Effective Date: December 5, 2025

At Kelly Meerbott Coaching ("we," "our," or "us"), your privacy, data protection, and security aren't just compliance checkboxes—they're foundational to how we serve you. This policy combines our Privacy Policy, Security Policy, and Data Processing Addendum (DPA) into one comprehensive, transparent document.

1. Privacy Policy

1.1 What We Collect

Personal Information: name, email, phone, billing address, business name, payment details (via Stripe)

Technical Data: IP address, device/browser type, usage patterns, session data

Content You Provide: coaching intake forms, session notes, assessment results, uploaded files, email correspondence

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

1.2 Why We Collect It

Provide, personalize, and deliver coaching services

Handle scheduling, billing, and client support

Send program updates and maintain client communication

Improve services and deliver relevant resources

Maintain confidentiality and ethical coaching standards

1.3 Third-Party Providers

Stripe (payment processing)

Google Analytics (website performance)

Meta Pixel (advertising analytics)

Go High Level (CRM and scheduling tools)

Zoom or similar platforms (virtual coaching sessions)

1.4 Data Retention

We keep your data as long as needed for legal, operational, or coaching continuity purposes. You can request deletion at any time, subject to legal record-keeping requirements.

1.5 Your Rights

You may request access, correction, deletion, portability, or processing restriction of your data. Email: [email protected]

2. Security Policy

2.1 Infrastructure

Hosted on secure cloud platforms with firewall protection

Encrypted backups and secure data storage

Physical and digital security measures in place

2.2 Encryption

TLS 1.2+ for data in transit

AES-256 for stored data

2.3 Authentication

Password-protected client portals

Two-factor authentication available for client accounts

Confidential coaching notes secured and access-restricted

2.4 Secure Practices

Regular security reviews and updates

Separation of client data with role-based access

Coaching sessions conducted via secure, encrypted platforms

2.5 Breach Protocol

We notify clients promptly of any confirmed data breach affecting your information and take immediate action to protect your data.

3. Data Processing Addendum (DPA)

3.1 Roles

You = Data Subject.

We = Data Controller and Processor.

3.2 Sub-Processors

Same third-party tools listed above, all under contract with data security obligations.

3.3 Data Subject Rights

We'll help you fulfill data requests where legally required.

3.4 International Transfers

We use Standard Contractual Clauses (SCCs) and valid mechanisms for data outside EU/UK as applicable.

3.5 Retention & Deletion

You may request return or deletion of personal data in accordance with legal and professional requirements.

3.6 Confidentiality

All coaching conversations and materials are treated as confidential in accordance with International Coaching Federation (ICF) standards, except where disclosure is required by law or to prevent harm.

3.7 Legal Jurisdiction

This policy is governed by the laws of Pennsylvania, unless otherwise required.

Contact Us

Kelly Meerbott Coaching
[email protected]