Trust is the foundation.

What we store

Only data that you actively enter and that we need in order to support you in understanding your state.

• · Check-in values (your 7 dials) and the states derived from them
• · Journal text that you type yourself
• · Care feedback (what helped, what didn't) — for you, not for grading
• · Optional: Family/Work links with explicit consent

What we do NOT store

We do not track you. There is no marketing stack, no third-party scripts and no hidden profile building.

• · Location data — we don't need it and don't ask for it
• · Advertising IDs (IDFA, Advertising ID) — no analysis, no sharing
• · Tracking pixels (Google Analytics, Facebook Pixel, Meta, etc.) — not embedded
• · Third-party cookies — we don't set them
• · Behaviour-based advertising profiles — do not exist

Your right to erasure

You can delete all your data at any time. We follow GDPR Art. 17 (right to be forgotten) as a hard delete: no shadow backups, no aggregate residue, no quarantine table.

• · Self-service via /privacy/delete-account
• · Execution within 24 hours
• · Email confirmation with deletion record
• · Questions: criss@systemn.eu

Work ↔ Family data separation (cell isolation)

Work data and personal / family data are handled in fully separated processing paths (cells). No automatic reconciliation, no cross-product access. This separation is enforced architecturally, not just as a policy.

• · Work aggregates (burnout index, team state, etc.) are computed only from explicitly consenting members
• · K-anonymity N ≥ 5: aggregates only visible when at least 5 people consent
• · Leaders see anonymous aggregates only — never individual values, names or IDs
• · Work consent is voluntary and revocable at any time (no pressure, no consequences)
• · Family group structure and work group structure are isolated — no cross-links
• · Cross-product only via an explicit integration agent — never automatically
• · Revocation takes immediate effect: your data stops flowing into aggregates

Security & vulnerability disclosure

If you found a security issue, please report it to us confidentially. We answer within 5 business days. Machine-readable contact info also lives at /.well-known/security.txt (RFC 9116).

• · Disclosure mail: security@systemn.eu
• · Backup mail: criss@systemn.eu
• · Preferred languages: German, English
• · Telemetry PII filter: Sentry before_send/before_breadcrumb scrub body, query, auth header

Subprocessors

We use selected third parties to operate the service. The complete, versioned list with purpose, region and DPA status lives in /docs/legal/subprocessors.md. Changes are announced 30 days before they take effect.

Cookies

We set only essential cookies (`systemn_session` for login, `systemn_csrf` for CSRF protection). There are no tracking pixels, no third-party analytics and no marketing cookies today. As soon as this changes, the cookie-consent banner is activated (flag NEXT_PUBLIC_COOKIE_CONSENT_ENABLED).

• · Default: essential cookies only — no banner required
• · When banner is active: choice in localStorage `systemn_cookie_consent`
• · Trackers are NEVER loaded before consent (gate in follow-up slice)

Not a therapy replacement

SystemN is a companion tool for self-perception — not a diagnosis, not treatment, not a crisis line. If you are in an acute crisis or want to harm yourself or others, please reach out to professional help immediately.

• · Crisis line (free, 24/7): your local helpline
• · International emergency numbers: 112 (EU) / 911 (US)
• · For longer-lasting symptoms: medical or psychotherapeutic support

Data Protection Impact Assessments (Art. 35 GDPR)

For all Art. 9 modules (health data) and the family module (minors), SystemN maintains a Data Protection Impact Assessment (DPIA). The complete documents live publicly in the repo and are reviewed quarterly — supervisory authorities and auditors can read the diff history directly in the GitHub context.

• DPIA EidosSelf-classification + clinical codes (ICD/DSM/Self-ID/framework)
• DPIA PharmaMedication and substance intake (controlled-substance sensitivity)
• DPIA MetronClinical scales (PHQ-9, GAD-7, HoNOS, C-SSRS) including crisis modal
• DPIA FamilyGuardian-dependent relationship including protection of minors (Art. 8)

Competent supervisory authority: Austrian Data Protection Authority (DSB), Barichgasse 40-42, 1030 Vienna, Austria. Users habitually resident in another EU/EEA state may, under Art. 77 GDPR, also reach out to their local supervisory authority (in Germany the responsible state authority); for users in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC).