Legal
Privacy Policy
Last updated: 14 March 2026
1 — Who We Are
This privacy policy applies to Misogi Works, operated by Borut Jeglič s.p. ("we", "us", "our"). Our website is misogi.works.
We provide coaching programmes and a self-assessment diagnostic tool (the "Plateau Diagnostic"). This policy explains what personal data we collect when you use the diagnostic, why we collect it, and what we do with it.
2 — What We Collect and Why
| Data | When collected | Purpose | Legal basis |
|---|---|---|---|
| First name, last name | When you submit the gate form after completing the free assessment | Personalising your results email and report | Consent (submitting the form) |
| Email address | Gate form (free) or Stripe checkout (paid) | Delivering your results / report, and sending relevant follow-up content | Consent (free); Contract performance (paid) |
| Assessment answers & scores | During the 42-question assessment | Calculating your pattern and generating your report; stored temporarily in your browser's session storage only — never sent to our servers | Consent |
| Pattern name | After scores are calculated | Personalising your report and email; tagging you in our email list so we can send relevant content | Consent |
| Payment data (card number, billing address) | Paid report checkout | Processing your purchase | Contract performance — handled entirely by Stripe; we never see or store your card details |
We do not collect any special-category data (health, religion, ethnicity, etc.). Assessment questions relate to psychological patterns in a professional context only.
3 — How We Use Your Data
- Deliver your results. We email your free summary or paid PDF report to the address you provide.
- Follow-up content. We may send you occasional emails related to coaching, programmes, or insights that are relevant to your pattern. Every email includes a one-click unsubscribe link.
- Service improvement. Aggregated, anonymised pattern data (e.g. "40% of completers score low on Presence") helps us improve the diagnostic and our programmes. No individual is identifiable in this analysis.
We do not sell your data. We do not use it for advertising on third-party platforms. We do not share it with anyone except the processors listed below.
4 — Third-Party Processors
We share your data only with the following processors, solely to provide our service:
| Processor | Purpose | Data shared | Location |
|---|---|---|---|
| Resend (resend.com) | Transactional email delivery | Name, email, pattern name, PDF report | USA (SCCs in place) |
| MailerLite (mailerlite.com) | Email list management & follow-up content | Name, email, pattern name, paid/free status | EU / USA (SCCs in place) |
| Stripe (stripe.com) | Payment processing | Name, email; payment data processed directly by Stripe | USA (SCCs in place) |
| Netlify (netlify.com) | Website hosting & serverless functions | Transient — request data passes through their infrastructure but is not stored by them | USA (SCCs in place) |
SCCs = Standard Contractual Clauses approved by the European Commission for data transfers outside the EEA.
5 — How Long We Keep Your Data
- Assessment answers and scores — stored only in your browser's session storage and deleted when you close the tab. We never store them on our servers.
- Email list records (name, email, pattern) — kept in MailerLite until you unsubscribe or ask us to delete them.
- Payment records — kept by Stripe for up to 7 years as required by financial regulations. We retain only your name and email as a record of the transaction, also for 7 years.
- Email delivery logs — kept by Resend for up to 30 days, then deleted automatically.
6 — Your Rights
Under GDPR (and equivalent legislation), you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your data ("right to be forgotten") — except where we are required by law to keep it
- Object to processing for direct marketing (in practice: unsubscribe from our emails)
- Data portability — receive your data in a machine-readable format
- Withdraw consent at any time — this does not affect the lawfulness of processing before withdrawal
To exercise any of these rights, email us at the address below. We will respond within 30 days.
You also have the right to lodge a complaint with your national supervisory authority. In Slovenia: Informacijski pooblaščenec — ip-rs.si.
7 — Cookies and Tracking
We do not use tracking cookies, advertising pixels, or analytics services on the Diagnostic page. The website uses Google Fonts, which involves a request to Google's servers; Google may log your IP address as part of that request.
We do not use Google Analytics, Meta Pixel, or any behavioural tracking tool.
8 — Security
All data is transmitted over HTTPS. API keys and secrets are stored as encrypted environment variables and never exposed in client-side code. Stripe handles all payment data directly — we never receive or store card numbers. Assessment scores are processed client-side in your browser and are not sent to our servers.
9 — Changes to This Policy
We may update this policy from time to time. If we make material changes, we will update the date at the top of this page. Continued use of the diagnostic after changes constitutes acceptance of the updated policy.
10 — Contact
For any questions about this policy or to exercise your rights:
Borut Jeglič s.p. — Misogi Works
Email: borut@misogi.works
Website: misogi.works