TGB //Ecosystem Navigator

Privacy Policy

Last updated: May 14, 2026

1. Introduction

The Groundbreakers ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Ecosystem Navigator service.

2. Information We Collect

Account Information

  • Name and email address
  • Job title and professional role
  • Password (encrypted)

Diagnostic Data

  • Location/region information you provide
  • Responses to diagnostic questions
  • Generated reports and analysis
  • Evidence Base records derived from your reports, used to power your Explore views, collections, and cross-report synthesis
  • Diagnostic session information, including invitations, participant status, assigned localities or roles, and aggregate session outputs when you participate in or manage a Build session

Payment Information

Payment processing is handled by Stripe. We do not store your credit card numbers. We receive only:

  • Stripe customer ID
  • Subscription status
  • Last four digits of payment method (for display purposes)

Automatically Collected Information

  • IP address and browser type
  • Pages visited and features used
  • Date and time of access
  • Device information

3. How We Use Your Information

We use your information to:

  • Provide the Service: Generate diagnostic reports, enable Q&A features, and deliver stakeholder briefs
  • Operate Build and Explore: Manage diagnostic sessions, report access, Evidence Base records, collections, and aggregate session views
  • Improve the Service: Analyze usage patterns to enhance features and user experience
  • Communicate: Send service updates, respond to inquiries, and provide customer support
  • Process Payments: Manage subscriptions and billing through Stripe
  • Aggregate Insights: Create de-identified and aggregate benchmarking data from diagnostics where this use has been disclosed or where the data has been anonymized so it is no longer reasonably linked to you
  • Security and Reliability: Maintain operational logs needed to troubleshoot errors, prevent abuse, monitor system health, and understand product usage

4. Data Sharing

We do not sell your personal data. We may share data with:

  • Service Providers: Third parties that help us operate the Service (e.g., Stripe for payments, Google Cloud/Firebase for hosting)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Benchmarking: De-identified diagnostic scores and structured metadata may be included in aggregate comparisons, product analytics, and service-quality analysis. We do not sell personal data or show your name, email, full report, invite list, or individual answers to unrelated users. Benchmark outputs are intended to be shown only in aggregate or thresholded comparison views.

5. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest
  • Secure authentication via Firebase
  • Regular security reviews

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain account, report, and Evidence Base data for as long as your account is active or as needed to provide the Service. You may delete individual reports from your account, or request deletion of your account and associated personal data by contacting us.

Deleting a report

When you delete a saved report, we remove it from your dashboard, active Evidence Base, collections, public share links, and report archive used for product support. It will no longer be used by Explore charts or Ask Gemini. Deleting a report does not delete non-identifying usage metrics, security logs, billing records, or benchmarking records that were already stored in de-identified or aggregate form under the data uses disclosed when the report was generated.

Build sessions

If a report was created as part of a diagnostic session, the session organizer may retain access to session-level results and aggregate outputs for that exercise. Participants may contact us to request access, correction, deletion, or exclusion of their personal data from active analysis, subject to legal and contractual obligations.

After account deletion:

  • Personal data is deleted or anonymized within 30 days where technically and legally feasible
  • De-identified or anonymized aggregate data may be retained for benchmarking, analytics, security, and service-quality purposes
  • Billing, tax, fraud-prevention, and security records may be retained as required by law or legitimate business obligations
  • Backup copies may persist for up to 90 days

7. Your Rights

Depending on your location, you may have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate or incomplete data
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing of your data
  • Restriction or Objection: Object to or request exclusion from optional benchmarking or product-improvement uses where applicable

To exercise these rights, contact us at privacy@thegroundbreakers.net

We will respond in accordance with applicable privacy laws, including Canadian privacy law and, where applicable, GDPR, UK GDPR, and similar state or international privacy requirements.

8. Cookies and Analytics

We use essential cookies to maintain your session and preferences. We also use Google Analytics to understand how users interact with our Service. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

9. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we learn we have collected data from a child, we will delete it promptly.

10. International Data Transfers

The Groundbreakers is based in Ontario, Canada. Your data may be processed in Canada, the United States, or other countries where our service providers (such as Google Cloud and Stripe) operate. By using the Service, you understand that your data may be transferred to these locations. We use service providers and safeguards intended to support compliance with applicable privacy laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

12. Contact Us

For privacy-related questions or concerns:

Email: privacy@thegroundbreakers.net

The Groundbreakers
Ontario, Canada

← Back to Home