Personal Inflection Curve™ Diagnostic

Privacy Policy

Effective Date: May 2026  •  personalinflectioncurve.com

This Privacy Policy describes how Dee McCrorey, operating as A Bridge to AI (“we,” “us,” or “our”) collects, uses, and stores personal data when you use the Personal Inflection Curve™ (PIC™) Diagnostic at personalinflectioncurve.com.

This policy applies specifically to the PIC™ Diagnostic application. It is separate from, and in addition to, the A Bridge to AI (AB2AI) Substack newsletter privacy policy and Substack’s own privacy policy, both of which govern your Substack subscription separately.

01

Who We Are

  • Dee McCrorey, operating as A Bridge to AI
  • Contact: info(at)seedingchange(dot)link
  • Location: United States
02

What Data We Collect

2.1 Account & Identity Data

  • Your email address, provided at the start of the diagnostic

2.2 Diagnostic Response Data

  • Your answers to the 35 diagnostic questions across three dimensions: Change Rhythm, Risk Appetite, and Personal Inflection Point™ (PIP™)
  • Your answers to the Alliance Scan™ questions, if you choose to complete that optional module
  • Your self-reported role type (individual contributor, manager, senior leader, or in transition)

2.3 Computed Results Data

  • Dimension scores calculated from your responses
  • Friction zones identified from score gaps
  • Recommended pathways generated from your scores
  • PIP™ position, marker, and environment gap data

2.4 Technical Data

  • Standard server logs generated by Vercel (our hosting provider), which may include IP address and browser type
What we do not collect: We do not collect payment or billing information directly. Subscription payments are handled by Substack, Stripe, and Gumroad under their own privacy policies. We do not use advertising trackers, third-party analytics, or behavioral tracking cookies on the diagnostic application.
03

How We Use Your Data

  • To process your diagnostic responses and generate your results
  • To display your Personal Inflection Readout™ and recommended pathways
  • To store your results so you can return to them
  • To verify your membership tier and provide access to appropriate features (Alliance Scan™, Founding Member benefits)
  • To provide customer support if you contact us
Important: Your diagnostic results are generated entirely by deterministic scoring logic — weighted averages and threshold rules applied to your responses. No artificial intelligence, machine learning model, or large language model is used to generate your results.
04

Our Data Processors

We use the following third-party services to operate the PIC™ Diagnostic. Each acts as a data processor on our behalf:

Supabase

  • Purpose: Database storage for diagnostic responses and results
  • Location: AWS us-west-1 (Northern California, United States)
  • Privacy policy: supabase.com/privacy

Vercel

  • Purpose: Application hosting and server-side processing
  • Location: United States (edge infrastructure globally)
  • Privacy policy: vercel.com/legal/privacy-policy

Substack / Stripe

  • Purpose: Newsletter subscription management and payment processing for Monthly Premium subscriptions
  • Note: Substack and Stripe handle all payment and subscription data under their own privacy policies. We do not receive or store your payment details.
  • Substack privacy: substack.com/privacy
  • Stripe privacy: stripe.com/privacy

Gumroad

  • Purpose: Payment processing and subscription management for PIC™ Diagnostic Annual and Bridge Architect™ Annual memberships
  • Note: Gumroad handles all payment data under their own privacy policy. We do not receive or store your payment card details.
  • Gumroad privacy: gumroad.com/privacy
  • Gumroad terms: gumroad.com/terms
05

Data Retention

We retain your diagnostic data for as long as your account is active or as needed to provide the service, with a maximum retention period of 24 months from your last diagnostic submission.

If you request deletion of your data, we will remove your email address and associated diagnostic responses and results from our database within 30 days of your request. Residual copies in automated backups are purged on a rolling 30-day cycle.

06

Data Security

  • All database writes are performed via server-side API routes using a service role key — your data is never written directly from the browser
  • Row-level security (RLS) policies ensure each user can only access their own diagnostic data
  • All data in transit is encrypted via HTTPS
  • We do not store payment card information
07

Your Rights

For All Users

Regardless of your location, you have the right to:

  • Request access to the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw from the diagnostic at any time

For California Residents (CCPA / CPRA)

Under the California Consumer Privacy Act, you have the right to:

  • Know what personal data we collect and how it is used
  • Request deletion of your personal data
  • Opt out of the sale of your personal data (we do not sell your data)
  • Non-discrimination for exercising your privacy rights

For EU / EEA Residents (GDPR)

Under the General Data Protection Regulation, you have the right to:

  • Access a copy of your personal data
  • Correct inaccurate information
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, contact: info(at)seedingchange(dot)link

08

International Data Transfers (GDPR)

The PIC™ Diagnostic is operated from the United States. If you are located in the European Union, European Economic Area, or United Kingdom, please be aware that your personal data — specifically your email address and diagnostic responses — is stored on servers located in the United States (AWS us-west-1, operated by Supabase).

The United States does not have an adequacy decision from the European Commission. By using the PIC™ Diagnostic, you acknowledge this transfer. We rely on your explicit consent as the lawful transfer mechanism for users in the EU/EEA/UK, which you provide by submitting the diagnostic.

We do not actively market the PIC™ Diagnostic to EU/EEA residents. Access is currently open globally through Substack subscription and Gumroad, and we are transparent about how data is handled for all users regardless of location.

09

Lawful Basis for Processing (GDPR)

For users in the EU/EEA, we process your personal data under the following lawful bases:

  • Contract performance: Processing your diagnostic responses to generate and deliver your results is necessary to perform the service you have requested.
  • Legitimate interests: Storing your results so you can return to them serves a legitimate interest in providing a functional, persistent service, balanced against your privacy rights given the non-sensitive nature of the professional self-assessment data collected.
  • Consent: For international data transfers to the United States, we rely on your consent, which you provide by submitting the diagnostic after reviewing this policy.
10

Children's Privacy

The PIC™ Diagnostic is designed for working professionals and is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors.

11

Changes to This Policy

We may update this Privacy Policy as the PIC™ Diagnostic evolves. Material changes will be communicated via the AB2AI Substack newsletter and/or a notice on personalinflectioncurve.com. The effective date at the top of this document will always reflect the most recent version.

12

Contact

For any privacy questions, data requests, or concerns:

Dee McCrorey  |  A Bridge to AI

info(at)seedingchange(dot)link

personalinflectioncurve.com

© 2026 A Bridge to AI  •  Dee McCrorey

Refund Policy← Back to Diagnostic