Phalanx Labs

Data Governance and Confidentiality

The diagnostic process requires vulnerability. Rigorous data governance is a foundational commitment, not an afterthought.

This policy explains what we collect, how we use it, and the controls you maintain over your information throughout and after your engagement.

What We Collect

Data collection is limited to what is necessary for generating your diagnostic and intervention protocols.

Forensic Execution Audit

Collected during the initial diagnostic

Behavioral self-assessment responses

Your answers to diagnostic questions about daily patterns and decision-making

Workflow pattern indicators

Time allocation, task switching frequency, and focus duration metrics

Decision-making metrics

How you process decisions, delegate, and handle competing priorities

Energy and focus patterns

Cognitive capacity fluctuations throughout the day and week

150-Day Intervention

Collected during the intervention protocol

Ongoing performance metrics

Progress measurements tracked via Phalanx Forge during the 150-day protocol

Protocol adherence tracking

Completion rates and consistency metrics for assigned interventions

Progress against baseline

Comparative measurements against your initial diagnostic results

How Your Data Is Used

Your data serves two purposes, both designed to improve your outcomes.

Primary Use: Your Diagnostic

Generating your diagnostic report, calculating your EEI score, identifying root constraints, and designing your intervention protocols. This is the core purpose of data collection.

Secondary Use: Benchmark Contribution

Contributing to our anonymized benchmark database of 294 executives. This is optional — you may opt out at any point.

Anonymization Standard

  • All identifying information stripped before inclusion
  • Industry category retained (not company name)
  • Revenue and team size shown as ranges only
  • No reconstruction of individual identity possible

Benchmark Database Opt-Out

Our benchmark database of 294 executives enables the comparative analysis that makes EEI scoring meaningful. However, contribution is entirely optional.

You may opt out of benchmark contribution at any point during your engagement by notifying your engagement lead. Your diagnostic will proceed without your data being included in comparative datasets.

Note: Already-anonymized contributions cannot be retrieved or deleted, as they are designed to be untraceable to any individual.

Who Has Access

Your data is handled with the same discretion expected in any professional-client relationship.

Single Point of Access

Access is limited to your assigned engagement lead only. No third-party analysts or external consultants.

No AI Training

Your data is never used for training AI models. Diagnostic analysis is performed by your engagement lead.

Encrypted Storage

All data is encrypted at rest and in transit. We do not use consumer cloud platforms.

Access Logging

All access to client data is logged and auditable. You may request access logs at any time.

Your Rights

You maintain control over your data throughout and after your engagement.

Right to Access

Request a full export of all data we hold about you in standard formats.

Right to Deletion

Request complete data purge. We will delete all identifiable data within the response timeline.

Right to Exclusion

Opt out of benchmark database contribution at any time during your engagement.

Right to Portability

Receive your diagnostic data in standard, machine-readable formats for your records.

Response Timeline

All data rights requests receive acknowledgment within 48 hours. Fulfillment is completed within 14 business days.

Data Retention

We retain data only as long as necessary to fulfill our commitments to you.

Duration + 12 months

Active Engagement Data

Diagnostic inputs, progress metrics, and working files

Until deletion requested

Diagnostic Reports

Your 28-page diagnostic and final readout documents

Permanently anonymized

Benchmark Contributions

Cannot be traced or deleted once anonymized

24 months

Communication Records

Email correspondence and meeting notes

Third-Party Sharing

No client data is sold, shared, or disclosed to third parties.

This commitment is absolute. Your diagnostic data, engagement records, and any information collected during our work together remains within Phalanx Labs.

Single exception: We will disclose information if legally compelled to do so by valid court order or subpoena. We will notify you of any such request unless legally prohibited from doing so.

  • No marketing use
  • No partner sharing
  • No investor access

Data Inquiries

For questions about this policy, to exercise any of your data rights, or to discuss data handling concerns, contact us directly.

findings@phalanxaudits.com

We respond to all inquiries within 48 hours.