What Reporting Privacy means #
Reporting Privacy is a configuration that protects Players’ individual reports and limits what the Tenant Admin can see.
When this protection is activated by the Provider for a specific tenant, the Tenant Admin cannot view the personal reports of individual Players.
The Player, however, continues to see their own individual reports in their personal area.
In summary:
- the Player can see their own reports;
- the Tenant Admin cannot open individual Player reports;
- the Tenant Admin can only see aggregated data;
- aggregated data only becomes visible when a minimum number of Players has been reached on a specific simulation.
This logic allows reports to be used for training and organizational purposes, preventing the performance of the individual participant from being exposed to the tenant administration.
Who activates reporting privacy #
Reporting privacy is configured by the Provider for the tenant.
The Provider can decide if the Tenant Admin can see:
- individual Player reports;
- only aggregated reports;
- aggregated reports visible only above a minimum threshold of participants.
When privacy protection is active, the Tenant Admin is informed via a message in the Reports section.
Example:
Privacy protection active
Tenant privacy protection is active: individual player reports are not available for Tenant Admins. You can only consult aggregate data.
Why individual reports are hidden #
Individual reports can contain very specific information about the Player’s conversational performance.
For this reason, in some corporate or training contexts, it may be preferable for the administration not to access the details of the individual participant.
Reporting privacy serves to prevent the report from being perceived as an individual monitoring tool.
The goal is to maintain the report as a personal learning tool for the Player and use aggregated data to understand the general progress of the group.
Aggregated data: when it becomes visible #
When privacy is active, the Tenant Admin can see aggregated data only after a minimum number of Players has completed attempts on a specific simulation.
This threshold is defined in the tenant configuration or by the Provider.
For example, if the minimum threshold is 3 Players, the aggregated data for a simulation becomes visible only when at least 3 distinct Players have completed valid attempts on that simulation.
This means that:
- 1 Player with many attempts is not enough;
- 2 Players with several attempts are not enough;
- at least 3 distinct Players are needed, if the configured threshold is 3;
- the threshold applies to the specific simulation or runtime selected.
Practical example #
Case 1 – Threshold not reached #
Configured privacy threshold: 3 distinct Players
On the Strategic Deal Risk Acceptance Simulation, attempts were made by:
- Player 1;
- Player 2.
Even if the two Players have made many attempts, the threshold is not reached.
The Tenant Admin does not yet see the aggregated data for the simulation.
The platform may show a message such as:
Aggregated data not yet available
Data will be visible when a sufficient number of Players has completed attempts on this simulation.
Case 2 – Threshold reached #
Configured privacy threshold: 3 distinct Players
On the same simulation, attempts were made by:
- Player 1;
- Player 2;
- Player 3.
The threshold is reached.
The Tenant Admin can see the aggregated report of the simulation, for example:
- average runtime index;
- average readiness;
- average conversational signals;
- average coverage of Communication Skills;
- phases reached;
- recurring opportunities;
- any interruptions for Player protection in aggregated form.
The Tenant Admin still does not see the individual reports of the single Players.
Why a minimum threshold is needed #
The minimum threshold serves to reduce the risk of indirectly identifying a Player.
If aggregated data were shown even with one or two participants, it would be easy to guess who the results belong to.
For this reason, the platform shows aggregated data only when the group is large enough to protect the identity of individual participants.
This logic is particularly important when consulting:
- reports for a specific simulation;
- filters by period;
- runtimes with few Players;
- simulations assigned to very small groups;
- data on protection interruptions;
- very recognizable performance trends.
The threshold also applies to filters #
The privacy threshold does not only concern the simulation in general.
It can also be applied when the Tenant Admin uses filters that narrow the sample.
For example, if a simulation has enough Players in total, but the Tenant Admin sets a very narrow date range and only 2 Players appear in that period, the aggregated data may be hidden.
This prevents an overly specific filter from making an individual participant identifiable.
Examples of filters that can reduce the sample:
- start and end date;
- specific runtime;
- simulation status;
- restricted group of Players;
- delivery period;
- available valid attempts.
When the filter reduces the number of Players below the threshold, the platform may show an insufficient data message.
