Privacy Policy for PRISMA PERSONALITY INSIGHTS

Effective Date: March 18, 2026

1. Introduction

Welcome to PRISMA PERSONALITY INSIGHTS. This Privacy Policy explains how your personal information is collected, used, and protected when you use the PRISMA PERSONALITY INSIGHTS mobile application (”the App”). The App is developed and maintained by Andréas Lukacs Sjöblom (”I”, ”me”, ”my”, or ”the Data Controller”), operating out of Sweden.

PRISMA PERSONALITY INSIGHTS is designed for education, reflection, and personal development through research-based assessments (Big Five and ECR-RS). PRISMA PERSONALITY INSIGHTS is not a medical, clinical diagnostic, or treatment service.

By using PRISMA PERSONALITY INSIGHTS, you agree to the collection and use of information in accordance with this policy. This Privacy Policy is compliant with the General Data Protection Regulation (GDPR).

2. Information Collection and Use

To provide PRISMA PERSONALITY INSIGHTS’s functionality, I collect and process different categories of data depending on how you use the App.

  • Use Without an Account: You may complete assessments and receive results in PRISMA PERSONALITY INSIGHTS without creating an account or signing in. In that case, your assessment responses and generated results are stored locally on your device only, unless and until you choose to create or connect an account.
  • Account Data: If you choose to create an account or sign in, PRISMA PERSONALITY INSIGHTS processes account-related information such as your email address and authentication identifiers. Account access is provided through Google Firebase Authentication, including email/password sign-in and Google Sign-In. Firebase Authentication supports common authentication methods including email/password and federated sign-in providers.
  • Assessment and Profile Data: PRISMA PERSONALITY INSIGHTS processes your responses to the personality and relationship assessments used in the App, including IPIP-NEO-120 and ECR-RS, in order to generate profile summaries, visual results, and comparison features.
  • Profile Sharing and Comparison Data: If you choose to use profile-sharing or comparison features, PRISMA PERSONALITY INSIGHTS processes the profile data necessary to generate, display, scan, and compare user-specific QR codes. These features are optional and are only available when relevant account functionality is enabled.
  • Device Camera Access: PRISMA PERSONALITY INSIGHTS requests access to your device’s camera only for scanning PRISMA PERSONALITY INSIGHTS QR codes for profile comparison. The QR scanning process is performed locally on the device, and PRISMA PERSONALITY INSIGHTS does not intentionally record, store, or transmit image or video footage from your camera for any other purpose.
  • Technical and Security-Related Data: Limited technical and account-related metadata may be processed where necessary to authenticate users, maintain account security, prevent misuse, and ensure the App functions correctly and securely.
  • No Advertising Data Collection: PRISMA PERSONALITY INSIGHTS does not use third-party advertising SDKs or advertising networks.

3. How Data is Stored and Processed

I take reasonable technical and organizational measures to protect your personal data and to limit processing to what is necessary for the App’s functionality.

  • Local and Cloud Storage: If you use PRISMA PERSONALITY INSIGHTS without creating an account, your assessment responses and results are stored locally on your device only. If you create an account, certain account-related and profile-related data may also be stored in cloud services linked to your account in order to enable account access, synchronization, and profile-sharing features.
  • Third-Party Service Providers: I use Google Firebase services to provide authentication and secure cloud-based data storage. These services may process personal data on my behalf in accordance with Google’s applicable contractual and data protection terms.
  • Data Processing Locations: PRISMA PERSONALITY INSIGHTS uses Firebase services that may process data in different locations depending on the specific service used. Some data storage services used by PRISMA PERSONALITY INSIGHTS may be configured in the European Union, but not all Firebase services offer EU-only processing. For example, according to Firebase’s documentation, Firebase Authentication is operated only from data centers in the United States. Because of this, some personal data related to account authentication may be processed outside the EU/EEA.
  • International Data Transfers: Where personal data is processed outside the EU/EEA, I rely on the safeguards provided by Google under its applicable data processing terms, including contractual protections intended to support lawful international transfers where required.
  • No Unnecessary Tracking: PRISMA PERSONALITY INSIGHTS does not use third-party advertising SDKs. It also does not use third-party analytics or crash-reporting tools unless explicitly stated elsewhere in this Privacy Policy.

4. Legal Basis for Processing (GDPR)

Under the GDPR, I rely on one or more of the following legal bases depending on the specific type of processing involved.

  • Performance of a Contract: Where you create an account or use account-based features, I process your account data and related profile data as necessary to provide the services you request, such as authentication, account access, cloud synchronization, and profile-sharing/comparison features.
  • Consent: Where processing is based on your choice to submit assessment responses, connect an account, use optional sharing features, or grant device permissions such as camera access, I rely on your consent where required under applicable law. If processing is based on consent, you may withdraw that consent at any time, although this will not affect the lawfulness of processing carried out before withdrawal.
  • Legitimate Interests: I may process limited personal data where necessary for legitimate interests such as maintaining the security of the App, preventing abuse, enforcing the Terms, protecting the integrity of user accounts and profile-sharing features, and ensuring the App operates reliably.
  • Legal Obligations: In limited cases, I may process or retain personal data where necessary to comply with applicable legal obligations under Swedish or EU law.
  • Purpose Limitation: I will process personal data only for the purposes described in this Privacy Policy, unless a further compatible purpose or another lawful basis applies under applicable data protection law.

5. Data Retention and Deletion

I keep personal data only for as long as it is reasonably necessary for the purposes described in this Privacy Policy, including providing the App’s functionality, maintaining account access, supporting profile-sharing features, protecting account security, and complying with applicable legal obligations.

  • Data Stored Locally on Your Device: If you use PRISMA PERSONALITY INSIGHTS without creating an account, your assessment responses and results are stored locally on your device only. This locally stored data is not automatically deleted by me because I do not control your device storage. You may remove such data by uninstalling the App or by using the in-app deletion function.
  • Account and Cloud-Stored Data: If you create an account, account-related data and profile-related data linked to your account may be stored in Firebase-based services and retained for as long as your account remains active, unless a shorter retention period applies. You may remove such data by using the in-app deletion function.
  • Account Deletion by You: You may request deletion of your account and associated cloud-stored personal data at any time:
    1. In-App Deletion: You may delete your account directly within the PRISMA PERSONALITY INSIGHTS app through the account option on the start screen.
    2. Web Request: If you no longer have access to the App, you may request deletion through the PRISMA PERSONALITY INSIGHTS website using the account/data deletion request form: HERE.
  • Effect of Deletion: When your deletion request is processed, I will delete or permanently anonymize the personal data associated with your PRISMA PERSONALITY INSIGHTS account that I control, unless retention is required or permitted for legitimate reasons such as legal compliance, security, fraud prevention, abuse prevention, or the establishment, exercise, or defence of legal claims. Where retention is necessary for such reasons, the data will be retained only to the extent and for the period reasonably necessary for that purpose.
  • Deletion Timing: I aim to process account deletion requests without undue delay and, in normal circumstances, within a reasonable period after the request is received. Some data may remain temporarily in secure backups, logs, or technical systems for a limited period before final deletion or overwrite, where this is necessary for system integrity, security, or disaster recovery. Retained backup data will not be used for any other purpose except where necessary for those limited functions.
  • Inactive Accounts: I may delete or anonymize dormant accounts and associated data after an extended period of inactivity, where permitted by applicable law and where this is consistent with the purposes for which the data was collected. If I adopt a specific inactive-account retention period, it will be described in this Privacy Policy or otherwise communicated to affected users before implementation.
  • Requests and Verification: Where necessary, I may ask for reasonable verification of identity before processing a deletion or other data-rights request, in order to protect user data from unauthorized access or deletion.

6. Your Data Protection Rights

If you are located in the EU/EEA, you have certain rights under applicable data protection law, including the GDPR. Subject to applicable legal conditions and limitations, your rights may include:

  • The right to access: You can request copies of your personal data.
  • The right to rectification: You can request correction of any information you believe is inaccurate.
  • The right to erasure: You can request that your personal data be erased (as described in Section 5).
  • The right to restrict processing: You can request that the processing of your data be restricted under certain conditions.
  • The right to data portability: You can export your personal data and assessment results directly from the settings menu within the App. You can request to receive your personal data in a structured, commonly used format.

To exercise any of these rights, please contact me at the email address provided below.

7. Age Limitation

PRISMA PERSONALITY INSIGHTS is intended for adults. You must be at least 18 years old to use this App. I do not knowingly collect personally identifiable information from anyone under the age of 18. If I discover that a minor under 18 has provided me with personal data, I will take reasonable steps to delete that data.

8. Changes to This Privacy Policy

I may update this Privacy Policy from time to time. I will notify you of any changes by posting the new Privacy Policy on this page and updating the ”Effective Date” at the top. You are advised to review this Privacy Policy periodically for any changes.

9. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact me, the Data Controller:

Email found here