Privacy Policy

1 Introduction

GoodWell, Inc. ("GoodWell," "we," "us," or "our") operates an employee engagement survey platform that enables organizations ("Employers" or "Customers") to collect candid feedback from their workforce. We are committed to protecting the privacy and confidentiality of every individual ("Employee," "Survey Respondent," or "you") who interacts with our platform.

This Privacy Policy explains:

• What personal information we collect and why
• How survey responses are kept anonymous from Employers
• How we share, protect, and retain data
• Your rights regarding your personal information
• How to contact us with privacy questions or requests

By participating in a GoodWell survey or using our platform, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our services.

2 Scope of This Policy

This Privacy Policy applies to:

• Employees and survey respondents who receive and complete GoodWell surveys via email or SMS
• Employer administrators and users who access the GoodWell dashboard and reporting tools
• Visitors to our website and marketing properties

This policy does not govern the internal privacy practices of Employers who use GoodWell's platform. We encourage employees to also review their Employer's own privacy and HR policies.

3 Information We Collect

3.1 Information Provided by Employers

Employers provide us with the contact information necessary to distribute surveys to their workforce. This typically includes:

• Employee email addresses
• Employee mobile phone numbers (for SMS delivery)
• Employee identifiers such as department, team, or location (used solely for aggregate reporting)

GoodWell acts as a data processor for this information on behalf of the Employer. Employers are responsible for ensuring they have lawful authority to share this data with us and to conduct employee surveys.

3.2 Survey Response Data

When an employee completes a survey, we collect:

• Their responses to the two survey questions
• The date and time the survey was completed
• Basic technical metadata (e.g., device type, browser type) for quality and fraud prevention purposes

Important Survey responses are collected in a manner designed to prevent Employers from identifying individual respondents. See Section 4 (Anonymity Commitment) for full details.

3.3 Employer Administrator Data

For Employer users who access the GoodWell dashboard, we collect:

• Name, work email address, and job title
• Login credentials (passwords are stored using industry-standard one-way hashing)
• Usage logs and access records for security and audit purposes

3.4 Automatically Collected Technical Data

When you interact with our platform, we may automatically collect:

• IP address (truncated or pseudonymized where technically feasible)
• Browser type and version
• Operating system
• Pages visited and features accessed
• Referring URLs

This data is used for security monitoring, platform performance, and abuse prevention. It is not used to re-identify anonymous survey respondents.

4 Our Anonymity Commitment

The integrity of GoodWell's platform depends on employees trusting that their survey responses are genuinely anonymous. We take the following technical and organizational measures to uphold this commitment:

4.1 Technical Anonymization

• Survey responses are stored separately from employee contact information. The linkage between a respondent's identity and their answers is severed immediately upon response submission.
• Each survey invitation is assigned a one-time token. Once used, the token is invalidated and no mapping between the token and any response is retained.
• IP addresses and device fingerprints collected during survey completion are not associated with response records and are stored in a separate, access-controlled log that is purged on a rolling basis.
• Our engineering and database architecture enforces logical separation between identity data (held on behalf of Employers) and response data, with distinct access controls for each.

4.2 Minimum Group Thresholds

Aggregate results are only made available to Employers when a sufficient number of responses have been collected within any reporting group (e.g., department or team). We apply a minimum threshold of five (5) responses before any group-level data is surfaced in Employer dashboards. This threshold is designed to prevent statistical re-identification of individuals in small teams.

4.3 What We Do Not Do

• We do not sell, license, or otherwise provide response-level data to Employers or any third party in a form that could identify individual respondents.
• We do not use response data to create individual employee profiles shared with Employers.
• We do not process or analyze survey content in ways designed to attribute responses to named individuals.

4.4 Important Limitations

While GoodWell takes robust measures to protect anonymity, no system is perfectly immune. Employees should be aware that in very small teams where few people share a particular characteristic, highly specific responses may nonetheless allow an attentive reader to make informed guesses about authorship. Employees are encouraged to consider this when crafting open-ended responses if permitted.

5 How We Use Personal Information

5.1 Service Delivery

• Distributing survey invitations via email and SMS on behalf of Employers
• Collecting and securely storing survey responses
• Generating anonymized, aggregate reports for Employer dashboards
• Providing technical support to Employer administrators

5.2 Platform Security and Integrity

• Detecting and preventing fraudulent or duplicate survey submissions
• Monitoring for unauthorized access to our platform
• Investigating security incidents

5.3 Product Improvement

• Analyzing aggregate, non-identifiable usage patterns to improve platform functionality
• Conducting internal research on survey completion rates and user experience

5.4 Legal and Compliance

• Complying with applicable laws and regulations
• Responding to lawful requests from regulatory or law enforcement authorities
• Enforcing our Terms of Service

We do not use personal information for targeted advertising, behavioral profiling for third-party marketing, or any purpose incompatible with those stated above.

6 Legal Basis for Processing

For individuals in the European Economic Area (EEA), the United Kingdom, or other jurisdictions requiring a lawful basis for data processing, we rely on the following bases:

• Contractual necessity: Processing employee contact data to deliver survey services pursuant to our agreements with Employers.
• Legitimate interests: Security monitoring, fraud prevention, and platform improvement, where our interests do not override individual rights.
• Legal obligation: Where required to comply with applicable laws.
• Consent: Where we specifically request your consent (e.g., for optional communications), you may withdraw it at any time.

