close

🚀 BETA SOFTWARE

Sizemotion is currently in beta. We're building this together with you! These policies may evolve as we refine the platform. We'll always notify you of significant changes.

Privacy Policy

Last Updated: November 29, 2025

Hi! Thanks for using Sizemotion. We know privacy policies can be boring, so we've tried to keep this clear and straightforward. This tells you how we handle your data when you use our team management and performance review platform.

The short version: We collect only what we need to run the service, we keep it secure, we don't sell it, and you can delete it anytime.

1. Information We Collect

1.1 Information You Provide to Us

  • Account Information: Name, email address, password, company name, job title, and phone number when you register for an account.
  • Profile Information: Profile photos, biographical information, department, team assignments, and career ladder details.
  • Feedback and Review Data: Performance reviews, 360-degree feedback responses, one-on-one meeting notes, goal tracking data, and other performance-related information you create or submit.
  • Team and Organization Data: Team structures, organizational hierarchies, role definitions, and employee relationships.
  • Payment Information: Billing details, payment card information (processed securely through our payment processor), and subscription plan details.
  • Communications: Messages, support tickets, and correspondence with us or through our platform.

1.2 Information Automatically Collected

  • Usage Data: Pages visited, features used, time spent on platform, interaction patterns, and navigation paths.
  • Device Information: IP address, browser type, operating system, device identifiers, and browser language preferences.
  • Cookies and Similar Technologies: Session tokens, preference cookies, analytics cookies, and authentication tokens. See our Cookie Policy for details.
  • Log Data: Server logs including access times, error reports, and system events.

1.3 AI-Generated Content

When you use our AI-powered features (such as AI-assisted feedback writing for 360 reviews), we collect:

  • The text you input to generate AI suggestions
  • AI-generated suggestions and your selections
  • Usage patterns of AI features to improve our service
  • Prompts and context provided to AI models

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Delivery

  • Provide, operate, and maintain our SaaS platform
  • Process and facilitate performance reviews and 360-degree feedback
  • Enable team collaboration and communication features
  • Manage user accounts and authentication
  • Process payments and manage subscriptions

2.2 AI Features

  • Generate AI-powered feedback suggestions and content recommendations
  • Analyze feedback patterns to provide insights (aggregated and anonymized)
  • Improve AI model performance and accuracy
  • Provide personalized AI assistance based on your organization's context

2.3 Platform Improvement

  • Analyze usage patterns to improve user experience
  • Develop new features, products, and services
  • Conduct research and analytics (using aggregated, de-identified data)
  • Troubleshoot technical issues and optimize performance

2.4 Communication

  • Send service-related notifications and updates
  • Provide customer support and respond to inquiries
  • Send marketing communications (with your consent, where required)
  • Notify you of changes to our service or policies

2.5 Security and Compliance

  • Detect and prevent fraud, abuse, and security incidents
  • Enforce our Terms of Service
  • Comply with legal obligations and respond to legal requests
  • Protect the rights, property, and safety of Sizemotion, our users, and others

3. AI and Third-Party Language Models

Important Notice: Our AI-powered features use third-party Large Language Model (LLM) providers, which may include OpenAI, Anthropic, Google Gemini, or self-hosted models.

3.1 Data Processing

  • When you use AI features, your input and context may be sent to third-party AI providers
  • We anonymize and minimize data sent to AI providers whenever possible
  • Employee names and sensitive identifiers are replaced with placeholders before sending to AI models
  • We do not train third-party AI models on your data without explicit consent

3.2 AI Data Retention

  • AI-generated content is stored in your account and subject to your data retention settings
  • Prompts sent to AI providers are not retained by us beyond the session unless you save the output
  • You can delete AI-generated content at any time through your account settings

3.3 AI Accuracy Disclaimer

AI-generated suggestions are provided as assistance tools and may contain errors or inaccuracies. Users are responsible for reviewing and editing all AI-generated content before submission. We do not guarantee the accuracy, completeness, or appropriateness of AI suggestions.

4. Data Sharing and Disclosure

4.1 Within Your Organization

Performance data, feedback, and reviews are shared according to your organization's configured permissions and visibility settings. Administrators and managers may have access to team members' data as defined by role permissions.

4.2 Service Providers

We share data with trusted third-party service providers who assist us in operating our platform:

  • Cloud Hosting: AWS, DigitalOcean, or similar providers for infrastructure
  • Payment Processing: Stripe or other payment processors for billing
  • AI Providers: OpenAI, Anthropic, Google, or others for AI-powered features
  • Analytics: Google Analytics or similar tools for usage analysis
  • Email Services: For transactional and marketing emails
  • Customer Support: Help desk and support ticket systems

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders, search warrants)
  • Government or regulatory requests
  • Protection of our legal rights or defense in litigation
  • Prevention of fraud, security threats, or illegal activity

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and choices you may have.

4.5 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations (e.g., tax, accounting, audit requirements)
  • Resolve disputes and enforce our agreements
  • Maintain business records for legitimate purposes

Account Data: Active account data is retained as long as your account is active. After account deletion, we may retain certain information for up to 90 days for backup purposes, and longer for legal compliance.

Performance Data: Historical performance reviews and feedback may be retained according to your organization's data retention policies, typically 3-7 years for HR compliance purposes.

AI Interaction Data: Anonymized AI usage data may be retained indefinitely for service improvement.

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: Data in transit is encrypted using TLS/SSL; sensitive data at rest is encrypted
  • Access Controls: Role-based access controls and authentication mechanisms
  • Infrastructure Security: Secure cloud hosting with regular security updates
  • Monitoring: Continuous security monitoring and incident response procedures
  • Data Backups: Regular automated backups with secure storage
  • Employee Training: Security awareness training for all personnel
  • Vendor Management: Security assessments of third-party providers

However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Data Rights

7.1 General Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Data Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to certain processing of your data
  • Restriction: Request restriction of processing under certain circumstances

7.2 GDPR Rights (European Economic Area)

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local supervisory authority
  • Right to object to processing based on legitimate interests
  • Right to restriction of processing while we verify accuracy or assess objections
  • Right to data portability for data you provided under contract or consent

7.3 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and disclose
  • Right to request deletion of your personal information
  • Right to opt-out of the "sale" of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your CCPA rights

7.4 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

8. International Data Transfers

Sizemotion is operated from the Netherlands. If you access our service from outside the Netherlands, your data may be transferred to, stored, and processed in the Netherlands or other countries where our service providers operate.

We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for countries with adequate data protection laws
  • Other legally compliant transfer mechanisms

9. Children's Privacy

Sizemotion is designed for use by businesses and organizations for professional purposes. Our service is not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16.

If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child, please contact us immediately at [email protected].

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. For detailed information about our use of cookies, please see our Cookie Policy.

You can control cookie preferences through your browser settings, but disabling certain cookies may limit functionality.

11. Third-Party Links

Our service may contain links to third-party websites, services, or integrations. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting a notice on our website or platform
  • Sending an email to the address associated with your account
  • Displaying an in-app notification

The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of our service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Sizemotion
Email: [email protected]
Email (General): [email protected]
Website: https://sizemotion.com

For GDPR-related inquiries, please contact our Data Protection Officer at [email protected].

The short version: We collect only what we need to run the service, we keep it secure, we don't sell it, and you can delete it anytime.

1. What Information We Collect

Account & Profile Info

When you sign up, we collect basics like your name, email, company name, and job title. If you add a profile photo or other details, we store those too.

Work Content

This is the main stuff you create in Sizemotion:

  • Performance reviews and 360-degree feedback
  • One-on-one meeting notes and goals
  • Team structures and org charts
  • Career ladder and skills data
  • Absence requests and on-call schedules

Payment Info

If you're on a paid plan, we collect billing details. Credit card info is handled securely by Stripe (our payment processor) - we never see or store your full card numbers.

Usage Data

Like most web services, we automatically collect some technical stuff: IP addresses, browser type, pages you visit, and how you use the platform. This helps us fix bugs and improve the service.

2. AI Features - Important!

⚠️ Please Read This Section Carefully

Our AI writing assistant uses third-party AI services. Here's what you need to know:

What AI Services We Use

When you click "AI Generate" or similar buttons, we send your request to one of these AI providers:

  • OpenAI (ChatGPT/GPT-4)
  • Anthropic (Claude)
  • Google (Gemini)
  • Or self-hosted models (Ollama)

How We Protect Your Data with AI

  • We anonymize: Employee names are replaced with placeholders like "[employee_name]" before sending to AI
  • We minimize: We only send the specific question/context needed, not your entire database
  • We don't train on your data: Your data is NOT used to train these AI models (per our agreements with providers)
  • You control it: AI features are optional - you can write everything manually if you prefer

AI Disclaimer

Important: AI suggestions are just that - suggestions. They may contain errors or inappropriate content. You're responsible for reviewing and editing everything before using it. Don't blindly trust AI output!

