Privacy Notice
This notice explains what information we collect when you interact with Crisis Point Consulting LLC ("Crisis Point," "we," "us"), how we use it, and the choices you have. We've written it in plain language because you shouldn't need a lawyer to understand how a small consulting firm handles your information.
Who we are
Crisis Point Consulting LLC is a crisis management and business continuity consultancy founded by Maria Stone, registered as a limited liability company in the State of Illinois. We help organizations build, test, and mature their crisis and resilience programs. You can reach us anytime at Maria.Stone@crisis-point.com.
What we collect
Our website includes a free Crisis Management Maturity Self-Assessment. When you complete it, we receive:
- The email address you provide (required)
- The industry you select from a list (required, with a short text field if you choose "Other"). We require industry so we can build accurate benchmarks across sectors and publish aggregate research on how the crisis and resilience field is maturing over time.
- Your name, role, and organization (all optional)
- The scores you assign to each capability area, your overall maturity score, and the timestamp of your submission
- Any answers you choose to share in our optional "questions for the field" section at the end of the assessment
We do not use the assessment to target advertising. We do not track you across other websites.
When you email us, or fill out a separate contact form, we receive whatever you choose to send.
How we use your information
We use your information for three purposes:
- To follow up with you. We may email you with a copy of your result, a short interpretation, or an invitation to discuss it in a 30-minute debrief. You can opt out at any time.
- To improve the assessment and publish research on the field. Looking at aggregated results across many respondents (including by industry) helps us refine the tool and build sector benchmarks. When we publish aggregate findings (for example, "the average maturity score in healthcare is X" or "the most common executive engagement gap reported in financial services is Y"), we never identify individual respondents or their organizations.
- To run the business. That includes keeping basic records of conversations and engagements.
We do not sell, rent, or trade your information.
Who we share it with
Submissions from the self-assessment are received and stored by Formspree, our form-handling provider, which processes the data on our behalf under its own privacy and security commitments. We share information with other service providers (such as our email or scheduling tools) only as needed to run the business, and only under agreements that require them to protect your information.
We may disclose information when legally required, and we will tell you when we are permitted to do so.
How long we keep it
We retain self-assessment submissions for up to 12 months unless you have become a client or asked us to retain your information longer for an active engagement. After that, the submission is deleted from our active records.
Your rights
Depending on where you live, you may have rights to:
- Know what information we have about you
- Correct it if it is inaccurate
- Ask us to delete it
- Object to how we use it
- Receive a copy of it in a portable format
To exercise any of these rights, email Maria.Stone@crisis-point.com with "Privacy Request" in the subject line. We will respond within 30 days. There is no fee for reasonable requests.
If you are in the European Economic Area or the United Kingdom, you also have the right to file a complaint with your national data protection authority. If you are in a US state with its own privacy laws that differ from US privacy laws we will honor them.
Children's information
The assessment is designed for working professionals. We do not knowingly collect information from anyone under the age of 18. If you believe a child has provided us with information, contact us and we will delete it.
International transfers
Our service providers are based in the United States. If you submit information from outside the United States, it will be transferred to and processed in the United States. We rely on standard contractual safeguards where required by law.
Cookies and analytics
This website is hosted on Squarespace, which uses cookies for basic functionality and analytics. You can manage cookies through your browser settings.
Security
We protect your information with reasonable administrative, technical, and physical safeguards, including encrypted transmission, access controls on our accounts, and discipline around who can see your data. No system is perfectly secure, but we treat the data we hold with the same care we'd advise any of our clients to apply to theirs.
Changes to this notice
If we make material changes, we will update the "effective" date at the top of this page and, where appropriate, notify subscribers by email. The current version is always available at this URL.
Contact
For anything related to your privacy or this notice: