Introduction
Heavener Kahana ("I," "me," or "my") respects your privacy and is committed to protecting your personal data. This privacy policy explains how I collect, use, store, and protect your information when you visit my website or engage with my wellness coaching services.
I operate in accordance with the General Data Protection Regulation (GDPR) and applicable Dutch data protection laws. This policy applies to all visitors, prospective clients, and current clients who interact with my services.
Data Controller: Heavener Kahana
Location: Jachthavenweg 109 H, 1081 KM Amsterdam, Netherlands
Contact: info@heavenerkahana.nl
Information I Collect
Personal Information
When you contact me through the website form or engage with my services, I may collect:
- Your full name and contact details (email address, phone number)
- Information about your wellness goals and current lifestyle
- Health and fitness background relevant to coaching services
- Communication preferences and session scheduling information
- Payment information for program purchases (processed securely through third-party providers)
Automatically Collected Information
When you browse my website, certain technical data is collected automatically:
- IP address and browser type
- Device information and operating system
- Pages visited and time spent on the site
- Referring website or search terms
- Cookies and similar tracking technologies (see Cookie Policy below)
How I Use Your Information
Your personal data is used exclusively for the following legitimate purposes:
- Service Provision: To respond to your inquiries, schedule consultations, and deliver coaching services
- Communication: To send relevant information about programs, schedule changes, or wellness resources
- Personalization: To tailor coaching recommendations based on your specific goals and circumstances
- Legal Compliance: To maintain records as required by applicable laws and professional standards
- Website Improvement: To analyze usage patterns and enhance user experience (using anonymized data)
Important: I do not sell, rent, or trade your personal information to third parties. Your data is used solely for the purposes outlined above and with your explicit consent where required.
Legal Basis for Processing
Under GDPR, I process your personal data based on the following legal grounds:
- Consent: When you voluntarily provide information through contact forms or subscribe to communications
- Contractual Necessity: When processing is required to fulfill coaching service agreements
- Legitimate Interests: For website analytics, security measures, and business operations that do not override your privacy rights
- Legal Obligation: When required to comply with applicable laws or regulatory requirements
Data Retention
I retain your personal information only for as long as necessary to fulfill the purposes for which it was collected:
- Contact inquiries: Retained for 12 months unless a coaching relationship is established
- Active client records: Retained for the duration of services plus 7 years for professional and legal compliance
- Website analytics data: Retained for 26 months (Google Analytics default)
- Financial records: Retained for 7 years per Dutch tax regulations
Once the retention period expires, your data is securely deleted or anonymized in accordance with industry best practices.
Your Rights Under GDPR
As a data subject, you have the following rights regarding your personal information:
- Right to Access: Request a copy of the personal data I hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your data under specific circumstances ("right to be forgotten")
- Right to Restrict Processing: Request limitation on how I use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or direct marketing
- Right to Withdraw Consent: Withdraw previously given consent at any time
To exercise any of these rights, please contact me using the information provided below. I will respond to all requests within 30 days as required by law.
Data Security
I implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:
- SSL/TLS encryption for all data transmission
- Secure password protection for all systems containing personal data
- Limited access to personal information (only on a need-to-know basis)
- Regular security assessments and software updates
- Confidentiality agreements with any third-party service providers
While I strive to use commercially acceptable means to protect your data, no method of transmission over the internet is 100% secure. I encourage you to use strong passwords and maintain the confidentiality of your account information.
Third-Party Services
I may use trusted third-party services to support my operations:
- Email Service Providers: For communication and newsletter delivery
- Payment Processors: For secure transaction processing (I do not store your payment card details)
- Analytics Services: For understanding website usage patterns
- Scheduling Tools: For appointment booking and management
These providers are carefully selected and contractually bound to process data only on my behalf and in compliance with GDPR requirements. They do not use your data for their own purposes.
Cookies and Tracking
This website uses cookies and similar technologies to enhance your browsing experience:
- Essential Cookies: Required for basic website functionality (cannot be disabled)
- Analytics Cookies: Help me understand how visitors interact with the site (Google Analytics)
- Preference Cookies: Remember your settings and preferences for future visits
You can control cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality.
Changes to This Policy
I may update this privacy policy periodically to reflect changes in my practices, legal requirements, or service offerings. Any modifications will be posted on this page with an updated revision date. I encourage you to review this policy regularly.
Significant changes that affect how I process your personal data will be communicated directly to you via email where possible.
Contact Information
If you have questions, concerns, or requests regarding this privacy policy or my data practices, please contact me: