Privacy Policy

Our commitment to protecting your personal information

Data Protection Commitment

At Achievement Degustatory, we understand that your privacy is fundamental to building the trust necessary for successful coaching relationships. We are committed to protecting your personal information and being transparent about how we collect, use, and safeguard your data.

This privacy policy outlines our practices regarding personal data collection, processing, storage, and your rights as an individual. We adhere to the highest standards of data protection and comply with applicable privacy laws and regulations.

Last Updated: July 18, 2025 | Effective Date: July 20, 2025

Information We Collect

Personal Information You Provide

Information you voluntarily provide when using our services:

  • Contact Details: Name, phone number, and communication preferences
  • Program Information: Service interests, goals, current situation descriptions
  • Session Data: Notes, progress tracking, goal setting information during coaching
  • Assessment Results: Personal development evaluations, skill assessments, progress metrics
  • Communication Records: Messages, feedback, and consultation interactions

Automatically Collected Data

Technical information collected through website usage:

  • Usage Analytics: Page views, session duration, navigation patterns, click behaviors
  • Device Information: Browser type, operating system, screen resolution, device identifiers
  • Location Data: General geographic location (country/region level only)
  • Cookies and Tracking: Website preferences, authentication tokens, analytics data
  • Performance Metrics: Page load times, error reports, feature usage statistics

Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Consent: When you explicitly agree to specific data processing activities
  • Contract Performance: To deliver coaching services and fulfill program obligations
  • Legitimate Interests: To improve services, prevent fraud, and maintain security
  • Legal Compliance: To meet regulatory requirements and legal obligations

Data Retention Periods

We retain personal data for specific periods based on purpose:

  • Active Client Data: During program duration plus 12 months for follow-up support
  • Financial Records: 7 years from final transaction for tax and audit purposes
  • Website Analytics: 26 months for trend analysis and service improvement
  • Marketing Data: Until consent withdrawal or 3 years of inactivity
  • Legal Documentation: As required by applicable laws and regulations

How We Use Your Information

Service Delivery

  • • Provide personalized coaching programs
  • • Track progress and goal achievement
  • • Customize content and recommendations
  • • Schedule and conduct sessions
  • • Issue certificates and credentials

Communication

  • • Send program updates and information
  • • Provide customer support responses
  • • Share relevant resources and tips
  • • Conduct satisfaction surveys
  • • Emergency contact when necessary

Business Operations

  • • Process payments and billing
  • • Maintain accurate client records
  • • Generate usage and performance reports
  • • Comply with legal obligations
  • • Prevent fraud and security threats

Service Improvement

  • • Analyze usage patterns and preferences
  • • Develop new programs and features
  • • Optimize website performance
  • • Conduct research and analytics
  • • Enhance user experience design

Marketing Activities

  • • Send relevant program offers (with consent)
  • • Create anonymized success stories
  • • Develop targeted content and resources
  • • Measure campaign effectiveness
  • • Build community and network connections

Note: Marketing communications are always opt-in and you can unsubscribe at any time.

Third-Party Sharing

We share data only in specific circumstances:

  • • Service providers (hosting, analytics, payment processing)
  • • Legal compliance and law enforcement requests
  • • Business transfers (with equivalent privacy protection)
  • • Emergency situations to protect safety

Data Protection and Security

Technical Security Measures

Encryption Protection

SSL/TLS encryption for all data transmission and AES-256 encryption for stored data

Access Controls

Multi-factor authentication and role-based access permissions for all team members

Network Security

Firewall protection, intrusion detection systems, and regular security monitoring

Regular Backups

Automated daily backups with geographic redundancy and disaster recovery protocols

Security Audits

Quarterly security assessments and annual third-party penetration testing

Staff Training

Regular privacy and security training for all team members handling personal data

Organizational Safeguards

  • Privacy by Design: Data protection considerations integrated into all system development and business processes
  • Data Minimization: Collection and processing limited to information necessary for stated purposes
  • Incident Response: Documented procedures for detecting, reporting, and responding to data breaches within 72 hours
  • Vendor Management: All third-party service providers undergo security assessments and sign data processing agreements
  • Data Mapping: Comprehensive documentation of all personal data flows, storage locations, and processing activities

Breach Notification Procedures

In the unlikely event of a data breach affecting personal information, we will:

  • • Notify relevant authorities within 72 hours when legally required
  • • Inform affected individuals without undue delay if there is high risk to their rights
  • • Provide clear information about the nature of the breach and steps being taken
  • • Offer guidance on protective measures individuals can take
  • • Conduct thorough investigation and implement additional safeguards as needed

Your Privacy Rights

Access Rights

Request access to personal data we hold about you, including:

  • • Complete copy of your personal data
  • • Information about how data is processed
  • • Details about data sharing and transfers
  • • Response provided within 30 days

Rectification Rights

Request correction of inaccurate or incomplete data:

  • • Update contact information and preferences
  • • Correct factual errors in records
  • • Complete missing information fields
  • • Changes implemented immediately

Erasure Rights

Request deletion of personal data when:

  • • Data no longer necessary for original purpose
  • • Consent is withdrawn and no other legal basis
  • • Data processed unlawfully
  • • Subject to legal retention requirements

Portability Rights

Receive personal data in structured, machine-readable format:

  • • Export data to another service provider
  • • Common formats like JSON or CSV
  • • Includes all data provided by you
  • • Available within 30 days of request

Objection Rights

Object to processing based on legitimate interests:

  • • Marketing and promotional communications
  • • Profiling for service recommendations
  • • Analytics and research activities
  • • Must be balanced against legitimate interests

Restriction Rights

Request limitation of processing when:

  • • Accuracy of data is contested
  • • Processing is unlawful but deletion not wanted
  • • Data needed for legal claims
  • • Objection to processing is pending review

How to Exercise Your Rights

Submit Request

Use our contact form to submit your privacy rights request with specific details

Identity Verification

We may need to verify your identity to protect against unauthorized access

Response Timeline

Receive response within 30 days, with extension notice if additional time needed

Policy Updates and Contact Information

Privacy Policy Updates

We may update this privacy policy periodically to reflect changes in our practices, services, or legal requirements. Material changes will be communicated through prominent website notices and direct notification to active clients at least 30 days before implementation.

Version History: Previous versions of this policy are archived and available upon request. Current version effective July 20, 2025.

Privacy Questions and Concerns

For questions about this privacy policy, to exercise your privacy rights, or to report privacy concerns, please contact us using the form on our website. We are committed to addressing all privacy inquiries promptly and thoroughly.

Regulatory Compliance

Our privacy practices comply with applicable New Zealand privacy laws and international standards. If you believe your privacy rights have been violated, you have the right to file a complaint with relevant regulatory authorities.

Contact Privacy Team Cookie Policy Terms of Service