← Back to site Privacy Policy

Datenschutz­erklärung

This privacy policy explains how isaeva - coaching (Daria Isaeva) collects, uses, and protects personal data when you visit this website, register for the Transformation 360° program, or work with us as a client. Compliant with the Swiss Federal Act on Data Protection (revFADP) and, where applicable, the EU General Data Protection Regulation (GDPR).

1. Data Controller

The data controller responsible for the processing of personal data on this website is:

isaeva - coaching
Daria Isaeva
Stämpbachpark 2
3067 Boll, Switzerland
Email: isaeva.daria.coaching@gmail.com

2. Scope & Legal Bases

This policy serves the disclosure obligations under both the Swiss Federal Act on Data Protection (revFADP) and the EU General Data Protection Regulation (GDPR). For consistency, we use the GDPR terminology throughout (e.g., "processing" instead of the Swiss "Bearbeiten"), while the legal meaning under Swiss law is determined by the revFADP.

Under Swiss law, processing is permitted when carried out in good faith, in proportion to its purpose, and for a clearly recognisable purpose (Art. 6 revFADP). Under the GDPR, where applicable, we rely on the following legal bases:

• Consent (Art. 6(1)(a) GDPR) — when you submit the application form or otherwise actively share your data
• Contractual necessity (Art. 6(1)(b) GDPR) — to deliver the coaching services you've signed up for
• Legal obligation (Art. 6(1)(c) GDPR) — accounting, tax, and statutory retention requirements
• Legitimate interest (Art. 6(1)(f) GDPR) — server logs, basic security, fraud prevention, and efficient client communication

3. Data We Collect

3.1 Data you actively provide

When you fill out the application form:

• Full name
• Email address
• Phone number (optional)
• Selected program package
• Free-text response describing what you want to change
• How you heard about the service (optional)

When you book a discovery call via TidyCal, that platform collects your name, email, and chosen time slot directly. See section 7.

When you become a client, additional data is processed in the course of delivering coaching services (see section 5).

3.2 Data collected automatically

When you visit this website, the hosting provider may automatically log technical data:

• IP address (typically anonymised after a short period)
• Browser type and version
• Operating system
• Referring page and timestamps

This data is used solely for security, troubleshooting, and basic aggregate statistics. It is not used to identify individual visitors. Server log files are typically retained for a maximum of 30 days.

4. Purposes of Processing

We process personal data only for the following clearly defined purposes:

• Responding to your application and arranging a discovery call
• Delivering the Transformation 360° coaching program if you become a client
• Communicating with you about your enrolment, sessions, and program logistics
• Issuing invoices and meeting Swiss accounting and tax obligations
• Improving the website's content and user experience
• Complying with legal obligations

We do not use your data for automated decision-making, profiling, or behavioural advertising.

5. Coaching Services

If you become a client, we process your data in the course of delivering coaching services. This includes:

• Contact and communication (email, phone, WhatsApp if you choose to use it)
• Needs analysis to determine appropriate coaching approaches
• Scheduling and conducting coaching sessions (typically via Zoom or Microsoft Teams)
• Documenting session progress and reflections (kept locally on the coach's devices unless otherwise agreed)
• Managing client-specific information and materials
• Issuing invoices and managing payment
• Follow-up and quality assurance

The categories, scope, and necessity of processing are determined by the underlying coaching agreement. Sensitive personal information you share during coaching sessions is treated with strict confidentiality and is not disclosed to third parties without your explicit consent, except where required by law or to protect vital interests.

Legal basis: Contractual necessity (Art. 6(1)(b) GDPR / Art. 6 revFADP).

6. Video Calls

Coaching sessions are typically conducted via video conferencing. We use the following platforms:

Zoom

Zoom Video Communications, Inc. (San Jose, USA). When you join a Zoom session, the platform processes your name, email (if you log in with an account), IP address, device and browser information, audio and video streams during the session, and any chat messages. Zoom may also process metadata about the session itself (start time, duration, participants).

Some sessions may be recorded and stored in Zoom Cloud if you and the coach agree in advance. Recordings are used only for the agreed purpose (typically client reference or coach reflection) and are deleted when no longer needed. Recording only takes place with your explicit prior consent at the start of the session.

Zoom is certified under the EU-US and Swiss-US Data Privacy Frameworks. See Zoom's privacy policy.

Microsoft Teams

Microsoft Ireland Operations Limited (Dublin) and Microsoft Corporation (USA). Similar data is processed: name, email, IP address, device and browser data, audio and video during sessions, chat messages, and session metadata. Microsoft Teams meetings are not recorded by default; recording, if any, follows the same consent rule as for Zoom.

