Privacy Policy

This website and coaching platform are operated by Petra Nova Holdings BV, trading under the business name Pivot Your Path (legal entity: Petra Nova Holdings BV, enterprise number / VAT: BE 9845.466.842, RPR Brussel). We are the data controller for personal information collected through pivotyourpath.com and related services.

Contact: Support@pivotyourpath.com

Address: Rue du Congrès 35, 1000 Brussels, Belgium.

This policy applies to visitors, prospective clients, registered clients, coaches, and anyone who contacts us or uses our tools (including booking, video sessions, and the Pace navigator).

We collect only what we need to run the service. Depending on how you use the site, this may include:

• Identity & contact data: Name, email address, time zone, and optional phone number (for example if you opt in to SMS reminders).
• Account data: Login credentials (stored in hashed form by our authentication provider), account type (client or coach), and profile settings.
• Coaching & booking data: Goals, intake answers, session notes, journal entries, milestones, in-app messages, booking history, and other information you or your coach share in the platform.
• Enquiry & navigator data: Information you submit through our contact form or the Pace coach-match navigator (for example your message, coaching interests, and quiz responses).
• Payment data: Purchase details and payment status. Card numbers are processed directly by Stripe; we do not store full payment card details on our servers.
• Communications: Emails and messages we send or receive in connection with your account, bookings, reminders, and support requests.
• Video & session data: Meeting links, join/leave metadata, optional session recordings, and AI-generated meeting summaries where those features are enabled.
• Calendar data (coaches): If a coach connects Google or Microsoft Calendar, we process calendar availability and event data needed to schedule sessions.
• Technical & security data: IP address, browser and device information, server logs, and similar data collected automatically for security, fraud prevention, and service reliability.
• Consent records: Whether you accepted our Terms of Service and Privacy Policy, and whether you opted in to marketing communications.

We do not knowingly collect sensitive categories of data (such as health records or government ID numbers) unless you choose to share them in free-text fields. Please avoid sharing unnecessary sensitive information in messages or notes.

We do not use third-party advertising or analytics cookies on pivotyourpath.com at this time. We also do not sell your data or use cross-site tracking for ads.

Instead of traditional login cookies, our site mainly uses your browser's local storage and session storage for essential functionality, including:

• Keeping you signed in (authentication session tokens).
• Remembering preferences such as time zone and display currency.
• Preserving in-progress signup or navigator interactions during your visit.
• Protecting certain flows (for example calendar connection and one-time session prompts).

These technologies are used to provide the service you request. You can clear them at any time through your browser settings, though doing so may sign you out or reset preferences.

When you use certain features, trusted third parties may set their own cookies or similar technologies on their domains — for example when you complete payment on Stripe, join a video session (LiveKit), connect a calendar (Google or Microsoft), or when bot-protection tools such as Cloudflare Turnstile are enabled. Those providers handle data under their own privacy policies.

We currently do not store non-essential cookies. If we later add these, we will update this policy and, where required by law, ask for your consent before using them.

We use personal information to operate Pivot Your Path and deliver coaching services. This includes:

• Creating and managing your account.
• Scheduling sessions, sending reminders, and providing meeting links.
• Processing payments and maintaining purchase records.
• Enabling coaching tools (notes, journal, messaging, milestones, and related features).
• Responding to contact enquiries and navigator submissions.
• Running optional follow-up email sequences you request or consent to.
• Protecting the platform, preventing abuse, and troubleshooting issues.
• Complying with legal, tax, and accounting obligations.

If you are in the EU or UK, we rely on one or more of the following legal bases under the GDPR / UK GDPR:

• Contract: Processing needed to provide the services you sign up for or purchase.
• Consent: For example, optional marketing emails or SMS reminders where you opt in. You may withdraw consent at any time.
• Legitimate interests: Operating and improving our platform, keeping it secure, and communicating about your account or bookings — balanced against your rights.
• Legal obligation: Where we must retain or disclose information to comply with applicable law.

If you are in the US, we process information as described in this policy to provide our services, secure the platform, and comply with law. Where state privacy laws apply, we honour the rights described in section 8 below.

We may send service-related messages (for example booking confirmations, reminders, account notices, and navigator follow-ups tied to a request you made) without separate marketing consent, because they are part of delivering the service.