3. How We Use Your Information

We use your data to:

  • Run the service: Store your data, show it to the right people, enable features
  • Help you: Provide customer support when you need it
  • Improve the platform: Fix bugs, add features, understand what's working (using aggregated, anonymized data)
  • Communicate: Send important updates, security alerts, and (if you opted in) product news
  • Stay secure: Detect and prevent fraud, abuse, or security issues
  • Comply with law: Meet legal requirements when necessary

We do NOT:

  • ❌ Sell your data to anyone
  • ❌ Use it for advertising
  • ❌ Share it except as described below

4. Who We Share Data With

Within Your Organization

Your data is shared according to the permissions you or your admin set. Managers might see team member reviews if that's how you've configured it.

Service Providers (The Services We Use)

We use trusted companies to help run Sizemotion:

  • Hosting: Cloud providers (AWS, DigitalOcean, etc.) to store data securely
  • Payments: Stripe for billing (they handle your card details, not us)
  • AI: OpenAI, Anthropic, Google (only when you use AI features)
  • Email: To send you notifications and updates
  • Analytics: To understand how people use the platform (anonymized)

All these providers are contractually required to protect your data.

Legal Requirements

We may disclose information if required by law (court orders, legal processes, etc.) or to protect our rights and safety.

Business Changes

If Sizemotion gets acquired or merges with another company, your data would transfer with the service. We'd notify you first.

We will NEVER sell your data to data brokers, advertisers, or marketers. Period.

5. Data Security

We take security seriously:

  • 🔒 Encryption: Data is encrypted in transit (HTTPS/TLS) and at rest for sensitive fields
  • 🔐 Access Control: Strict role-based permissions
  • 💾 Backups: Regular automated backups (but you should export important data too!)
  • 🛡️ Monitoring: We watch for suspicious activity
  • 🔄 Updates: We keep our systems patched and secure

But here's the honest truth: No system is 100% secure. We do our best, but we can't guarantee absolute security. That's why you should backup critical data yourself using our export features.

6. How Long We Keep Your Data

  • While you're active: We keep everything you need to use the service
  • After you delete your account: We keep backups for 90 days, then it's gone
  • Performance review history: May be retained for 3-7 years for HR/legal compliance (this is common practice)
  • Legal requirements: Some data must be kept for accounting, tax, or legal reasons

Beta Note: During beta, retention periods may be more flexible. We'll work with you on specific needs.

7. Your Rights (GDPR & CCPA)

You have rights over your data:

  • Access: Request a copy of your data
  • Correction: Fix wrong information
  • Deletion: Delete your data (with some legal exceptions)
  • Export: Get your data in a portable format
  • Object: Say no to certain processing
  • Restrict: Limit how we use your data

To exercise these rights: Email us at [email protected] (or [email protected] for now during beta). We'll respond within 30 days.

California Residents (CCPA): You have specific rights including knowing what we collect, deleting it, and opting out of "sales" (which we don't do anyway).

EU Residents (GDPR): You can complain to your data protection authority if you're unhappy with how we handle your data.

8. International Transfers

Sizemotion operates from the Netherlands. If you're accessing from elsewhere, your data may be transferred here or to our service providers' locations. We use standard legal protections (like Standard Contractual Clauses) for international transfers.

9. Cookies

We use cookies for:

  • Keeping you logged in
  • Remembering your preferences
  • Understanding how you use the platform (analytics)
  • Security and fraud prevention

You can disable cookies in your browser, but some features won't work properly. See our Cookie Policy for details.

10. Children's Privacy

Sizemotion is a business tool and not intended for anyone under 16. We don't knowingly collect data from children. If we discover we have, we'll delete it promptly.

11. Changes to This Policy

We may update this policy as we add features or as laws change. When we make significant changes, we'll:

  • Update the "Last Updated" date
  • Email you at your registered address
  • Show a notice when you log in

During Beta: Expect more frequent updates as we refine things. We'll always be transparent about changes.

12. Contact Us

Questions? Concerns? Just want to chat about privacy?

Email: [email protected]
General Contact: [email protected]
Website: https://sizemotion.com

Note: During beta, [email protected] may not be set up yet. Feel free to use [email protected] for any privacy questions.

The Bottom Line: We respect your privacy. We collect what we need to run the service, keep it secure, use reputable providers, and give you control. We're building this platform WITH you, so if you have questions or suggestions about our privacy practices, please reach out. We're listening!