How long does the Silent Signal take?

Three minutes. Seven questions on a 1-7 slider, plus a brief review screen.

Is the Silent Signal really free?

Yes. The individual diagnostic and the team aggregation are both free. The optional 90-Day Reboot is the paid intervention; it's separate.

Are individual answers visible to the team lead?

No. Team leads only see aggregated dimension averages and variance. Individual answers stay private.

What 7 dimensions does the diagnostic measure?

Strategic Alignment, Trust & Safety, Ownership, Decision Making, Energy, Outcomes, and Feedback. Each on a 1-7 agreement scale.

Where is my data stored?

Supabase EU (eu-west-1, Ireland). All sub-processors are listed at signal.ikaracic.com/privacy. GDPR-compliant.

Privacy Notice

Last updated: 27 April 2026 · Datenschutzerklärung

Controller

Ivan Karačić, Kurfürstenstraße 36, 53639 Königswinter, Germany. Contact: ivan@ikaracic.com. See also the Impressum.

What we collect and why

Assessment answers. Seven 1-7 ratings plus computed scores. Stored against an anonymous session ID. Legal basis: Art. 6(1)(b) GDPR (performance of the service you requested).
Email address (optional). Used to deliver the PDF report. Optional marketing consent triggers the follow-up sequence. Legal bases: Art. 6(1)(b) for the report, Art. 6(1)(a) for the marketing emails (which you can revoke at any time).
Team session metadata. Team name, lead name + email, member names + emails, completion status. Used to coordinate the team round and email the lead. Legal basis: Art. 6(1)(b).
Funnel + interaction events. Anonymous events such as “page viewed”, “assessment started”, “results unlocked”. Legal basis: Art. 6(1)(f), legitimate interest in operating and improving the service. No cross-site tracking.
IP address (transient). Used only for rate-limiting and abuse prevention. Not stored with assessment answers. Legal basis: Art. 6(1)(f).
Server traffic log. To detect bots and link-preview crawlers, prevent abuse, and measure genuine human reach, our edge servers record for each request: the page path, the referring site (without query parameters), a coarse browser/device label, the country/city derived from the connection, and a daily-rotating, irreversibly hashed token derived from the IP address — the raw IP is never stored. This is processed server-side only; nothing is read from or written to your device, so no cookie consent applies (§ 25 TDDDG is not triggered). Legal basis: Art. 6(1)(f), legitimate interest in network and information security and audience measurement (Recital 49). Retention: 90 days. No cross-site profiling.

Sub-processors

We use the following processors. Where data leaves the EU/EEA, transfers rely on the EU Standard Contractual Clauses (SCCs) and processors with active Data Processing Agreements under Art. 28 GDPR.

Service	Purpose	Region
Vercel Inc.	Hosting, edge network	EU + global edge
Supabase Inc.	Database (assessments, teams, events)	EU (eu-west-1, Ireland)
Brevo (Sendinblue SAS)	Transactional + marketing email	EU (France)
Umami Cloud	Cookieless analytics (always on)	EU
Microsoft Clarity	Heatmaps, session replay (opt-in only)	USA (SCCs)
LinkedIn Insight	Conversion attribution (opt-in only)	USA (SCCs)
Telegram	Internal operator alerts. No user PII is routed beyond email-address strings to the operator's private chat.	UAE / global

Cookies & tracking

Strictly necessary cookies and Umami's cookieless analytics run by default. Microsoft Clarity and LinkedIn Insight only load after you click “Accept” on the cookie banner. You can change your choice anytime by clearing the ss_cookie_consententry in your browser's site data.

Retention

Assessment answers: kept indefinitely in anonymized form for benchmark calibration.
Email + report request: 24 months from last interaction, then anonymized.
Funnel events: 24 months.
Email log: 24 months.
Team session data: 24 months from completion.

Your rights (GDPR)

You have the right to access, rectify, erase, restrict processing, object, and request portability of your personal data. Email ivan@ikaracic.com with your request; we respond within 30 days. To unsubscribe from marketing email, use the link in any nurture email or visit /unsubscribe.

Complaints

You may lodge a complaint with the German data protection authority responsible for the operator's residence: Landesbeauftragte für Datenschutz NRW (LDI NRW).

Updates

We may update this notice. Material changes will be highlighted on this page. The current version date is shown at the top.