Privacy Policy

Privacy Policy

1. Who This Policy Applies To

This privacy policy explains how Lucy (the “Business”) collects, uses, and handles personal data in the course of providing coaching and advisory services.

2. The Role of Lucy in Relation to Data

Lucy operates in two capacities depending on the context:

• As a Data Controller

Lucy acts as a data controller when handling personal data relating to her own business activities. This includes client communications, contracts, invoicing, and general business administration.

• As a Data Processor (Limited Scope)

In the course of providing coaching and advisory services, Lucy may access or review personal data held within a client’s systems (such as CRM data, call recordings, email threads, or sales materials).

In these cases:

Lucy does not control or manage these systems

Lucy does not independently use or repurpose this data

Access is limited strictly to what is necessary to deliver the agreed services

The client remains the data controller for all such data at all times.

3. What Data May Be Accessed or Collected

Depending on the nature of the work, Lucy may:

• Access (but not control) client-held data such as:

CRM records and pipeline data

Call recordings

Email conversations

Sales materials and proposals

Performance or sales data

• Collect and store limited personal data directly, including:

Client names and contact details

Business information

Notes taken during coaching sessions

Lucy does not intentionally collect sensitive personal data.

4. How Data Is Used

Personal data is used only where necessary to:

Deliver coaching and advisory services

Communicate with clients

Manage business operations (e.g. scheduling, invoicing)

Lucy does not sell, share, or use personal data for unrelated purposes.

5. Responsibility of Clients

Clients are responsible for ensuring that:

They have a lawful basis to collect and use any personal data within their systems

They have appropriate permissions or consent to share or display that data during coaching sessions

Lucy relies on clients to ensure compliance with applicable data protection laws in this respect.

6. Data Storage and Retention

Lucy aims to minimise data retention.

Personal data held for business purposes (e.g. contact details, notes) is retained only as long as necessary to deliver services and meet legal or administrative obligations

Any exposure to client data is temporary and limited to the duration of the engagement

Reasonable steps are taken to keep all data secure and confidential.

7. Third-Party Tools and Platforms

Lucy and her team may use third-party platforms to deliver services and support client work. These may include:

GoHighLevel (LeadConnector) for CRM, outreach, and marketing systems

Mailgun for email delivery

Twilio for messaging and call functionality

Social media platforms (e.g. LinkedIn, Meta platforms)

Video conferencing tools (e.g. Google Meet, Zoom, Microsoft Teams)

These providers may process data outside the UK, including in the United States, under appropriate safeguards such as Standard Contractual Clauses.

More information on GoHighLevel’s subprocessors can be found at: gohighlevel.com/sub-processors

8. Data Security

Lucy takes reasonable technical and organisational measures to protect personal data, including limiting access, using secure platforms, and maintaining confidentiality in all client work.

9. Your Rights

Where Lucy acts as a data controller, individuals may have rights under UK data protection law, including the right to:

Access their personal data

Request correction or deletion

Object to or restrict processing

Requests can be made directly to Lucy.

10. Updates

This policy may be updated from time to time to reflect changes in services or legal requirements.

11. Contact

For any questions about this policy or how data is handled, please contact Lucy directly.
Email: [email protected]

Website: lucywilsher.com

Home

About

Book a Call

Cookies Settings