Since you’ll be pasting this into a WordPress page, a Word document isn’t the right format here — you just need clean text. Let me write it directly so you can copy and paste it straight into the page editor.

PRIVACY POLICY
Last Updated: June 2026

1. Data Controller

The Data Controller responsible for the processing of personal data collected through www.marcovalentinicoach.com and in the course of providing coaching, training and mentoring services is:

Marco Valentini
Via Fratelli rosselli 11, 56123 Pisa (PI), Italy
Email: marco@marcovalentinicoach.com
Phone: +39 351 540 7914

2. What Data We Collect

2.1 Browsing data
When you navigate this website, certain technical data is collected automatically, including IP address, browser type, operating system, referring URL, and date and time of access. This data is necessary for the technical operation of the site and is not linked to identified individuals.

2.2 Data you provide voluntarily
Through the contact form or other communication channels (email, LinkedIn, phone), you may share personal data such as your name, email address, phone number, and any other information included in your message.

2.3 Data processed in the course of coaching services
In delivering professional services (individual and team coaching sessions, training programmes, mentoring), personal data relating to clients and, where relevant, third parties mentioned during sessions may be processed. This includes:

• identifying and contact details
• professional information (role, organisation, workplace dynamics)
• content shared during sessions, including information of a sensitive nature
• notes and reflections developed by the Data Controller to support the professional relationship

3. Digital Tools and Artificial Intelligence

In the course of professional activities, the Data Controller uses third-party digital tools that may process personal data on their behalf as data processors.

3.1 Communication and storage tools

• Zoom Video Communications, Inc. — used for remote sessions. Data may be transferred to the USA. Privacy policy: zoom.us/privacy
• Google LLC (Google Drive, Gmail) — used for document storage and email communication. Data may be transferred to the USA. Privacy policy: policies.google.com/privacy

3.2 Artificial intelligence tools

The Data Controller uses AI-based tools to support activities such as drafting content, processing professional notes, and preparing training materials. The main tools used include:

• Claude (Anthropic PBC) — AI assistant for text processing and professional support. Data is processed on servers in the USA. Privacy policy: anthropic.com/legal/privacy
• Other AI tools — the Data Controller may use additional AI-based tools (e.g. dictation and language processing tools). In such cases, particular care is taken to minimise the personal data shared.

The Data Controller is committed to avoiding sharing clients’ identifying information with AI tools where not necessary, favouring the use of anonymised or pseudonymised data. Data shared with AI tools is not used for purposes other than those described in this policy.

4. Purposes of Processing

Personal data is processed for the following purposes:

• responding to contact requests and enquiries
• delivering the coaching, training and mentoring services requested
• managing the professional relationship with the client, including invoicing
• preparing notes and supporting materials for coaching activities
• complying with legal obligations

5. Legal Basis for Processing

• Consent (Art. 6(1)(a) GDPR): for data submitted via the contact form and for any marketing communications
• Performance of a contract (Art. 6(1)(b) GDPR): for processing necessary to deliver the professional services requested
• Legitimate interests (Art. 6(1)(f) GDPR): for administrative management and service improvement
• Legal obligation (Art. 6(1)(c) GDPR): for tax and regulatory compliance

6. International Data Transfers

Some of the digital tools used by the Data Controller (including Zoom, Google and Anthropic) process data on servers located in the United States or other countries outside the European Economic Area (EEA). These transfers are carried out in compliance with the safeguards required by the GDPR, in particular through Standard Contractual Clauses (SCCs) adopted by the European Commission. For further details on specific transfers, please refer to the privacy policies of the individual providers listed in Section 3.

7. Data Retention

• Contact form data: retained for the time necessary to respond to the enquiry, then deleted, unless a professional relationship is established
• Data relating to professional engagements: retained for the duration of the engagement and subsequently for the period required by applicable tax and civil law (generally 10 years)
• Coaching notes: retained for the duration of the programme and for a reasonable period thereafter, agreed with the client where possible

8. Data Security

The Data Controller implements appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration or destruction. These include the use of encrypted connections, restricted data access, and the selection of service providers that meet adequate security standards.

9. Your Rights

Under the GDPR, you have the right to:

• Access (Art. 15): obtain confirmation of processing and a copy of your data
• Rectification (Art. 16): request correction of inaccurate or incomplete data
• Erasure (Art. 17): request deletion of your data where permitted by law
• Restriction (Art. 18): request restriction of processing in certain circumstances
• Portability (Art. 20): receive your data in a structured, machine-readable format
• Objection (Art. 21): object to processing based on legitimate interests
• Withdraw consent: withdraw consent at any time, without affecting the lawfulness of prior processing

To exercise any of these rights, please contact: marcovcoaching@gmail.com

You also have the right to lodge a complaint with the relevant supervisory authority. In Italy: Garante per la protezione dei dati personali — www.garanteprivacy.it

10. Changes to This Policy

The Data Controller reserves the right to update this policy to reflect changes in law, organisational practices, or the use of digital tools. The updated version will be published on this website with the date of revision. In the case of material changes, clients with an ongoing professional engagement will be informed directly.