Privacy Policy

Effective: 01/10/2020


This Privacy Policy sets out how we, The Key to You collect, store and use information about you when you use or interact with our website, website) and where we otherwise obtain or collect information about you. This Privacy Policy is effective from 01/10/2020.



Identity of the Data Controller and Contact Details

The Key to You, (company registration number: 543971) is based in Galway, Ireland and provides coaching, personal development and a well-being training. A data controller dictates how and why the data is going to be used by the organisation. Under GDPR The Key to You is the data controller with regard to the Personal Data described in this Privacy Policy. For any queries regarding data protection we can be contacted by sending an email to



This Privacy Policy applies to our business practices and our website, which is accessible from and its sub-domains. As the Organisation is established in the Republic of Ireland, this document is written in the vein of Irish Data Protection Law and the Organisation falls under the jurisdiction of the Irish Data Protection Commission.

Laws that apply to us:


Laws that apply to us:

  • General Data Protection Regulation (EU Regulation 679/2016)
  • Data Protection Act 2018
  • Regulations flowing from DPA 2018
  • Data Protection Act 1988 Revised
  • ePrivacy Regulations 2011 implementing EU Privacy and Electronic Communications Directive 2002/58/EC on Privacy and Electronic Communications, otherwise known as ePrivacy Directive (ePD)



How do we collect information about you?

Information you provide us

When you contact us via our website, by email, by phone, social media or avail of our services in person we will collect basic personal data used to facilitate a service type relationship usually your name and email address and phone number.  For corporate clients, we might ask for the company you work with, your work phone number, and your job title.




Information we collect automatically

Things like your IP address, which browser and device you’re using, or your device ID. And we can tell what webpage directed you to our website by looking at information from your browser.


How do we use your information?

Personal information

We use some of your personal information to provide our services, provide recommendations on services we feel might be beneficial to you, and provide you with advice, dependent on the information you have given, and to personalise our offerings to you.


IP address and device information

Your IP address and information about your device might be used to confirm your location. We might use this information to tailor any advertising offered to you.


Sponsored posts on other websites

We might show you tailored recommendations of our services on social media sites like Facebook and Instagram.


Social Media and other websites

If you mention us on other sites, for instance in an Instagram post, we’ll collect your Instagram username.


Processing your payment

After you place an order on our website you will need to make payment for the goods or services you have ordered. In order to process your payment, we use Stripe and PayPal, a third-party payment processor.


Your payment will be processed by Stripe and PayPal, who collect, use and process your information, including payment information, in accordance with their privacy policies.

You can access their privacy policy via the following link: or


Lawful basis for processing

We have to have a valid reason to use your personal information. It’s called the “lawful basis for processing”. Sometimes we might ask your permission to do things, like when you subscribe to an email. Other times, when you’d reasonably expect us to use your personal information, we don’t ask your permission, but only when:

  • the law says it’s fine to use it, and
  • it fits with the rights you have:



We use your information for these types of things:

  • to deliver our services and to provide you with information about them
  • to deal with your requests, complaints and enquiries
  • to show you relevant advertising on another company’s site
  • to help us understand what kind of services you might use
  • to recommend things we think might interest you
  • to contact you when we need to or when you’ve given us permission



We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising.  Where appropriate, you will be asked whether you wish to receive any marketing communications from us.


You can unsubscribe from direct marketing by using the contact details herein or by using the unsubscribe links on communications.



We might use information that we hold about you to show you relevant and targeted advertising about our services through other companies’ sites, like Facebook, Google, Snapchat or Twitter for example. If you don’t want to see our targeted advertising, you can set ad preferences in your social media companies’ settings. You can also opt-out from Facebook and other participating companies through the European Interactive Digital Advertising Alliance in Europe


Google Reviews:

When you review our business on Google we may use the information provided on our website. You can manage your privacy preferences and settings here;


Cookies, Tracking and Other Technical Personal Data

Cookies are data files which are sent from a website to a browser to record information about users for various purposes. We use cookies on our website, including essential, functional, analytical and targeting cookies.


You can reject some or all of the cookies we use on or via our website by changing your browser settings or non-essential cookies by using a cookie control tool, but doing so can impair your ability to use our website or some or all of its features. For further information about cookies, including how to change your browser settings, please visit


Google Analytics is a web analysis service provided by Google Ireland Limited (“Google”). Google utilises the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualise and personalize the ads of its own advertising network.

Privacy PolicyOpt Out


How long will you keep my personal information for?

We only hold your information for as long as we do the activities we told you about or have a valid reason to keep it. We think about what type of information it is, the amount collected, how sensitive it might be and any legal requirements. We design our services so that we don’t hold your information any longer than we have to.


Who do you share my personal information with?

We’ll never sell your personal information. We may however share it with trusted service providers who could be considered data processors, sub-processors or third parties. We require all third parties to have appropriate technical and operational security measures in place to protect your Personal Data, and to uphold the same standards of data protection we do.

We use the following categories of service providers including data processors in the course of our business:


  • Cloud Web and App Hosting Services
  • Cloud Data Sources
  • One or More Contract Developers
  • Professional Service Providers such as Lawyers, Solicitors and Accountants
  • Financial Transaction Providers
  • Telecoms Service and Carrier Providers


This list may be updated from time to time so for an updated list of third parties you should check this Privacy Policy periodically.


We might also share your information if we have to by law, or when we need to protect you or other people from harm.


Where does your data travel to?

Some companies that provide services to us run their services from outside the European Economic Area. We only let that happen if we are satisfied with their levels of security. Keep in mind that when you give us personal information it could be being transferred, stored or processed in a location outside the EEA.


International Transfers

If we transfer your Personal Data out of the EEA, we ensure an adequate degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:


  1. We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.
  2. Where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe.
  3. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to Personal Data shared between the Europe and the US.



Updates and changes to this policy

We update this policy sometimes. If we make important changes, like how we use your personal information, we’ll let you know by email or on our website. If you don’t agree to the changes, then you can always stop using our services, request we delete your data and stop giving us any more personal information.



Sale of Business

Situations may arise where it is necessary to transfer information (including your Personal Data) to a third party in the event of a sale, merger, liquidation, or receivership. You will be notified in the event of any such transfer and you will be afforded an opportunity to opt-out.


What rights do you have?

Under certain circumstances, by law you have the right to:


  • Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
  • Request access to your personal information (commonly known as a “Data Subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.


How do you exercise your rights?

If you have any questions about this policy or about our data protection compliance, please contact us via email at


If you wish to exercise your rights please contact us and we will respond to the request within 30 days.



Your Right to Lodge a Complaint

You as the Data Subject have the right to complain at any time to a data protection supervisory authority in relation to any issues related to our processing of your Personal Data. As our organisation is located in Ireland and we conduct our data processing here, we are regulated for data protection purposes by the Irish Data Protection Commissioner.


You can contact the Data Protection Commissioner as follows:



Phone: +353 57 8684800 or +353 (0)761 104 800


Address: Data Protection Office – Canal House, Station Road, Portarlington, Co. Laois, R32 AP23. Or 21 Fitzwilliam Square Dublin 2. D02 RD28 Ireland


Last updated

01/10/2020 (V.0.0.1)