Kanosis
get in touch

Assessment Notice

Kanosis Assessment & Diagnostic Privacy Notice

Effective: October 10, 2025
Entity: Kanosis LLC (“Kanosis,” “we,” “us”)


By starting, you acknowledge this Assessment & Diagnostic Privacy Notice. We collect role-related details and your responses to generate reports. For employer-sponsored diagnostics, your employer is the data controller and Kanosis processes your data to deliver team-level insights to your organization. For individual assessments you purchase yourself, Kanosis is the data controller and delivers your results to the email you provide. We retain raw responses for about 180 days; de-identified benchmarks may be kept longer for statistics and product improvement. Do not include names or confidential details in free-text. Questions: [email protected].

1) Scope & who is responsible (“controller”)

  • Employer-sponsored/team diagnostics (default):Your employer or commissioning organization is the data controller. Kanosis is a processor/service provider under the applicable contract and Data Processing Addendum (DPA), processing data only on your organization’s instructions.
  • Direct-to-individual assessments:If you take an assessment individually (not through an employer), Kanosis is the data controller and provides results to the email you supply.
  • Website separate:Website visits are covered by the Kanosis Website Privacy Policy.

Plain English: The controller decides why/how your data is used. The processor acts on the controller’s instructions.

2) What we collect & sources

  • Organizational context:organization name, functional area/department, tenure, leadership experience, number of direct and indirect reports, and regulatory environment.
  • Assessment responses:selections, ratings, timing/sequence necessary to score, and free-text comments (where offered).
  • Contact for delivery:business email (for returning individual reports or verifying eligibility/role).
  • Technical basics:IP address, date/time, and device/browser details for secure delivery and to prevent duplicate or fraudulent submissions.
  • From your employer (when applicable):roster data such as name, business email, and role to issue invitations, validate eligibility, and map responses to the correct team structure. (Reports do not display names unless requested by the employer or supplied in free text.)

Free-text caution: Do not include names, confidential business details, HR complaints, or medical information. We may redact such content before analysis.

3) How we use information

  • Scoring & reporting:to calculate scores and create individual reports (when applicable) and team/organization roll-ups and trends.
  • Text analysis:to extract keywords and summaries from free-text responses.
  • Quality & improvement:to operate, secure, and improve the assessment; to build de-identified/aggregated benchmarks and statistical models.
  • Client communications:to deliver team reports to the employer/authorized representative and individual results to participants (for individual assessments).
  • Compliance & security:to prevent abuse, ensure data integrity, and comply with law.
  • Product improvement:We may use de-identified and aggregated assessment data to improve Kanosis scoring logic and internal models; we do not use identifiable participant responses to train public or third-party foundation models.

Automated + human: We use a mix of automated tools (including AI summarization/mapping) and human review. We do not make solely automated decisions that produce legal or similarly significant effects.

4) AI tools and service providers

We may use Kanosis AI tools and vetted partner AI processors for summarization, keyword extraction, and draft insights. We contractually prohibit providers from using your assessment content to train their foundation models.
Service providers may include a form platform (e.g., Jotform when used), email/IT (Microsoft 365) for report delivery, hosting/backup, and security (CDN/WAF). We do not sell personal information and do not “share” it for cross-context behavioral advertising.

5) How results are shared

  • Individual assessments:Your individual report is delivered to the business email you provide.
  • Team/organization diagnostics:We deliver team-level and organization-level reports to the employer/authorized representative. To reduce re-identification risk, we suppress or aggregate small groups (typically fewer than 5 respondents).
  • De-identified benchmarks:We may use and retain de-identified/aggregated data to build normative benchmarks and improve the product. We will not attempt to re-identify such data.

6) Lawful basis / participation model

  • S. B2B default:Participation is based on your employer’s legitimate business purpose and your acknowledgment of this Notice.
  • Consent where required:If applicable law or client policy requires consent, we will present a checkbox and proceed only if you agree.
  • Anonymous participation:Not offered for these assessments because role context is needed for valid scoring.
    Where required by law or client policy, we will collect consent before processing.

Intro text you can show:

“By starting the assessment, you acknowledge this Notice and, where required, you consent to the processing described.”

7) Retention

  • Raw responses:retained for ~180 days from collection, then deleted or de-identified.
  • Client reports:retained for ~180 days from delivery (earlier deletion on client request or longer retention if specified by contract).
  • Benchmarks (de-identified/aggregated):retained indefinitely for statistics and product improvement.
  • Longer programs:For quarterly, bi-annual, or annual diagnostics, retention is set case by case in the client contract to enable trend comparisons.

8) Security

We implement appropriate technical and organizational measures (e.g., TLS encryption in transit, access controls, monitoring, backups). No method of transmission or storage is perfectly secure.

9) Location of processing

Data is hosted and processed primarily in the United States. If data is transferred to other regions (e.g., via a service provider), we use appropriate safeguards and contractual terms.

10) Your choices & rights

  • Employer-sponsored assessments:Please contact your employer first (controller). We support their instructions.
  • Individual assessments (Kanosis as controller):Contact [email protected] to access, correct, delete, or obtain a copy of your information. We will verify your identity (for example, via the email used for the assessment) and respond within applicable timelines. If we decline your request, you may appeal by replying “Appeal” to our decision email; we will review and respond as required by law.
  • Multiple submissions:We may limit duplicates to preserve data quality.

11) Children

Assessments are intended for workplace participants and are not directed to children under 13.

12) Changes to this Notice

We may update this Notice to reflect operational or legal changes. If we make material changes, we will update the Effective date and, where appropriate, provide additional notice within the assessment flow.

13) Contact

  • Employer-sponsored assessments:contact your employer/administrator (controller).
  • Individual assessments:[email protected]

 

Youtube Linkedin

Our approach delivers top-tier consulting outcomes to budget-conscious startups, and complex Fortune 100 enterprises.

Facebook X-twitter Youtube Linkedin

Menu

Services

Contact Info

  • 3572 Vesta Drive Chicago, IL 60605
  • [email protected]
  • 054-780-5498
  • Mon – Sat 10 am - 6 pm
  • Sunday Closed

Copyright © 2025 - Kanosis - All Rights Reserved.