

We use localStorage (browser storage) to maintain your session. We do NOT use traditional tracking cookies.

Storage Type	Purpose	Duration	Can Opt Out?
Essential localStorage	Session management, authentication	Until logout or 30 days	No (required for service)
Consent Preferences	Remember your privacy choices	Permanent (until cleared)	No (required for compliance)
Analytics localStorage (optional)	Basic usage statistics (self-hosted)	90 days	Yes (Settings)

7.2 Third-Party Cookies

We do NOT use:

Google Analytics
Facebook Pixel
Google Fonts (loaded from CDN) - We use self-hosted fonts
Any advertising or tracking scripts

8. Data Retention Policy

8.1 Retention Periods

Data Category	Retention Period	Justification
Profile Data	Active membership + 90 days	Contract fulfillment + dispute period
Psychological Data	Until consent withdrawn + 90 days	Consent-based processing
Financial Records	7 years	Legal requirement (tax/accounting)
Activity Data	Active membership + 90 days	Organizational governance
Audit Logs	90 days from creation	Security monitoring
Chat Messages	Active membership + 90 days	Collaboration needs

8.2 Automated Deletion

Our system automatically:

Runs retention policy checks daily
Anonymizes deleted accounts after 90 days
Permanently deletes anonymized accounts after retention period
Cleans old audit logs
Archives expired financial records (7 years)

9. International Data Transfers

Primary Policy: We minimize international data transfers by hosting in Iceland (EEA).

9.1 EEA Transfers

Data may be transferred within the European Economic Area, which provides equivalent protection to GDPR.

9.2 Non-EEA Transfers

If non-EEA transfers are necessary (e.g., payment processing), we ensure:

Use of Standard Contractual Clauses (EU-approved)
Adequacy decision by EU Commission
Additional safeguards (encryption, access controls)
Your explicit consent where required

10. Data Breach Notification

10.1 Our Commitment

In the unlikely event of a data breach, we will:

Detect: Automated integrity checks every 5 minutes
Assess: Immediate investigation of any anomalies
Report to Authority: Within 72 hours (GDPR requirement)
Notify You: Without undue delay if high risk to your rights
Provide: Details of breach, data affected, mitigation steps

10.2 What We Log

Our breach detection system monitors for:

Unauthorized data access attempts
Failed login patterns (>10 in 1 hour)
Data integrity mismatches
Encryption failures

11. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect data from children.

If we discover we have collected data from a child under 18:

We will delete the data immediately
We will notify the email address associated with the account
We will terminate the account

12. Changes to This Privacy Policy

12.1 Notification

We may update this privacy policy to reflect:

Changes in legal requirements
New features or services
Improved data protection practices

12.2 How You'll Know

Updated "Last Updated" date at the top of this page
Email notification for significant changes
Prominent notice on platform homepage
New consent required for material changes

12.3 Version History

Version 1.0 - February 27, 2026: Initial policy (full GDPR compliance)

13. Contact & Questions

13.1 Data Protection Officer

For privacy concerns, data rights requests, or questions:

Email: [email protected]
Response Time: Within 30 days (GDPR requirement)

13.2 General Inquiries

For general questions about the platform:

Email: [email protected]

13.3 Supervisory Authority

You have the right to lodge a complaint with:

Icelandic Data Protection Authority (Persónuvernd)
Website: www.personuvernd.is
Email: [email protected]

14. Specific Processing Activities

14.1 Leaderboards & Rankings

Data Used: Contribution scores, rank, ministry (pseudonymized)

Access: Members only

Your Rights: You may opt out of public leaderboard display in Settings

14.2 Referral Tree

Data Used: Member ID, "Invited By" relationship

Purpose: Network visualization, organizational transparency

Access: Members only

14.3 Peer Endorsements

Data Used: Endorser ID, endorsee ID, rank recommended, note

Purpose: Rank promotion system

Visibility: Endorsements visible to endorsed member and admins only

15. Legal Framework

This privacy policy complies with:

EU GDPR (General Data Protection Regulation 2016/679)
Icelandic Data Protection Act (Act No. 90/2018)
ePrivacy Directive (Direct