Privacy Policy

This Privacy Policy explains how ZenWorkspace LLC ("ZenWorkspace," "we," "us," "our") collects, uses, and protects information when organizations and their teams use our websites and services, including the Bloomara™ Intelligence analytics platform, team assessments, facilitator-led Reset Sessions, and leadership dashboards (collectively, the "Services").

ZenWorkspace is a team intelligence platform that helps organizations detect and address burnout, disengagement, and misalignment. We take your trust seriously—it is the foundation of everything we do.

🔐 Looking for technical security details? See our Data Practices page

1 Information We Collect

Organization & Account Data

When a company or organization subscribes to our Services, we collect information from authorized contacts such as: name, work email, company name, role or title, optional phone number, and scheduling preferences. This data is provided by company administrators, managers, or designated contacts—not by individual team members taking assessments.

Assessment Responses

Team members complete the Bloomara™ assessment using a unique team link. These responses are structurally anonymous:

No names, emails, or personal identifiers are collected from respondents
Responses consist only of numerical ratings on a self-anchored scale (1–10)
There are no open-ended text fields or free-text comments
Team links expire after submission, preventing duplicate responses
We do not collect medical diagnoses, clinical records, or health information from respondents

Structural anonymity means responses are untraceable not just by policy, but by design. We cannot identify individual respondents because that data is never collected in the first place.

Post-Session Feedback

After Reset Sessions, participants may be invited to provide optional feedback through our NPS (Net Promoter Score) survey. This feedback includes a satisfaction rating, a value assessment, and an optional comment. Participants may also grant permission for their feedback to be used as an anonymous testimonial.

Operational Data

We collect standard technical data to keep our Services reliable and secure: device and browser type, IP addresses (retained only in short-lived server logs), page views, session events, and error logs. We use privacy-aware analytics to understand how our Services are used.

Payment Data

Payment information is handled entirely by our payment processor. We do not store credit card numbers or sensitive financial data on our systems.

2 How We Use Information

✓ Deliver and improve the Services, including assessments, analytics dashboards, and Reset Sessions
✓ Generate group-level insights and risk estimates—we never produce individual-level reports
✓ Power Bloomara™ Intelligence analytics, including Team Energy Index, risk scoring, and trend analysis
✓ Estimate organizational risk exposure based on validated workforce research (we provide risk estimates, not exact financial calculations)
✓ Communicate about onboarding, scheduling, product updates, and account management
✓ Secure the Services, prevent abuse, debug issues, and maintain system reliability
✓ Comply with applicable legal and contractual obligations

We do not sell personal information. We never have, and we never will.

3 Anonymity & Aggregation

Protecting the anonymity of individual team members is central to how ZenWorkspace operates. Our approach goes beyond standard confidentiality policies:

How We Protect Anonymity

No identifying data collected: Assessments do not ask for or store names, emails, employee IDs, or any personal identifiers
Group-level reporting only: All insights, dashboards, and reports reflect team patterns, never individual responses
Minimum-respondent thresholds: We require a minimum number of responses (e.g., ≥5) before generating team reports. Small-group data is suppressed to prevent anyone from being singled out
No open-ended text: Our assessment uses only numerical ratings, eliminating the risk of identifying individuals through writing style or specific comments
Expiring access links: Each team member receives a unique survey link that expires after a single submission

For complete technical details on our anonymity architecture, see our Data Practices page.

4 AI & Automated Processing

Our Bloomara™ Intelligence platform uses AI-powered analytics to process aggregated, anonymous assessment data. This includes calculating team-level scores, identifying risk patterns, generating trend comparisons across survey periods, and estimating potential organizational risk exposure.

All AI processing operates on group-level data. Bloomara does not profile, score, or make decisions about individual employees. Human expertise from our Scientific Advisory Council provides clinical oversight and validation of the analytical frameworks used.

When managers interact with AI-powered features (such as leadership advisory tools), the AI draws on aggregated team analytics and facilitator session notes—never on individual survey responses.

5 Legal Bases (EEA/UK)

Where the EU General Data Protection Regulation (GDPR) or UK GDPR applies, we process personal data on one or more of the following bases: performance of a contract with the subscribing organization, legitimate interests (service delivery, security, product improvement), consent (where required by applicable law), and compliance with legal obligations.

6 Cookies & Analytics

We use essential cookies required for the Services to function (such as session management) and privacy-aware analytics to understand how our platform is used and to improve the experience. We do not use advertising cookies or sell browsing data. You can control cookies through your browser settings.

7 Sharing & Third Parties

We share information only when necessary to deliver the Services or when legally required:

Service providers & sub-processors: Hosting, email delivery, analytics, and payment processing partners. All are bound by confidentiality and data protection commitments.
Scientific Advisory Council: Licensed clinical professionals who review aggregated team-level outputs to validate insights. They access only de-identified, group-level data necessary for their advisory role.
Certified Facilitators: Facilitators who lead Reset Sessions access team-level analytics and session materials—never individual response data.
Legal & compliance: We may disclose information if required by law, regulation, legal process, or to protect the rights, safety, or property of ZenWorkspace, our clients, or others.
International transfers: Data may be transferred where we or our service providers operate. Appropriate safeguards (such as Standard Contractual Clauses) are applied when data crosses borders.

We never share individual survey responses with employers, managers, or anyone else. Group-level insights are the only outputs we provide.

8 Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL) and at rest, role-based access controls, audit logging of administrative actions, and secure cloud infrastructure. Our systems are designed with the principle of least privilege—team members, facilitators, and administrators each see only what they need for their role.

For complete technical details, see our Data Practices page.

9 Data Retention

We retain identifiable account and organization data for the duration of the subscription relationship and for a reasonable period afterward to fulfill contractual obligations, or as required by law. Aggregated, non-identifiable team insights may be retained for benchmarking, research, and quality improvement purposes. Because assessment responses are structurally anonymous, there is no individual data to delete—the responses were never linked to identifiable people.

10 Your Rights

Depending on your location and applicable law, you may have rights including: access to your personal data, correction of inaccurate data, deletion of your data, data portability, restriction of processing, and the right to object to certain processing activities.

For California residents: We honor applicable rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). We do not sell personal information, and we do not use or disclose sensitive personal information for purposes beyond what is necessary to provide the Services.

For EEA/UK residents: You may exercise your GDPR rights by contacting us at the address below. You also have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact privacy@zenworkspace.ai.

11 Corporate & Sports Teams

ZenWorkspace serves both corporate organizations and sports teams (including collegiate athletics, professional teams, and national federations). The same privacy protections, anonymity architecture, and data handling practices apply regardless of team type. Assessment content adapts to the team's context (workplace or athletic environment), but no additional personal data is collected.

12 Children

The Services are designed for organizational teams in workplace and athletic settings and are not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided information through our Services, please contact us immediately at privacy@zenworkspace.ai and we will take steps to remove it.

13 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page and notify subscribing organizations when appropriate. We encourage you to review this Policy periodically.

14 Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, we're here to help.

Privacy Inquiries

privacy@zenworkspace.ai