Privacy policy

Effective date: 14 March 2026

This Privacy Policy explains how Riktningskliniken AB, trading as Rikta Coaching, collects, uses, stores, and protects personal data.

This policy applies to our website, forms, enquiries, coaching services, and related communications.

1. Who we are

Data controller: Riktningskliniken AB trading as Rikta Coaching
Contact email: info@riktacoaching.com

Rikta Coaching is registered with the Information Commissioner’s Office (ICO).

2. What personal data we collect

We may collect and use:

  • identity and contact data, such as your name, email address, telephone number, and booking details;
  • enquiry data, such as the information you put into contact forms, booking requests, or emails;
  • service data, such as notes needed to deliver coaching, organise sessions, handle payments, or respond to complaints;
  • health-related or neurodevelopmental information that you choose to share with us;
  • data relating to a child or young person where a parent, guardian, or other authorised person contacts us or books services on their behalf;
  • technical and usage data, such as IP address, browser type, device information, referring page, pages viewed, and timestamps;
  • marketing and communications data, such as whether you opted in to receive emails from us.

Some self-tests on the site are designed to run locally in the browser. Where results are calculated locally and not submitted, we do not receive or store those results unless you actively send us information through a form.

3. Special category data

Some information you share with us may be special category personal data, including health-related information.

When you submit health-related information through our forms or share it with us so that we can assess whether coaching is suitable or deliver a coaching service, we process that information only where we have a valid legal basis and, where required, an additional condition for processing.

For health-related information submitted through website forms, we generally rely on your explicit consent and on the fact that the processing is necessary to respond to your request and, where relevant, to take steps towards or perform a service agreement with you.

If you withdraw consent for processing health-related information that is necessary for us to handle your enquiry or provide the service safely, we may not be able to continue with the enquiry or service.

4. How we use personal data

We use personal data to:

  • respond to enquiries and booking requests;
  • decide whether coaching is appropriate and, if so, deliver coaching services;
  • schedule sessions, send reminders, and manage client communications;
  • take payment, issue invoices, and keep financial records;
  • verify attendance, no-shows, cancellations, and package usage;
  • keep internal records, handle complaints, and protect our legal position;
  • manage safeguarding concerns, suitability issues, and service boundaries;
  • operate, improve, and secure the website;
  • understand how people use the site and measure advertising and referral performance;
  • send marketing emails where you have opted in or where we are otherwise permitted to do so.

Depending on the circumstances, we rely on one or more of the following legal bases:

  • contract, or steps requested before entering into a contract;
  • consent;
  • legitimate interests, including running the business, securing the site, managing enquiries, handling complaints, and understanding website performance;
  • legal obligations.

6. Cookies, analytics, advertising, and referral tracking

The site uses website and marketing technologies, including:

  • Google Analytics;
  • Meta Pixel;
  • Microsoft Clarity;
  • Rewardful;
  • standard hosting, security, and performance technologies.

These tools may collect technical and usage data such as IP address, browser or device data, pages viewed, and referral information. We use them for analytics, ad measurement, referral tracking, fraud prevention, site performance, and service improvement.

7. Where personal data comes from

We collect personal data:

  • directly from you when you complete a form, book a service, email us, or otherwise contact us;
  • automatically through website logs, cookies, analytics, and similar technologies;
  • from service and booking systems used to manage enquiries and sessions;
  • in some cases, from a parent, guardian, employer, or funding body where they are arranging services on your behalf.

8. Children and young people

Where services relate to a person under 18, we may receive personal data from a parent or legal guardian and may process information needed to arrange, deliver, safeguard, and administer the service.

We expect the adult arranging the service to have authority to do so and to provide information lawfully.

9. Who we share data with

We share data only where necessary.

This may include:

  • Kaddio, which we use for contact handling, lead management, and service administration;
  • Zoho, which receives limited lead information from some website forms;
  • Google, Meta, Microsoft, and Rewardful for analytics, advertising, and referral tracking;
  • payment processors, accountants, and finance providers where needed for billing and payment administration;
  • hosting, infrastructure, and security providers that help us run the website and forms;
  • employers, Access to Work, schools, universities, parents, guardians, or other third-party payers where they fund or administer services and we need to share limited administrative information;
  • professional advisers, regulators, insurers, payment providers, or public authorities where required.

We do not sell your personal data.

Where a third party funds your coaching, we may share limited administrative data that is necessary for that arrangement, such as attendance, booking status, invoice details, or number of sessions used. We do not share full coaching discussions simply because a third party is paying.

10. International transfers

Some of our providers may process personal data outside the UK or EEA.

Where that happens, we rely on lawful transfer mechanisms and appropriate safeguards, such as adequacy regulations, standard contractual clauses, or equivalent protections required by data protection law.

11. How long we keep personal data

We keep personal data only for as long as we need it for the purpose for which it was collected, and for as long as we need it for legal, regulatory, accounting, complaint-handling, and business record-keeping reasons.

As a general guide:

  • enquiry and lead data may be kept for up to 24 months after the last meaningful contact;
  • marketing data is kept until you unsubscribe or ask us to stop, and may then be kept in suppression form so we do not contact you again by mistake;
  • contract, payment, and invoice records may be kept for at least 6 years;
  • coaching service records and related notes may be kept for up to 7 years after the service ends, or longer where necessary for legal claims or safeguarding reasons;
  • technical logs and analytics data are kept in line with the settings and retention periods of the relevant provider.

12. Security

We use reasonable technical and organisational measures to protect personal data against unauthorised access, misuse, loss, or disclosure.

No online system is completely risk-free, but we limit access to data and use service providers and systems intended to support secure handling of information.

13. Your rights

Depending on the law that applies to you, you may have the right to:

  • ask for access to your personal data;
  • ask us to correct inaccurate data;
  • ask us to delete data in some cases;
  • ask us to restrict processing in some cases;
  • object to processing based on legitimate interests;
  • withdraw consent where processing is based on consent;
  • ask for a copy of certain data in a portable format;
  • complain to a supervisory authority.

To exercise your rights, email info@riktacoaching.com.

We may keep, review, and disclose personal data where reasonably necessary to:

  • establish, exercise, or defend legal claims;
  • investigate complaints or payment disputes;
  • respond to safeguarding or serious safety concerns;
  • comply with legal obligations, court orders, law enforcement requests, or regulatory requirements.

15. Complaints

If you are unhappy with how we handle your personal data, contact us first at info@riktacoaching.com.

If you are in the UK, you can also complain to the Information Commissioner’s Office at ico.org.uk.

If you are in the EU or EEA, you may also have the right to complain to your local supervisory authority.

16. Marketing

If you opt in to receive marketing emails, we may send you updates, guides, offers, and other information about our services.

You can unsubscribe at any time using the unsubscribe link in the email or by contacting us.

17. Automated decision-making

We do not use automated decision-making that produces legal or similarly significant effects about you through the website forms covered by this policy.

18. Contacting us through the website

Please do not send more sensitive information than is necessary in a website form.

Website forms are intended for enquiries and service administration. They are not intended for emergency disclosures or urgent crisis communications.

19. Changes to this policy

We may update this Privacy Policy from time to time.

The latest version will always be published on this page.