What the Tenant Admin can see when the threshold is reached #
When the minimum threshold is reached, the Tenant Admin can consult aggregated data.
This data describes the overall progress of the simulation, not the behavior of the individual Player.
They may include:
- total number of attempts;
- number of Players included in the aggregation;
- average runtime index;
- average readiness;
- average conversational signals;
- average coverage of Communication Skills;
- average phases reached;
- recurring opportunities;
- average trend over time;
- interruptions for Player protection in aggregated form.
This data helps to understand if a simulation is working well, if it is too difficult, if some skills are not emerging enough, or if it is necessary to strengthen the training path.
What the Tenant Admin does not see #
When privacy is active, the Tenant Admin does not see:
- individual Player reports;
- personal performance details;
- individual transcripts;
- scores associated with a single Player;
- key moments attributable to a single Player;
- individual PDF reports;
- personal conversational content.
The view remains aggregated and oriented towards group analysis.
What the Player sees #
The Player continues to see their own individual reports.
In their personal area, they can consult:
- global conversational profile;
- reports of individual sessions;
- session outcome;
- what worked;
- development areas;
- recommended next steps;
- detected communication skills;
- conversational signals;
- conversation map;
- key moments.
Privacy protects the Player towards the administration, but does not prevent the Player from using their own data to learn and improve.
Difference between individual report and aggregated report #
Individual report #
The individual report concerns a single Player and a specific session.
It serves the Player to understand what happened in their conversation and how to improve.
When privacy is active, this report remains visible only to the Player.
Aggregated report #
The aggregated report concerns a set of Players on a specific simulation or runtime.
It serves the Tenant Admin to understand the general progress of the group.
It becomes visible only if the minimum threshold of Players provided by the privacy configuration is reached.
Privacy and interruptions for Player protection #
Even interruptions for Player protection must be read in an aggregated way when privacy is active.
The Tenant Admin can see, above the threshold, information such as:
- how many interruptions occurred;
- what is the interruption rate on the runtime;
- if a simulation is generating many interruptions;
- if it might be necessary to review the scenario, difficulty, or Avatar Persona.
They must not, however, see individual details that allow identifying which Player had an interruption.
This allows for improving safety and training design without exposing individual participants.
Why this privacy is useful for the organization #
Reporting privacy helps create a safer learning environment.
The Player can train knowing that their individual report will not be used as direct monitoring by the administration.
The Tenant Admin can still obtain useful information to improve the training path, but only in aggregated form.
This balance allows for:
- protecting Player trust;
- reducing the risk of misuse of individual reports;
- maintaining analytical value for the organization;
- identifying training trends;
- improving simulations, coaching, and paths;
- complying with stricter privacy configurations.
How to read an insufficient data message #
If the Tenant Admin sees an insufficient data message, it means the platform does not yet have enough data to show a secure aggregate.
It is not a technical error.
It means that:
- there are not yet enough distinct Players;
- or the selected filters reduce the group below the threshold;
- or there are not enough valid attempts for that simulation;
- or the available data cannot be shown without risking making individual Players identifiable.
To view aggregated data, it is necessary to wait for other Players to complete valid attempts or to expand the selected period or filters.
Best practices for Tenant Admins #
When privacy is active, the Tenant Admin should:
- mainly use the By runtime view;
- interpret the data as group trends, not as individual judgments;
- avoid overly narrow filters if the sample is small;
- wait for the minimum threshold to be reached before drawing conclusions;
- use aggregated data to improve simulations and training paths;
- not try to indirectly identify individual Players;
- explain to Players that individual reports remain private, if this policy is active.
Final result #
Reporting privacy allows for protecting individual Player reports and, at the same time, providing the Tenant Admin with useful data to analyze the overall progress of simulations.
When active:
- the Player sees their own reports;
- the Tenant Admin does not see individual reports;
- the Tenant Admin only sees aggregated data;
- aggregated data appears only after reaching a minimum threshold of distinct Players for a specific simulation;
- filters respect the same threshold logic;
- the organization can improve the training path without compromising participant privacy.
The goal is to maintain a balance between individual learning, protection of the person, and organizational analysis.
