Privacy policy.
What we collect, why we collect it, how long we keep it, and the choices you have.
Last updated · 26 May 2026
The short version
We collect what we need to give you a what-world-way test and a personal portrait — your answers, your result, and (if you sign up or buy unlocked content) an email address. Payments are handled by Stripe; we don’t see your card details. For traffic measurement we use Plausible, a cookieless, privacy-first analytics tool that counts visits in aggregate and never identifies you. We don’t use Google Analytics, we don’t set tracking cookies, and we don’t share your data with advertisers. If you just browse without starting a test, the only trace is an anonymous pageview in those aggregate counts — nothing that says it was you. Your data is encrypted in transit and at rest. You can delete your account at any time and we’ll erase it.
Potentialisation Ltd, registered in England & Wales. See Company details.
What we collect
Test answers and results
Your responses to the What, World, and Way questionnaires, the scores derived from them, and the resulting archetype / world / way assignments. These are the core of the service.
Account information
If you create an account: your email address, a hashed password (we never store the plain text), and the date you joined. Optional: a display name. We don’t require any other personal information.
Guest data
If you take the test without signing up, an anonymous “guest” account is created for you on our servers when you start your first test. Your answers and result are stored against that guest account, identified only by an internal ID — no email, no name, nothing else attached. If you later provide an email to save your results, the same account becomes a full account with your email on it. If you sign in instead to an existing account from a previous visit, the guest account’s data is merged into your existing account and the guest record is removed.
If you visit our site without starting a test, no account is created. The only trace is an anonymous, aggregate pageview in Plausible (see “Technical data” below), which does not identify you.
Payment information
If you buy paid content, payment is processed by Stripe, which handles your card details directly under its own privacy policy. We receive only a confirmation that the payment succeeded, the amount, and a Stripe transaction reference — we don’t see your full card number, CVC, or billing address. We store the transaction reference, the date, the amount, and what was unlocked against your account, for accounting and customer-service purposes.
Technical data
Standard server logs (IP address, user-agent, request path and timestamp) are kept for security and debugging, retained for 30 days, and not used for any analytics or marketing purpose.
For aggregate traffic measurement we use Plausible Analytics, a cookieless, privacy-first service. It sets no cookies, stores no personal data, and counts pageviews only in aggregate. The script is served from our own domain through a first-party proxy and its events are sent to our own domain, so no third-party tracking domain loads in your browser. We do not send Plausible any URL that could identify you — share links (/share/…), your account area, and admin pages are excluded; everything else, including your result and the portrait pages, is counted only in aggregate. We do not use Google Analytics, and we do not share data about your visit with advertisers or anyone else.
Usage events on your own account
Once you start a test, we record a small number of usage events — test starts and completions, combo page views, feedback clicks, share clicks — tied to your user account (whether you’re a guest or a registered user). We use these solely to understand how the product is being used so we can improve it. These events are stored on our own servers, retained for 90 days as individual rows, and then rolled into anonymous daily aggregates that we keep indefinitely. They are not shared with anyone outside Potentialisation Ltd. Our legal basis is legitimate interest in improving the service; the assessment is documented in our internal Legitimate Interest Assessment.
Anonymous channel attribution
Links to our site that we publish on social media, in newsletters, or in shared documents may include a short tag in the URL — for example ?src=fb-launch. When you land on a page carrying such a tag, our server increments an anonymous counter so we can see how many people each channel sent us. The counter does not identify you, store anything in your browser, or link to any other data. We are simply counting the link clicks.
How we use your data
- To compute and display your what-world-way result.
- To save your account and let you return to your portrait.
- To send service emails (sign-in, password reset).
- To process payments for unlocked content (via Stripe) and to keep a record of what you’ve bought.
- To improve the test — anonymised, aggregated patterns across many users help us refine wording and validation.
- To understand how people are using the product — which combinations land well, where people drop off, how long people spend reading their portrait — so we can improve it. We don’t use this data for marketing or to make decisions that affect you individually.
- To meet legal obligations (e.g. responding to lawful requests from authorities).
Research use of anonymised responses
We may use anonymised responses to improve the science behind what-world-way — refining wording and validation across many people. Once responses are anonymised they can no longer be identified as yours. This never changes the result you see.
For our quick tests (the Glimpse level) we rely on legitimate interests for this, disclosed here, and you can opt out at any time on the Data & research page. For our deeper tests we ask for your explicit, optional consent before you start, which you can withdraw the same way. Opting out means your responses are used only to compute and show you your own result.
What we don’t do
- We don’t sell your data to third parties.
- We don’t share your individual results with employers, insurers, or marketers.
- We don’t use your answers to train external AI models.
Legal basis (UK GDPR / EU GDPR)
We process your data on these bases:
- Performance of a contract — to deliver the test you asked for.
- Legitimate interests — for security, fraud-prevention, server-side usage analytics, and aggregated product improvement, balanced against your rights and freedoms. Our Legitimate Interest Assessment for usage analytics is documented internally and available on request.
- Legal obligation — to keep accounting records for the period required by UK tax law.
Retention
| Data type | Retention |
|---|---|
| Account information | Until account deletion (you can delete at any time) |
| Test answers and results | Until account deletion |
| Server logs | 30 days |
| Usage events (individual) | 90 days |
| Usage events (anonymous aggregates) | Indefinitely |
| Anonymous source-hit counters | Indefinitely (already aggregate, never tied to a person) |
| Payment records (transaction reference, amount, date, what was unlocked) | 7 years (UK accounting / HMRC requirement) |
Inactive accounts (no sign-in for 24 months) are flagged for deletion and erased after a 30-day grace period.
Your rights
You have the right to:
- Access — request a copy of the personal data we hold about you, including your test answers and results, any saved profile information, and a list of usage events tied to your account from the last 90 days. Email privacy@potentialisation.com from the address attached to your account.
- Correct it if it’s inaccurate.
- Erasure — delete your account at any time from your account settings, or email us. All personal data, test results, and usage events are removed within 30 days. Anonymous aggregates that contained your data before deletion remain in our statistics, but they no longer link to anything identifying you.
- Receive a portable copy.
- Object to processing based on legitimate interests.
- Lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local supervisory authority.
To exercise any of these, email privacy@potentialisation.com. We’ll respond within 30 days.
Cookies
We use only strictly necessary cookies (sign-in session, guest identity, security tokens). We do not set analytics cookies, marketing cookies, or any other non-essential cookie. Because we don’t use non-essential cookies, we don’t need a cookie banner. See our cookie notice for the full list.
How we keep your data safe
Your data is encrypted both in transit and at rest. Connections to our site use HTTPS/TLS, so your answers travel encrypted between your browser and our servers. The database that holds your answers and results sits on an encrypted volume (AES-256), and our backups are encrypted too — so even at the level of physical storage, your data is unreadable without keys we hold separately. Account passwords are hashed, never stored in readable form. Our servers are hosted in the EU (Germany) on ISO 27001-certified infrastructure, with access limited to the people who run the service.
International transfers
Our infrastructure is hosted in the EU/UK. We do not transfer personal data outside the UK or EEA for analytics or marketing purposes.
Children and under-18s
what-world-way is intended for adults and is not intended for anyone under 18. We do not knowingly collect personal data from people under 18. If you believe someone under 18 has signed up, contact privacy@potentialisation.com and we’ll delete the account.
Changes to this policy
We may update this policy from time to time. The “last updated” date at the top of this page reflects the most recent change. For material changes affecting how we process your data, we’ll notify account holders by email.