1. Introduction

I am committed to protecting your personal data and ensuring its security. This Privacy Policy explains how I collect, use, share, and protect personal information obtained through my website and services. I comply with applicable data protection laws, including the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR), where applicable.

Using "I" throughout the Privacy Policy ensures clarity and aligns with your status as a self-employed individual. Adjust all sections accordingly to reflect this personal tone.

2. Information We Collect

I collect the following types of personal information:

  • Contact Information: Name, email address, phone number, company name (if provided), category of contact demand, and description of the contact reason.

  • Usage Data: Information about how you interact with our website (e.g., IP address, browser type, pages visited).

  • Communication Data: Information shared during email exchanges or Zoom calls.

  • Client Notes: Information shared during coaching sessions or consultations, which may include personal goals, challenges, or other details relevant to the coaching process.

3. How I Collect Information

I collect information in the following ways:

  • Directly from you when you fill out forms on our website or contact us via email.

  • During coaching sessions or consultations (e.g., notes taken by the coach).

  • Automatically through cookies or analytics tools when you browse our website.

4. Purpose of Data Collection

I collect personal data for the following purposes:

  • To provide coaching services tailored to your needs.

  • To maintain accurate records of coaching sessions (e.g., client notes) for continuity and quality of service.

  • To improve our website functionality and user experience.

  • To schedule and conduct virtual meetings via Zoom.

  • To comply with legal obligations or resolve disputes.

5. Third-Party Services

I use third-party services to operate our business effectively:

  • Microsoft: For email communication (secure storage and encryption measures apply).

  • Squarespace: For website creation and hosting (GDPR-compliant secure servers).

  • GoDaddy: For domain hosting (subject to FTC-mandated security measures).

  • Zoom: For virtual calls (GDPR-compliant data processing safeguards).

These providers may process your data according to their own privacy policies. We recommend reviewing them for further details.

6.Client notes

As part of providing coaching services, I may take notes during sessions to track progress and tailor our services to your needs. These notes may include:

  • Personal goals and challenges.

  • Observations made during sessions.

  • Action plans or strategies discussed.

  • Follow-ups

How Client Notes Are Stored:

  • Notes are stored securely in Proton Cloud.

Retention Period:

  • Client notes are retained for 1 year after the end of the coaching relationship, unless otherwise required by law or requested by client in written form.

Confidentiality:

  • Client notes are confidential and will not be shared with third parties without explicit consent unless required by law.

7. Cookies

My website uses cookies to enhance user experience and analyze traffic. Cookies may collect information such as IP addresses and browsing behavior. You can manage cookie preferences through your browser settings.

8. Data Security Measures

I am committed to protecting your personal data and ensuring its security through industry-standard measures. The steps I take include:

  • Encryption: All sensitive data is encrypted both at rest and in transit using secure protocols to prevent unauthorized access.

  • Secure Cloud Storage: Proton Cloud, a privacy-focused and encrypted cloud storage solution, to store client notes and other essential data are used. Proton Cloud ensures end-to-end encryption for maximum security.

  • Access Control: Access to personal data is restricted to authorized personnel only, using role-based permissions and multi-factor authentication (MFA).

  • Firewall Protection: Our systems are safeguarded by firewalls that monitor and control incoming and outgoing traffic based on security rules.

  • Secure Hosting: Our website is hosted on GoDaddy's servers, which implement advanced security measures to protect against cyber threats.

  • Secure Communication Tools: Email communication is conducted via Microsoft 365, which offers encryption and secure storage. Virtual meetings are held using Zoom, which complies with GDPR and uses encryption for calls.

  • Regular Audits: I conduct periodic reviews of our data protection practices to identify potential vulnerabilities and ensure compliance with applicable regulations.

Monitoring for Breaches

I actively monitor our systems for potential security breaches. In the event of a breach, I will notify affected individuals promptly and take necessary steps to mitigate the impact.

8. Your Rights

Under applicable data protection laws, you have the following rights:

  • Access to your personal data.

  • Correction of inaccurate or incomplete data.

  • Deletion of your data ("right to be forgotten").

  • Restriction of processing or objection to processing.

  • Data portability.

To exercise these rights, please contact me at : contact@edwinpitono.com

9. International Data Transfers

If you are located outside Switzerland, your personal data may be transferred internationally via third-party services such as Zoom or GoDaddy. These transfers comply with GDPR adequacy decisions or other safeguards.

10. Updates to This Privacy Policy

I may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised "Last Updated" date.

11. Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact me at:


Edwin Pitono Personal Coaching

Ottostrasse

8005, Zürich

Switzerland
Email: contact@edwinpitono.com

Last Updated

This Privacy Policy was last updated on 23.04.2025.