Privacy Policy: Govani Coaching Ltd

Govani Coaching Ltd (“we”, “us”, “our”) is a global executive coaching and leadership development agency. We are committed to protecting the privacy, confidentiality, and security of all personal data we process.

This Privacy Notice explains how we collect, use, store, and protect personal data across our two core service streams:

Corporate Clients & Participants (B2B / B2B2C): Global corporate entities that contract our services, and the employees/executives who participate in our executive coaching, leadership development programmes, or workshops.

Direct Individual Clients (B2C): Individuals who directly engage and pay for our coaching or mindfulness training services.

1. Our Role in Data Protection (Regulatory Standing)

1. Our Role in Data Protection (Regulatory Standing)

Depending on how you interact with us, our legal designation under data protection laws (including the UK GDPR, EU GDPR, and applicable global frameworks) varies:

Independent Data Controller: To maintain strict professional, ethical, and confidentiality standards required by global coaching bodies (e.g., ICF, EMCC), Govani Coaching acts as an independent Data Controller regarding the specific, sensitive contents of individual executive coaching conversations and coaching session notes.

For Direct Individual Clients: We act as the Data Controller for all personal data collected.

For Corporate Clients & Participants:  For administrative data, attendance tracking, scheduling, and workshop feedback managed on behalf of your employer, the Corporate Client acts as the Data Controller, and Govani Coaching acts as the Data Processor.

2. Categories of Personal Data We Collect

A. Direct Individual Clients

  • Identity & Contact Data: Name, email address, telephone number, billing/postal address.
  • Financial Data: Payment details and transaction history.
  • Special Category / Sensitive Data: Details regarding emotional wellness, mental, or physical health, as voluntarily disclosed by you to ensure the safety and customization of mindfulness or coaching programmes.
  • Session Records: Notes taken during or after coaching/mindfulness sessions, which are heavily pseudonymised using a unique alphanumeric ID code.

B. Corporate Participants (Employees of Corporate Clients)

  • Business Contact Data: Name, professional email address, corporate phone number, job title, department, and employer name.
  • Engagement & Performance Data: Attendance records for workshops, coaching session schedules, and aggregated feedback/evaluation metrics.
  • Executive Coaching Notes: Confidential reflections and notes captured during 1-on-1 executive coaching sessions. These are strictly pseudonymised.

3. Lawful Bases for Processing

We process data under the following recognized legal frameworks:

Legal Obligation: To comply with statutory financial, tax, or regulatory requirements.

Performance of a Contract: To deliver services requested directly by an individual, or to fulfill our contractual obligations under a Master Services Agreement (MSA) with a Corporate Client.

Legitimate Interests: To effectively manage, deliver, and optimize our global business operations, maintain high-quality professional records, and ensure corporate account management.

Consent: For voluntary feedback surveys or when you explicitly opt-in to receive our insights or newsletters.

4. Strict Confidentiality & Corporate Separation of Data

For our Corporate Clients and Participants, we enforce a strict wall of confidentiality:

  • Workshop & Group Training Data: Aggregated, anonymized feedback and attendance metrics may be shared with the Corporate Client’s HR or procurement stakeholders as contractually agreed.
  • Executive Coaching Content: Individual 1-on-1 coaching session notes and specific session contents are strictly confidential. They are never shared with the Corporate Client (the employer) unless explicit consent is granted by the participant, or in highly exceptional circumstances involving a risk to another, a risk by another or a risk to the client.

To ensure professional quality assurance, highly anonymised, non-identifiable themes may be discussed with certified professional coaching supervisors.

5. Global Data Transfers & Cross-Border Mechanisms

As a global agency, personal data may be transferred to, stored, or processed in jurisdictions outside of your home country (including the UK, European Economic Area (EEA), United States, and other global regions).

Where data crosses international boundaries, we ensure adequate protection mechanisms are in place:

  • Adequacy Decisions: Transferring data to countries recognized by the UK Government or European Commission as providing adequate data protection.
  • Standard Contractual Clauses (SCCs) / International Data Transfer Agreements (IDTAs): Where adequacy decisions do not exist, we execute standard contractual clauses with our corporate clients and sub-processors to legally bind the security of the data.
  • Data Privacy Frameworks: Ensuring US-based vendors and sub-processors (e.g., cloud storage, enterprise schedulers) are certified under appropriate international privacy frameworks.

6. Data Security

6. Data Security and Technical Measures (InfoSec)

We implement measures to prevent unauthorized access, alteration, disclosure, or destruction of data:

  • Access Control: Access to participant data is strictly limited to authorized personnel who require it to deliver the services.
  • Pseudonymisation: Individual coaching and mindfulness session notes are separated from direct identifiers (names, emails) and tied only to unique, random ID codes.

7. Data Retention

We do not retain personal data longer than necessary for the purposes for which it was collected:

  • Sensitive & Session Data: Pseudonymised coaching notes, mindfulness session logs, and health-related details are securely and permanently destroyed within 12 months of the conclusion of the specific coaching or training programme.
  • Corporate & Financial Records: Master Services Agreements, invoices, and business transaction records are retained for a minimum of 6 years to comply with statutory corporate tax and financial accounting regulations.
  • Marketing Data: Retained until consent is withdrawn or an unsubscribe request is received.

8. Your Global Rights

Depending on your geographic location (including the UK, EEA, and specific US states such as California), you hold distinct statutory rights regarding your personal data. These include the right to:

  • Access & Portability: Request a comprehensive copy of the data we hold on you.
  • Rectification: Demand the correction of inaccurate or incomplete information.
  • Erasure (“Right to be Forgotten”): Request permanent deletion of data where legal retention periods have expired.
  • Restriction & Objection: Restrict or object to specific processing streams based on legitimate interests or direct marketing.
  • Lodge a Complaint: File a formal grievance with a competent supervisory authority, such as the UK Information Commissioner’s Office (ICO) or your local Data Protection Authority.

To exercise any of these rights, please contact our Data Protection Lead using the details below.

9. Contact Us

For all privacy inquiries, data subject access requests, or questions regarding our global data processing practices, please contact:

Farah Govani, Govani Coaching Ltd, 64 Station Road, Upminster, Essex, RM14 2TD, United Kingdom

Email: farah@govanicoaching.com

Scroll to Top