Privacy Policy

I am the data controller for all personal data collected through this website and in connection with my career coaching services.

From clients and prospective clients:

• Name, email, and phone number — to communicate with you and deliver the session
• CV, LinkedIn profile, and employment details — to prepare for the session and provide tailored advice
• Career goals, salary expectations, and job search information shared during sessions
• Visa/immigration status — only where relevant to your career question (e.g. UK work eligibility). This is sensitive data processed only with your explicit consent
• Payment details — processed by Stripe (online card payment) or bank transfer (GBP). I do not see or store your card number
• Session notes — written during the call to inform my recommendations. Sessions are not recorded
• Booking data — date, time, and preferences collected via Calendly

From free guide subscribers:

• Email address — collected when you request the free guide "5 CV Mistakes for the UK Market". Submission is voluntary and constitutes consent to receive the guide and occasional relevant updates.

From website visitors:

• Minimal analytics data (pages visited, referral source) may be collected via Cloudflare Web Analytics — a cookieless, privacy-friendly service. No personal data or cookies are used for this purpose.

• Contract: I need your data to deliver the coaching service you paid for
• Consent: For sensitive data (immigration status, nationality) I rely on your explicit consent, which you can withdraw at any time
• Legitimate interests: For follow-up communications and review requests — you can opt out at any time

I do not sell or share your personal data with any third party for their own purposes. The following services process data on my behalf:

• Calendly — scheduling (USA, IDTA/SCCs). Calendly Privacy Policy
• Stripe — payment processing. Stripe is PCI DSS compliant. I do not store card details. Stripe Privacy Policy
• Zoom / Google Meet / Zoho — video call delivery. Subject to their respective privacy policies and SCCs for international transfers.
• Google Workspace — email and document preparation (USA, IDTA/SCCs).
• Brevo (formerly Sendinblue) — email list management and delivery of the free guide. Data stored on EU servers. Brevo Privacy Policy
• Telegram — client messaging where you initiate contact via this channel.

Your coaching data (CVs, session notes, career details) is not shared with any AI platform or used for automated decision-making.

Some processors (Calendly, Zoom) are based in the United States. Any transfer of your personal data outside the UK is protected by appropriate safeguards — either UK adequacy regulations or Standard Contractual Clauses (SCCs) approved by the ICO.

• CVs and session notes: 6 months from last session, then deleted
• Contact details: 12 months from last session, then deleted
• Invoices and payment records: 6 years (UK Companies Act / HMRC requirement)
• Immigration/visa data: deleted within 3 months of session
• Enquiries that did not lead to a booking: 6 months
• Testimonials (with consent): Until you withdraw consent
• Free guide subscribers: Until you unsubscribe or request deletion

You can request earlier deletion at any time.

You have the following rights regarding your personal data. To exercise any of them, contact me at [email protected]. I will respond within one calendar month.

• Right of access — request a copy of the personal data I hold about you
• Right to rectification — ask me to correct inaccurate or incomplete data
• Right to erasure — ask me to delete your data (subject to legal retention obligations)
• Right to restriction — ask me to limit how I use your data while a dispute is resolved
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting prior processing

All information shared during coaching sessions is kept strictly confidential. It will not be disclosed to any third party except:

• Where required by law or a regulatory authority
• Where there is a credible risk of serious harm to you or another person

Sessions are not recorded by either party without prior written consent.

I use encryption, access controls, and secure platforms. No data is stored on unsecured personal devices. In the event of a data breach, I will notify the ICO within 72 hours and affected individuals without undue delay.

This website uses the following cookies:

• Strictly necessary cookies — required for the site to function. No consent needed.
• Analytics cookies — Google Analytics 4 sets _ga and _ga_* cookies to measure page visits and user behaviour in aggregate. No personal data is collected. You can opt out via Google Analytics Opt-out.
• Cloudflare — cookieless analytics via network-level signals. No cookies set.

No advertising or retargeting cookies are used. No consent banner is currently displayed; if advertising cookies are added in the future, this notice will be updated and a consent banner introduced.

If you believe I have handled your data incorrectly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

ICO website: ico.org.uk
ICO helpline: 0303 123 1113

I would always appreciate the opportunity to resolve any concern directly before you contact the ICO — please email me first.

I may update this privacy notice from time to time. Material changes will be communicated by email to active clients. The current version will always be available at yuliya.pro/privacy.