Security & Data Safety
Your burnout data is sensitive. Here's exactly how we handle it.
Privacy-by-design
Your assessment answers never leave your device. All scoring calculations happen locally in your browser using JavaScript — no responses are transmitted to our servers.
Encrypted payments
All payment processing is handled by Stripe, which maintains PCI DSS Level 1 compliance — the highest standard in the payments industry. We never see or store your card details.
No surveillance
We don't sell your data, run advertising trackers, or share your results with third parties. Analytics we collect are strictly aggregated and anonymized.
Secure infrastructure
BurnoutIQ runs on Vercel's edge network with HTTPS enforced on all connections. We follow industry best practices for dependency management and vulnerability patching.
localStorage & Saved Progress
The "Save & Continue Later" feature stores your partial assessment responses in your browser's localStorage under the key burnoutiq-v1. This data is local to your device and browser. It is never synced to our servers. To delete it, clear your browser's site data for burnoutiqtest.com, or simply complete the assessment (data is removed automatically after results are shown).
HTTPS & Transport Security
All pages on burnoutiqtest.com are served over HTTPS with TLS 1.2+. We enforce HSTS (HTTP Strict Transport Security) to prevent downgrade attacks. Certificate management is handled automatically through Vercel's infrastructure.
Vulnerability Disclosure
If you discover a security vulnerability in BurnoutIQ, please report it responsibly by emailing hello@pivottraining.us with the subject line "Security Disclosure." We aim to acknowledge reports within 48 hours and resolve confirmed issues within 30 days.