Privacy Policy

Effective Date: 01/08/2025 Last Updated: 02/01/206

This Privacy Policy explains how Nikki Coughlan, trading as GLP-1 Coach ("we", "us", "our"), collects, uses, stores, and protects your personal data when you use our website or services.

We are committed to protecting your privacy and handling your data responsibly, in full compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Irish data protection law.

Please read this policy carefully. By using our website or services, you acknowledge that you have read and understood how we handle your personal data.

 

1. Who We Are

GLP-1 Coach provides nutritional therapy and health coaching services, including specialist support for individuals using GLP-1 medications.

For the purposes of GDPR, we are the Data Controller of your personal data.

Data Controller: Nikki Coughlan, trading as GLP-1 Coach

Email: hello@glp1coach.net

Website: www.glp1coach.ie

Country of Establishment: Ireland

 

2. What Data We Collect

We collect personal data that is necessary to provide our services and operate our website. The categories of data we collect include:

 

A. Identity & Contact Data

•       Name

•       Email address

•       Phone number

•       Billing address

 

B. Health & Special Category Data

As part of providing nutritional therapy and GLP-1 support, we collect health-related information, which may include:

•       Medical history relevant to weight management and GLP-1 use

•       Current medication use, including GLP-1 treatment

•       Weight and body composition data

•       Dietary patterns and nutritional history

•       Lifestyle habits including sleep, stress, and physical activity

•       Relevant psychological or behavioural information

This constitutes special category data under Article 9 GDPR and is handled with the highest level of care and protection.

 

C. Technical Data

•       IP address

•       Browser type and version

•       Device information

•       Website usage data (via cookies and analytics tools)

 

D. Payment Data

Payments are processed securely via Stripe. We do not store full payment card details on our systems. Please refer to Stripe's privacy policy for details of how they handle payment data.

 

3. How We Use Your Data

We process your personal data only for specified, explicit, and legitimate purposes. These include:

•       Delivering 1:1 coaching sessions and programme support

•       Conducting initial consultations and ongoing assessments

•       Developing personalised nutrition and behaviour change plans

•       Managing bookings and appointments

•       Processing payments and issuing receipts

•       Communicating with you about your programme, sessions, or enquiries

•       Improving website performance and user experience

•       Complying with legal, regulatory, and professional obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

 

4. Legal Basis for Processing

Under GDPR, we rely on the following lawful bases for processing your data:

 

For General Personal Data:

•       Contractual necessity (Article 6(1)(b)) — to provide the services you have requested

•       Legitimate interests (Article 6(1)(f)) — to operate, improve, and communicate about our services

•       Legal obligation (Article 6(1)(c)) — where processing is required by law

 

For Special Category (Health) Data:

•       Explicit consent (Article 9(2)(a)) — obtained at the point of engagement

•       Provision of health-related services (Article 9(2)(h)) — where applicable

You may withdraw your consent at any time by contacting us at hello@glp1coach.ie. Please note that withdrawal of consent may affect our ability to continue providing services to you.

 

5. How We Store & Protect Your Data

We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. These include:

•       Use of secure, password-protected client management systems

•       Encrypted communication and service providers where appropriate

•       Restricted access to personal and health data on a need-to-know basis

•       Regular review of data handling practices

Client records are retained only for as long as necessary to fulfil the purpose for which they were collected, and to meet any applicable legal, professional, or insurance requirements. After this period, data is securely deleted or anonymised.

 

6. Third-Party Service Providers

We use trusted third-party platforms to deliver our services. These providers act as data processors on our behalf and are contractually required to handle your data securely and in compliance with GDPR:

•       Stripe — payment processing (stripe.com/ie/privacy)

•       Calendly — appointment scheduling (calendly.com/privacy)

•       Practice Better — client record management and programme delivery (practicebetter.io/privacy-policy)

•       Google Analytics — website analytics (policies.google.com/privacy)

•       Squarespace — website hosting (squarespace.com/privacy)

We do not share your data with third parties beyond what is necessary to deliver our services.

 

7. International Data Transfers

Some of our third-party service providers operate outside the European Economic Area (EEA). Where your data is transferred outside the EEA, we ensure that appropriate safeguards are in place in accordance with GDPR, such as Standard Contractual Clauses (SCCs) or adequacy decisions issued by the European Commission.

 

8. Your Rights Under GDPR

Under GDPR, you have the following rights in relation to your personal data:

•       Right of access — to request a copy of the data we hold about you

•       Right to rectification — to request correction of inaccurate or incomplete data

•       Right to erasure — to request deletion of your data where there is no lawful basis for continued processing

•       Right to restriction — to request that we limit how we use your data

•       Right to object — to object to processing based on legitimate interests

•       Right to data portability — to receive your data in a structured, machine-readable format

•       Right to withdraw consent — at any time, where processing is based on consent

•       Right to lodge a complaint — with the Irish Data Protection Commission (DPC)

To exercise any of your rights, please contact us at hello@glp1coach.ie. We will respond within 30 days.

 

Irish Supervisory Authority:

Data Protection Commission (DPC)

www.dataprotection.ie

 

9. Cookies

We use cookies on our website to ensure functionality, analyse performance, and improve user experience. For full details of the cookies we use and how to manage your preferences, please refer to our Cookie Policy at glp1coach.ie/cookie-policy.

You can also manage cookie settings through your browser at any time.

 

10. Age Restriction

Our services are strictly available to individuals aged 18 and over. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we have inadvertently collected data from a minor, we will delete it promptly.

 

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data handling practices. The most current version will always be published on our website, with the effective date clearly noted. We encourage you to review this policy periodically.

 

Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your data, please contact us at:

Nikki Coughlan | GLP-1 Coach

hello@glp1coach.net

www.glp1coach.ie