Privacy policy

Introduction

the ability coach (“Company”) respects your privacy and is committed to protecting your personal data. This notice explains what personal data we process, why we process it, how long we keep it, your rights, and how to contact us. The processing of personal data in Portugal is governed by the EU General Data Protection Regulation (GDPR) and Portuguese implementing law.

This privacy policy applies to the information we may collect from you or that you may provide when visiting www.theabilitycoach.com (“the website”) including:

  • any content, services, downloadable materials

  • when you interact with our advertising and applications on third-party-websites, if those advertising include links to this policy (“the services”)

Children under the age of 16

Our Services are not intended for children under 16. All users of this website must be at least 16 years of age. If we learn that we have received information from a child under the age of 16 we will delete the information. If you believe we have collected personal data from a child without proper consent or underage, please contact us so we can take remedial action.

When we collect information from you

We collect personal information when you:

  • Register for an account or subscribe to newsletters;

  • Place orders or use our online services;

  • Contact our support or sales teams;

  • Interact with our website (for example, via cookies and analytics);

  • Submit forms, questionnaires, intake forms, feedback or other content.

Examples of information we may collect include name, email, postal address, telephone number, billing details, IP address, device and browser information, cookies and usage data.

How we collect information from you

We collect information:

  • Directly from you when you enter it into forms, create an account, or contact us;

  • Automatically through the use of cookies, log files and analytics tools when you visit our website;

  • From third-party service providers and public sources (for example, payment processors, identity verification providers, and business information services) when necessary to deliver Services.

How we use your information

We use personal data for lawful purposes only, including:

  • To provide, maintain and improve our Services:

  • To process orders, payments and deliveries;

  • To communicate with you about your account, orders, updates and support;

  • For marketing communications where you have given consent (and to comply with opt-out requests);

  • To personalize content, analyze usage and run analytics;

  • To detect, prevent and respond to fraud, abuse, security incidents and legal claims;

  • To comply with legal obligations (e.g., record-keeping, tax and regulatory requirements).

Our lawful bases for processing include performance of a contract, consent, legal obligation, and legitimate interests where applicable (balanced against your rights).

We do not sell personal information or consumer data for monetary gain or valuable consideration.

Third party disclosures

We work with trusted third-party providers (for example, payment processors, hosting providers, analytics and email platforms). These providers process personal data on our behalf as data processors and are contractually required to keep your data secure and only process it for the purposes we specify. We do not control third parties’ tracking technologies. You should consult the privacy policies of any such third party for more detailed information on their practices. Our Website contains links to other websites. Our Privacy Policy applies only to our Website, so if you click on a link to another website, you should read their privacy policy.

How we disclose your information

We may disclose personal information:

  • To service providers and subprocessors who perform services on our behalf;

  • To comply with legal process, court orders or governmental requests;

  • To protect the rights, property or safety of our Company, our users or the public;

  • In connection with corporate transactions (for example, a merger, sale of assets or reorganization), where personal data may be transferred as part of the transaction (with appropriate safeguards).

If you are in a jurisdiction that provides special protections (see sections below) we will respect those protections to the extent required by applicable law.

How we store and protect user information

We implement technical and organizational measures appropriate to the risk (for example, encryption, access control, secure servers and regular security assessments) to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. We retain personal data only for as long as necessary to fulfill the purposes described in this notice, comply with legal obligations, or resolve disputes.

No transmission over the internet or email is completely secure or error free. Please keep this in mind when disclosing personal information over the internet. We will keep your data while we are operating this business. Once this time period has expired, we will delete your data.

Your Data Protection Rights (GDPR)

If you are in the European Economic Area (EEA) or are otherwise covered by the GDPR you have the following rights:

  • Right to access — request a copy of the personal data we hold about you;

  • Right to rectification — ask us to correct inaccurate or incomplete data;

  • Right to erasure (“right to be forgotten”) — request deletion of your data in certain circumstances;

  • Right to restriction of processing — ask that processing be limited in certain situations;

  • Right to data portability — request a machine-readable copy of data you provided to us;

  • Right to object — object to processing based on legitimate interests or for direct marketing;

  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us (see Contact section).

Your California privacy rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These rights may include the right to:

  • Know what personal information is collected, used, shared;

  • Request deletion of personal information (subject to exceptions);

  • Opt-out of the sale or sharing of personal information for cross-context behavioural advertising;

  • Non-discrimination for exercising your privacy rights.

California residents may submit requests to exercise these rights using the contact details below; we will verify requests in accordance with applicable law. For information about California consumer privacy law, see resources published by the California Attorney General and the CPRA or visit: https://oag.ca.gov/privacy/ccpa

Your state privacy rights (United States)

If you are located in another U.S. state, please note that several U.S. states have enacted their own privacy laws with varying rights and requirements (for example, opt-out rights for targeted advertising, deletion, access, and data minimization rules). These laws differ from state to state. Our Company will comply with applicable state privacy laws where they apply and will provide residents of covered states with the rights and mechanisms required by those laws. Because the U.S. privacy landscape is evolving, please check back for updates or contact us for specific information.

Right to opt-out

You may opt out of marketing communications at any time by following the unsubscribe link in our emails or contacting us directly. For California and other U.S. residents, you may use any designated opt-out mechanisms we provide (for example, a “Do Not Sell or Share My Personal Information” link) to exercise opt-out rights required under applicable law. Please note that opting out of marketing will not prevent transactional or service-related messages (for example, order confirmations).

Changes to Privacy Policy

We may update this Disclaimer & Privacy Notice from time to time to reflect changes in our practices, legal requirements, or for operational reasons. When we make material changes, we will revise the “Effective date” at the end of this notice and, where required by law, provide more prominent notice (for example, email notification). Please review this notice regularly.

Contact

Questions or requests about this notice or our data processing practices should be sent to:
the ability coach
Lahela Iolani (legal birth name: Victoria Stey)
Email: lahela.iolani@gmail.com

You may also contact the Portuguese supervisory authority (CNPD): Av. D. Carlos I, 134, 1º, 1200-651 Lisboa; telephone +351 213 928 400.

Individuals located within the United Kingdom

If you are in the United Kingdom, your personal data is protected under the UK GDPR and the Data Protection Act 2018. You have rights substantially equivalent to those described above (access, rectification, erasure, restriction, data portability, objection, and the right to lodge a complaint with the UK Information Commissioner’s Office). We will process UK personal data in accordance with UK law and any applicable data transfer safeguards.

Update

This Privacy Policy was last updated on: Tuesday, November 11, 2025

We reserve the right to make changes to this policy. You are encouraged to review the privacy policy whenever you visit the site to make sure that you understand how any personal information you provide will be used.

Should we update, amend or make any changes to our privacy policy, those changes will be posted here.

Our Company is committed to transparency, data minimization and the secure handling of personal information. If you have any questions about this notice or how we process personal data, please contact us using the details above. We will respond to verified requests in accordance with applicable law and strive to resolve any concerns promptly.