7 How We Share Personal Information

GoodWell does not sell personal information. We share data only as described below:

7.1 Employers (Our Customers)

Employers receive only anonymized, aggregate survey results. They do not receive individual-level response data, response timestamps linked to individuals, or any other information that would allow them to identify specific respondents.

Employers do receive confirmation of survey delivery and completion rates (e.g., "42 of 100 employees completed the survey"), but this information is not presented in a way that reveals which individuals responded.

7.2 Service Providers and Sub-Processors

We engage trusted third-party service providers to help operate our platform, including:

• Cloud infrastructure providers (for secure data hosting)
• Email and SMS delivery services (for survey distribution)
• Analytics and monitoring tools (for platform performance)
• Customer support software

All sub-processors are bound by data processing agreements requiring them to process data only on our instructions, maintain appropriate security, and not use data for their own purposes. A current list of our sub-processors is available upon request.

7.3 Legal Disclosures

We may disclose personal information if required by law, court order, or regulatory process, or where we reasonably believe disclosure is necessary to protect our rights, your safety, or the safety of others. Where permitted, we will notify affected parties before making such a disclosure.

7.4 Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of our assets, personal information may be transferred to the successor entity. We will provide notice of any such transfer and require the successor to honor this Privacy Policy.

8 Data Retention

We retain personal information only as long as necessary for the purposes described in this policy:

• Employee contact information (email addresses, phone numbers): Retained for the duration of the Employer's active contract with GoodWell, then deleted within 30 days of contract termination unless required by law.
• Anonymized aggregate survey results: May be retained indefinitely as they contain no personal information.
• Technical logs (IP addresses, device data): Retained for up to 90 days for security purposes, then purged.
• Employer administrator data: Retained for the duration of the Employer relationship, plus up to 7 years for legal and accounting compliance.

Employers may request earlier deletion of their employees' contact data by contacting their GoodWell account representative.

9 Data Security

We implement appropriate technical and organizational measures to protect personal information against unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption of data in transit using TLS 1.2 or higher
• Encryption of sensitive data at rest using AES-256
• Role-based access controls with principle of least privilege
• Multi-factor authentication for all internal systems
• Regular vulnerability assessments and penetration testing
• Employee security training and background checks for personnel with data access
• Incident response procedures and breach notification protocols

No method of transmission or storage is 100% secure. While we work diligently to protect your data, we cannot guarantee absolute security. In the event of a data breach affecting your rights or freedoms, we will notify affected parties and relevant regulators as required by law.

10 International Data Transfers

GoodWell is based in the United States. If you are located outside the United States, your personal information may be transferred to and processed in the United States or other countries that may not offer the same level of data protection as your home country.

For transfers of personal data from the EEA or United Kingdom, we rely on the following safeguards:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• The UK International Data Transfer Addendum where applicable
• Adequacy decisions where available

You may request a copy of the relevant transfer mechanism by contacting us at the address below.

11 Your Privacy Rights

11.1 Rights Available to All Users

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information, subject to legal retention obligations.
• Objection: Object to certain processing activities, including direct marketing.
• Restriction: Request that we limit processing of your data in certain circumstances.

11.2 Additional Rights for EEA / UK Residents

• Data portability: Receive your personal data in a structured, machine-readable format.
• Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
• Lodge a complaint: File a complaint with your local data protection authority (e.g., the ICO in the UK or the relevant EU supervisory authority).

11.3 California Residents (CCPA/CPRA)

California residents have the right to know what personal information is collected, used, shared, or sold; the right to delete; the right to opt out of sale or sharing (GoodWell does not sell personal information); and the right to non-discrimination for exercising these rights. To submit a request, see Section 14.

11.4 Note on Anonymous Survey Data

Because survey responses are anonymized at collection, GoodWell cannot retrieve, correct, or delete individual responses — we have no means of linking a specific response to a specific person after the anonymization process is complete.

12 SMS Communications

If you receive GoodWell surveys via SMS, the following additional terms apply:

• SMS messages are sent on behalf of your Employer. Your phone number was provided to GoodWell by your Employer for the purpose of survey delivery.
• Message frequency varies based on your Employer's survey cadence.
• Standard message and data rates from your mobile carrier may apply.
• To opt out of SMS messages, reply STOP to any GoodWell survey message. You will receive one confirmation message, and no further messages will be sent to that number.
• To request help, reply HELP or contact us at privacy@goodwell.com.
• Opting out of SMS does not affect your employment or any other relationship with your Employer.

13 Children's Privacy

GoodWell's services are designed for workplace use and are not directed at individuals under the age of 16 (or the applicable age of majority in their jurisdiction). We do not knowingly collect personal information from minors. If you believe a minor's information has been submitted to our platform, please contact us immediately at privacy@goodwell.com and we will take prompt steps to delete such information.

14 Contact Us & Exercising Your Rights

To exercise your privacy rights, ask questions about this policy, or report a concern, please contact:

We aim to respond to all privacy requests within 30 days. For complex requests, we may extend this period by an additional 60 days with prior notice.

15 Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify Employer administrators via email or in-platform notice
• Where required by law, seek renewed consent

We encourage you to review this policy periodically. Continued use of our platform after the effective date of any changes constitutes acceptance of the updated policy.