Privacy policy

Privacy

Last updated: June 2026

enneagramtype.me ("the Service") is a free Enneagram assessment. This policy describes what data the Service handles, in plain language. The short version: your test answers are private by default, identifiable answer data is never used for research, and anything you share or donate is opt-in and revocable.

What we collect, and when

1. Test data (always, to operate the Service). Taking the assessment necessarily stores your answers and computed results. Anonymous sessions are keyed only by a random secret held in your browser — we have no idea who an anonymous session belongs to. If you create an account and save results to it, those results are linked to your account so you can view them later.

2. Account data (only if you register). Your email address and, for Google sign-in, the basic profile information Google provides (name and email). Authentication is handled by Supabase; we never see or store your password in readable form.

3. Operational statistics (always, no consent required). We log basic aggregate usage of the Service: counts of sessions started and completed, registrations, completion rates, and distribution of results. These statistics are derived from the operational records above, are used solely to run and improve the Service, and are only ever examined in aggregate. We do not log IP addresses in our database, we use no advertising or analytics trackers, and we set no tracking cookies.

4. Research donations (only with your explicit consent). Detailed response data is used for research only if you check the donation box on your results page. A donation is an anonymous snapshot containing: your answer values, your computed scores, and the question-set version. It contains no name, no email, no account identifier, no IP address — nothing identifying. Detailed responses are never collected for research with identification, full stop. You can revoke a donation at any time from your results page; revocation permanently deletes the snapshot.

What we never do

• We never sell, rent, or share your data with third parties.
• We never display advertising or embed ad-tech.
• We never make your individual answers visible to anyone but you — including through shared result links, which show summary information only.
• We never link research donations to identities.

Sharing your result

Result share links exist only if you create one. A share link displays your type, wing, tritype, and summary charts — never your individual answers. Links use long random identifiers that cannot be guessed, and you can revoke a link at any time, after which it stops working immediately.

Browser storage

The Service uses your browser's local storage to hold the keys to your own anonymous sessions (so you can resume a test and revisit results on the same device) and your sign-in session if you register. These are functional necessities, not tracking; nothing in local storage identifies you to us.

Where data lives

Data is stored in a Supabase (PostgreSQL) database and served through Cloudflare. Database access from browsers is fully disabled — all reads and writes pass through our server-side code, which enforces the ownership and consent rules described here.

Your rights and controls

• Access: your account page lists every saved result.
• Revoke sharing: any share link can be revoked from the results page.
• Revoke donation: any research donation can be revoked and is then permanently deleted.
• Delete everything: the account page includes self-service deletion that permanently removes your account, sessions, responses, results, share links, and any research donations tied to your sessions. Deletion is immediate and irreversible.

Children

The Service is not directed at children under 13, and we do not knowingly collect data from them.

Changes

If this policy changes materially, the "last updated" date above will change and significant changes will be noted on this page.

Contact

Questions about this policy can be sent to privacy@enneagramtype.me.