Promotional or newsletter-style emails are sent only if you opt in (for example via a marketing checkbox at signup or on our contact form). You can opt out at any time using the unsubscribe link in an email or by contacting us at Support@pivotyourpath.com.

We do not sell your personal information. We share data only with service providers that help us run the business, with your coach (for coaching-related data), or when required by law.

Typical categories of recipients include:

• Hosting & database: Supabase (application backend, authentication, and data storage).
• Website hosting: Our web host for serving the public site.
• Email delivery: Mailgun (transactional and marketing emails, where applicable).
• Payments: Stripe (checkout and payment processing).
• Video sessions: LiveKit (real-time meetings; optional recordings where enabled).
• Calendar sync: Google Calendar and/or Microsoft Outlook (for coaches who connect a calendar).
• SMS (optional): Twilio, if you opt in to text reminders.
• AI summaries (where enabled): OpenAI or similar providers used to generate meeting summaries from session content.
• Security: Cloudflare Turnstile or comparable tools to reduce spam and abuse.
• Storage for recordings: Cloud object storage (for example AWS S3 or equivalent) when session recordings are stored.
• Professional advisers & authorities: Accountants, lawyers, insurers, or regulators when reasonably necessary or legally required.

These providers act as processors on our instructions (or independent controllers where their own terms apply, such as when you are redirected to Stripe checkout). We require appropriate contractual safeguards where required by law.

Pivot Your Path is based in Belgium. Some of our service providers process data in the United States or other countries outside your own. Where required, we rely on appropriate safeguards — such as the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, or other lawful transfer mechanisms — to protect your information when it is transferred internationally.

You may contact us for more information about the safeguards we use for international transfers relevant to your data.

We retain personal information only as long as needed for the purposes described in this policy, including:

• Account & coaching records: For the life of your account and a reasonable period afterward, unless you ask us to delete them sooner (subject to legal limits).
• Payment & invoicing records: As long as required for tax, accounting, and audit purposes (often several years under Belgian and EU rules).
• Enquiries & navigator leads: Until your request is handled and for follow-up marketing or conversion tracking you consented to, then deleted or anonymised when no longer needed.
• Security logs: For a limited period appropriate to security monitoring and incident investigation.
• Session recordings: According to coach/client settings and operational needs, then deleted when no longer required.

When data is no longer needed, we delete or anonymise it where feasible.

Depending on where you live, you may have rights over your personal information. To exercise any right, email Support@pivotyourpath.com. We may need to verify your identity before responding.

EU & UK residents (GDPR / UK GDPR) may have the right to:

• Access a copy of personal data we hold about you.
• Rectify inaccurate or incomplete data.
• Erase data in certain circumstances ("right to be forgotten").
• Restrict or object to certain processing, including direct marketing.
• Portability of data you provided, in a structured, commonly used format where applicable.
• Withdraw consent at any time, without affecting prior lawful processing.
• Lodge a complaint with a supervisory authority — for example the Belgian Data Protection Authority (dataprotectionauthority.be) or the UK Information Commissioner's Office (ico.org.uk).

US residents: We do not sell personal information or share it for cross-context behavioural advertising. If you live in a state with a comprehensive privacy law (such as California, Colorado, Connecticut, Virginia, or others), you may have additional rights, which can include:

• Knowing what personal information we collect, use, and disclose.
• Requesting access to, correction of, or deletion of certain personal information.
• Opting out of the sale or sharing of personal information (not applicable today, as we do not sell data).
• Not receiving discriminatory treatment for exercising privacy rights.

California residents may also designate an authorised agent to submit requests on their behalf. We will respond within the timeframes required by applicable law.

We take the security of your information seriously and use appropriate technical and organisational measures — including encryption in transit, access controls, and secure authentication — to protect personal data against unauthorised access, loss, or misuse.

No method of transmission or storage is completely secure. If you believe your account has been compromised, contact us promptly at Support@pivotyourpath.com.

Pivot Your Path is not directed at children under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us and we will take steps to delete it.

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practice. When we make material changes, we will post the updated policy on this page and revise the "Last updated" date. Where required by law, we will provide additional notice or seek consent.

We encourage you to review this page periodically.