Privacy & data use

What we collect and how it’s used

Note: This page is a working draft authored by the product team, not reviewed legal copy. Before this tool is used for real candidates outside of internal testing, Northstar legal should review this policy.

What we collect

  • Account information — your email address (required to sign in), your name if provided, and authentication metadata from Clerk.
  • Assessment responses— your 1–5 rating for each of the 148 questions.
  • Computed scores — derived Big Five, DISC, type, and values scores.
  • AI narrative— a personalized summary generated from your scores the first time your results are viewed. Cached so it doesn’t regenerate every visit.
  • Timestamps — when you started, when you completed, when you last viewed your results.

How we use your data

  • Serve your results to you. Signing in with your email lets you return to view or continue your assessment.
  • Generate your personalized narrative. Your scores are sent once to Google Gemini to draft the summary; the output is stored and reused on subsequent views.
  • Share with authorized Northstar managers. Team members with @northstarlending.com email addresses can view all assessments as part of coaching and development workflows.
  • Send you email notifications. We email you a link to your results when the assessment completes, and we may send invitations or reminders when initiated by a Northstar manager.

Third-party services

We rely on several external vendors to operate the assessment. Data shared with each is limited to what’s necessary.

  • Clerk — authentication (email address, sign-in events).
  • Supabase — database storage of all assessment data (hosted on AWS, US region).
  • Google Gemini — AI narrative generation (your scores only, no PII beyond your first name if provided).
  • Resend — transactional email delivery (invitations, results-ready notifications).
  • Vercel — application hosting and serverless execution.

Retention

Assessment data is retained indefinitely by default so Northstar can reference historical results for coaching and development. You may request deletion of your data at any time by contacting your Northstar manager or emailing privacy@northstarlending.com.

Your rights

  • Access. Sign in to see your own assessment results at any time.
  • Deletion. Request removal of your account and all associated data via the email above.
  • Correction.Retake the assessment if you feel your previous answers weren’t representative.
  • Withdraw. You may stop the assessment at any point. Partial responses remain in our system unless you request deletion.

Mortgage industry context

Northstar Mortgage Advisors operates under mortgage industry regulations including the Gramm-Leach-Bliley Act (GLBA). This assessment tool is not used to collect or process financial information covered by GLBA — it is strictly a personality and behavioral development instrument. However, we apply comparable security and access-control standards to the personal data collected here.

Questions

For anything related to your data, contact privacy@northstarlending.com. For questions about the assessment itself, see the About page.