Microsoft is certified under the EU-US and Swiss-US Data Privacy Frameworks. See Microsoft's privacy statement.

7. Third-Party Services

The following service providers process personal data on our behalf or independently. Each has its own privacy policy.

TidyCal (discovery call booking)

TidyCal, operated by SureSwift Capital Inc. (USA). When you book a discovery call, your name, email, and chosen time are processed by TidyCal. See tidycal.com/privacy-policy.

Gmail (Google)

Google Ireland Limited (Dublin) / Google LLC (USA). Email correspondence with us is processed via Gmail. Google acts as a processor for email storage and delivery. See policies.google.com/privacy.

WhatsApp (optional client communication)

Meta Platforms Ireland Limited (Dublin). If you choose to communicate via WhatsApp during the coaching engagement, Meta processes your phone number, messages, and metadata. WhatsApp use is optional and based on your initiative. See whatsapp.com/legal/privacy-policy.

Google Fonts

Web fonts (Fraunces, Inter, JetBrains Mono) are loaded from Google Fonts. When fonts are loaded, your IP address is briefly transmitted to Google. See policies.google.com/privacy.

Hosting provider

This site is hosted by [hosting provider name and country — e.g. Netlify, Inc., USA]. The hosting provider processes server logs as described in section 3.2 to deliver the website and protect against abuse.

Payment

Invoices are issued in your name. Payment is handled directly between your bank and ours via bank transfer or Twint. No third-party payment processor is involved on this website. We do not collect, store, or have access to your banking or card details.

8. International Data Transfers

Some of the service providers listed above (Google, Microsoft, Zoom, TidyCal/SureSwift, Meta) are based in or transfer data to the United States. For these transfers we rely on the following safeguards:

• EU-US Data Privacy Framework (DPF) — recognised as adequate by the EU Commission (10 July 2023) and by the Swiss Federal Council (effective 15 September 2024)
• Standard Contractual Clauses (SCCs) — as a complementary safeguard where the provider also offers them

This dual protection ensures that should the DPF be revised or invalidated, the SCCs remain in place as a reliable fallback. The current list of DPF-certified companies is available at dataprivacyframework.gov.

9. Cookies & Tracking

This website uses only essential cookies required for basic functionality. No analytics, advertising, social media, or behavioural tracking cookies are set.

If non-essential cookies are added in future (such as Google Analytics or similar), this section will be updated and a cookie consent banner will be implemented before any non-essential cookies are placed. Your consent will be required and freely withdrawable at any time.

10. Data Retention

We keep personal data only as long as necessary for the purposes set out above, and in accordance with Swiss law:

• Application form submissions (where you do not become a client): 12 months after submission, then deleted
• Client records, invoices, and accounting documents: 10 years after the end of the calendar year in which the record was created, as required by Art. 958f of the Swiss Code of Obligations (OR)
• Contract-related claims: up to 10 years under the general statute of limitations (Art. 127 OR), or 5 years for certain periodic claims (Art. 128 OR)
• Server logs: up to 30 days, retained by the hosting provider
• Email correspondence: until no longer needed for the purpose, or as required by law
• Zoom recordings (where created with your consent): deleted when no longer needed for the agreed purpose, and in any case within the coaching engagement plus 90 days, unless you request earlier deletion

Where multiple retention periods apply to the same data, the longest applies. Once retention is no longer required, data is deleted promptly.

11. Your Rights

Under the Swiss revFADP and the GDPR, you have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — ask us to correct inaccurate or incomplete data
• Right to erasure — ask us to delete your data, subject to legal retention obligations
• Right to restrict processing — ask us to limit how we use your data
• Right to data portability (GDPR) — request your data in a machine-readable format
• Right to object — object to processing based on legitimate interest
• Right to withdraw consent — where processing is based on consent, withdraw it at any time
• Right to lodge a complaint — with the Swiss Federal Data Protection and Information Commissioner (edoeb.admin.ch) or your local EU data protection authority

To exercise any of these rights, contact us using the details in section 14. We will respond within 30 days.

12. Security

This website is served over HTTPS with TLS encryption to protect data in transit. Reasonable technical and organisational measures are taken to protect personal data against loss, misuse, and unauthorised access, alteration, or disclosure. Access to client records is restricted to the coach.

No method of transmission or storage is 100% secure, but we maintain appropriate safeguards in line with the state of the art.

13. Changes to This Policy

This privacy policy may be updated from time to time to reflect changes in our practices, legal requirements, or third-party services. The "last updated" date below indicates the most recent revision. Material changes will be communicated through the website.

14. Contact

For any questions about this privacy policy or to exercise your rights:

isaeva - coaching
Daria Isaeva
Email: isaeva.daria.coaching@gmail.com

Last updated: May 2026