This document was last updated on 31 March, 2020.
Who We Are
Coachist Inc (“The Company”)
Cyprus Company Registration HE403157
48 Acropoleos Ave, Nicosia, 2012, Cyprus
Data Protection Officer (DPO): firstname.lastname@example.org Attn: Andy Vulcanescu
For any concerns related to privacy or otherwise, please feel free to contact us to effectively resolve or clarify any issues whatsoever. Responses are issued within two business days.
Anyone with a concern has the right to lodge a complaint with the Cyprus Privacy Regulator, the Commissioner for Personal Data Protection:
Personal Data belonging to Data Subjects must be protected according to the requirements outlined in the European General Data Protection Regulation 2016/679 (“GDPR”).
Any Natural Person whose identifiable data our Company has or processes, is considered a Data Subject.
- Right to be Informed
- Right to Restrict Processing
- Right of Access
- Right to Data Portability
- Right to Rectification
- Right to Object
- Right to Erasure
- Right to Withdraw Consent
- Right to Manual Processing
This Privacy Notice is binding by Contract (what is agreed to) and by Consent (if you consented to processing identifiable website analytics).
The nature of the Personal Data we process is out of the direct necessity to complete the contracts.
Significance of the Data Collected
The Company is contractually required to collect certain data such as billing and contact information, for the purpose of carrying out the the contracted service.
We respect that the rights to collect and process Personal Data is subject to limitations set forth in the GDPR.
No solely automated profiling shall take place having significant effects on anyone.
Reasons and Legal Basis for Processing Personal Data
Personal Data is any information collected that can be used to identify you, Art. 4 (1) GDPR.
Data Subjects (you) have right to obtain information that is processed about them, to request the processing of their Personal Data stop, to change or have their data erased, to withdraw any consent given at any time, and to not be subject to fully automated data processing.
We collect and process (use/ deal with) certain Personal Data for billing, communication, and to ensure compliance with local and international legal obligations, regulations or restrictions.
The Legal Basis for the Company processing data is contractual or consensual. We need certain data in order to carry out the services. We may also rely on consent for such things as the cookie notice on our website.
Types of Data Concerned and How it is Collected
Categories of data include name, address, email, payment details, communications, and any other information that is consented or agreed to be provided willingly.
The data collected comes directly from the Data Subject, except for the website analytics if consent is given, which is solely used to help the Company improve our service offering and never sold or otherwise distributed or shared.
The Personal Data is collected digitally, stored securely, and secured with server-level encryption or stored safely in on the cloud, or as the data is otherwise agreed to be processed together with the Data Subject.
How the Data is Processed
The Data we work with is used if and only as necessary to fulfill contractual obligations, ie. to provide the service. It is possible to have agreed with the Data Subject to collect or retain any data differently, on an explicit per-situation basis. Website analytics are used in order to help the Company improve the services we provide and never for advertising or third-party purposes whatsoever.
Coachist will never sell or share any personal information. We may communicate with customers via email or other methods to ensure a quality experience and proper functioning of the services. We take any questions and concerns related to the privacy, security, and safety of all clients and parties involved, seriously and are committed to addressing and resolving any matters without unreasonable delay.
The Company is considered a Data Controller and is liable for meeting all areas of privacy regulation as per the GDPR. All companies and persons we work with to be able to offer the service, which are listed in the next section, comply with the GDPR and therefore are likewise committed to protecting Personal Data privacy.
Who the Data is Shared With
The Company shares the Personal Data obtained, only as necessary as to enable Members (Mentors, Coaches, and Staff) to communicate and carry out the services with Clients.
Members must agree legally to be Data Controllers over any information they process in relation with any Clients. This meand that members are therefore held individually responsible for upholding the quality, professionalism, and meeting the law in regards to privacy, data security, and safeguarding client confidentiality. The Coachist Money-Back guarantee, as well as reviews and feedback, are tools to help uphold the highest quality of services offered.
Companies that Coachist works with for operating our business include:
NameCheap for hosting our website;
WordPress for running our website, including the following plugins:
Google Analytics is used for website analytics;
Google Apps for Business is used for email communications;
Complianz B.V. for GDPR compliance and cookie consent;
PayPal for invoices and payment processing;
Our Commitment to Safety
Coachist Inc is fully committed to maintaining the greatest security practices and to comply fully with the GDPR privacy provisions.
Protection of the data we process includes:
- TLS / SSL;
- DKIM, SPF and DMARC;
- Physical security measures of systems which contain personal data;
- Security software.
As Data Controllers under the law, Coachist takes full responsibility for guaranteeing safety over our part in all of the data that we process.
All members and companies we deal with are screened to ensure their compliance with the GDPR and to ensure that they meet the highest safety standard of security and trust in relation to clients’ personal data.
Coachist does not monitor the sessions held between members and clients. Only coaches and mentors are liable to protect and safeguard any data that they process and obtain from clients. All coaches and mentors must adhere to the EU GDPR regulations in regards to safeguarding client information.