Skip to main content
All CollectionsMyMynd for OrganisationsOrganisation & Employee Data
Data Privacy & Security FAQs for Organisations
Data Privacy & Security FAQs for Organisations

Questions we get asked about Organisational Data Privacy & Security

D
Written by Dave Cranwell
Updated over 9 months ago

At MyMynd, we take you and your employees' data seriously. Here is a list of common questions we get asked:


What data does an organisation send to MyMynd?

The only data organisations provide to MyMynd is their employees’ full name and work details, including email address, role and department, as this is the minimum data required to create the assessments.

How is the data transferred to MyMynd?

We create a separate, private Google Sheet for each organisation. This is stored securely in Google Workspace storage and is managed by the organisation to keep it up to date.

An individual doesn’t want to participate in the MyMynd assessment, how do they remove their details?

There are three ways for them to remove their details:

  1. They can opt out within the timeline agreed with their employer by emailing us at support@mymynd.co.uk

  2. They can ask their employer to remove their details from the Google Sheet and ensure MyMynd are informed

  3. They can delete their account from within the MyMynd platform

How do you process the data you receive from an organisation?

We import the data directly from the organisation’s private Google Sheet. This is then synchronised to the MyMynd platform, creating an account for each individual employee.

Once the account is created and individuals are emailed to start their assessment, all processing is complete. At this point, we become the data controller and manage the data directly with the consent of each individual employee. No further data is input into the system.

What data will the organisation see?

An organisation will ONLY have access to the Google Sheet they administer for inputting employee data (full name, email address, role and department). Organisations are not able to access any data within the MyMynd platform.

Organisations will receive an aggregated workforce report to provide them with an overview of the results for all employees who took the assessment within an agreed period.

Please note: We have strict requirements on the minimum number of assessment results required before any aggregated reports can be shared. This is to ensure no individual data is identifiable within these aggregate reports.

Are MyMynd a Data Processor or a Data Controller?

We are a data processor on behalf of our client (organisation), processing their employee data (full name, email address) and uploading it into the MyMynd platform. For all data held within the MyMynd platform we are a data controller.

What personal data will be collected?

Pre-assessment we will collect for each employee: Full name, work email address, role and department.

When an individual takes the assessment for the first time, they will be given the option to provide: their gender, ethnicity and age group for demographic monitoring purposes only.

Post-assessment, for each person that completes the MyMynd Assessment, we will collect: their assessment result against each indicator used in the MyMynd Assessment; and tracking usage data within the MyMynd platform.

What data security precautions do you use?

If you would to know more about our data security precautions, you can read about MyMynd's Security & Compliance practices.

Did this answer your question?