N

Privacy Policy

Your Data Matters to Us

We transparently share how we collect, process, and protect your data.

1. Collected Data

Game Data

Decision choices (cooperation / competition)
Decision times (in milliseconds)
Session duration and completion status

Account Data

Email address (corporate)
First name, last name, and position
Company name and size

Data Not Collected

IP address is not matched with game data
Location data is not collected
Device fingerprinting is not performed
Third-party cookies are not used

2. Data Processing

Pseudonymization

All game data is pseudonymized with HMAC-SHA256
Real identities cannot be matched with game decisions
HR teams only see team aggregations

Minimum n=5 Rule

No metrics are generated for groups with fewer than 5 participants
This rule prevents individual inference
No exceptions — technically enforced

3. Data Retention Periods

Retention Policy

Raw game data: Contract duration + 90 days
Aggregate reports: Contract duration + 1 year
Account data: Until account is deleted
All data is automatically deleted when the contract ends

4. Your Rights

Under KVKK & GDPR

Right of access: You can request a copy of your data
Right to rectification: You can request correction of inaccurate data
Right to erasure: You can request deletion of all your data
Right to portability: You can receive your data in a structured format
Right to object: You can object to data processing

Request Process

Send an email to privacy@normsignal.com
Requests are processed within 30 days
Identity verification may be required

5. Security Measures

Technical Measures

End-to-end encryption (TLS 1.3)
Database-level encryption (AES-256)
Regular security audits
Access logs and audit trail

Organizational Measures

Principle of least privilege
Employee privacy training
Data breach response plan
Annual security assessment

6. Cookie Policy

Cookies Used

Essential cookies: Session management and security
Analytics cookies: Anonymous usage statistics (with consent)
Third-party cookies are not used
Advertising cookies are not used

Last updated: February 2026 | For questions: privacy@normsignal.com