Privacy & Cookie Policy
Last updated: 12 June 2026
This policy explains how personal data is collected and used when you visit vidalcoach.com or contact us, and how cookies are used on this website. It is written to comply with the EU General Data Protection Regulation (GDPR), the Irish Data Protection Act 2018 and the Irish ePrivacy Regulations (S.I. No. 336 of 2011).
1. Who we are (Data Controller)
Patricia Vidal, Performance Coach ("Vidal Coach"), based in Naas, Co. Kildare, Ireland, is the data controller responsible for your personal data.
- Contact for privacy queries: [email protected]
- WhatsApp: +353 89 958 7218
2. What personal data we collect
This website is a static informational site. It has no account system and does not store form submissions on our servers. We collect:
- Data you choose to send us — when you contact us through WhatsApp, Instagram or email: your name, phone number, message content, and any health or fitness information you choose to share with us.
- Quiz answers — the "Find My Programme" quiz runs entirely in your browser. Your answers are not sent to or stored on our servers; they are only shared with us if you choose to send the resulting message via WhatsApp.
- Technical data — IP address, browser type and pages requested, recorded in standard server and security logs by our hosting and security providers, used only to operate and protect the website.
If you become a client, we will collect additional information needed to coach you safely (such as health screening, injuries and training history). That information is always collected directly from you, with your knowledge.
3. Why we use your data and our legal bases
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Responding to your enquiry and providing coaching services | Steps prior to / performance of a contract — Art. 6(1)(b) |
| Processing health information you share for safe programme design | Your explicit consent — Art. 9(2)(a) |
| Website security and operation (server logs) | Legitimate interests — Art. 6(1)(f) |
| Analytics cookies (only if we add them in future) | Your consent — Art. 6(1)(a) |
| Keeping records required by Irish tax law | Legal obligation — Art. 6(1)(c) |
4. Cookies and similar technologies
We keep cookies to a minimum. Current state:
| Name | Type | Purpose | Duration |
|---|---|---|---|
__cf_bm and similar (Cloudflare) | Strictly necessary | Security — protects the site from malicious bots. Exempt from consent under the ePrivacy Regulations. | ~30 minutes |
vc-cookie-consent (browser localStorage) | Strictly necessary | Remembers your cookie choice so we don't ask again. | Until you clear it |
We currently use no analytics, advertising or tracking cookies. If we introduce them in future, they will only run after you click "Accept all" in the cookie banner, and this policy will be updated first.
You can change your mind at any time:
5. Who we share data with
We never sell your personal data. It is shared only with service providers ("processors") that help us run the website, and only to the extent necessary:
- DigitalOcean LLC — website hosting (server located in the United States).
- Cloudflare, Inc. — content delivery network and security in front of the website.
- Meta Platforms Ireland Ltd — if you contact us via WhatsApp or Instagram, your messages are processed under WhatsApp's and Instagram's own terms and privacy policies.
- Google Ireland Ltd — if you follow links to our Google reviews.
6. International transfers
Our website is hosted on servers located in the United States (DigitalOcean) and delivered through Cloudflare's global network. Where personal data (such as technical log data) is transferred outside the European Economic Area, it is protected by approved safeguards: the EU–US Data Privacy Framework and/or the European Commission's Standard Contractual Clauses.
7. How long we keep your data
- Enquiries that don't become clients: messages are kept only as long as needed to deal with your enquiry, then deleted.
- Client records: kept for the duration of coaching and then as required by Irish law (e.g. financial records must be retained for 6 years under the Taxes Consolidation Act 1997).
- Server/security logs: retained for short rolling periods by our hosting and security providers.
8. Your rights
Under the GDPR and the Data Protection Act 2018 you have the right to:
- Access the personal data we hold about you;
- Rectify inaccurate or incomplete data;
- Erase your data ("right to be forgotten");
- Restrict or object to processing;
- Data portability — receive your data in a usable format;
- Withdraw consent at any time, where processing is based on consent (this does not affect processing carried out before withdrawal).
To exercise any of these rights, email [email protected]. We will respond within one month, as required by law. There is no charge.
Right to complain: if you are unhappy with how your data is handled, you have the right to lodge a complaint with the Irish supervisory authority — the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28 — www.dataprotection.ie.
9. Children
Our services are designed for adults aged 35–65. This website is not directed at children and we do not knowingly collect data from anyone under 16.
10. Changes to this policy
We may update this policy from time to time (for example, if we add analytics tools). The "Last updated" date at the top shows the current version. Significant changes will be highlighted on the website.