Privacy Policy

Privacy Policy for https://www.annetaylorhartzell.com/

Last Updated: April 13, 2025

1. Introduction

Anne Taylor Hartzell dba Anne Taylor Communications, LLC ("We," "Us," "Our") is committed to protecting the privacy and security of the personal information of the users ("You") of Our website, https://www.annetaylorhartzell.com/ (the "Website" or "Site"). This Privacy Policy explains how We collect, use, store, share, disclose, and protect your personal information when you visit or use Our Website and associated services, such as Our newsletter, Core Values Quiz, contact forms, and booking functionalities.

By accessing or using the Website, you acknowledge that you have read, understood, and agree to the collection, use, and disclosure of your personal information as described in this Privacy Policy and Our Terms of Use (). If you do not agree with Our policies and practices, please do not use Our Website. Building trust through transparency about data practices is essential.

2. Data Controller Identification

For the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws, the data controller responsible for the processing of your personal data collected through this Website is:

Anne Taylor Hartzell Email: info@annetaylorco.com

This information provides a clear point of contact for any privacy-related inquiries or requests to exercise your data rights, as required by laws like GDPR.

3. Types of Personal Data Collected

We are committed to the principle of data minimization and collect only the personal information that is necessary for the purposes outlined in this policy. We collect information about you in various ways when you use Our Website. This information falls into two main categories: information you provide directly and information collected automatically.

A. Information You Provide Directly:

  • Contact Information: Your name, email address, and potentially your phone number or company name when you fill out contact forms, subscribe to Our newsletter ("Anne's Choose Adventure letter"), request a consultation booking, or otherwise communicate with Us.

  • Quiz Responses: Information you submit when participating in interactive features like the "Core Values Quiz," which may include your answers to quiz questions and potentially your contact information if required to receive your results or related communications.

  • Booking/Consultation Information: Details you provide when scheduling a free consultation or other services, such as your name, email address, the nature of your inquiry, and any other information you choose to share to facilitate the consultation.

  • Payment Information: If you purchase services directly through the Website (if applicable), We may collect payment information, such as credit card details. Please note that this information is typically processed directly by a secure third-party payment processor (identified in Section 7), and We generally do not store full payment card details on Our servers.

  • Communications: Records and copies of your correspondence (including email addresses and the content of your messages) if you contact Us.

  • Account Information (if applicable): If you create an account on Our Website , We may collect information associated with your account, such as your username and password.


B. Information Collected Automatically:

  • Log Data and Device Information: When you access the Website, Our servers automatically record information that your browser sends. This log data may include your Internet Protocol (IP) address, browser type and version, operating system, device identifiers, the pages of Our Website that you visit, the time and date of your visit, the time spent on those pages, referring website addresses, and other statistics.

  • Usage Data (Cookies and Tracking Technologies): We use cookies and similar tracking technologies (like web beacons or pixels) to track activity on Our Website and hold certain information. This helps Us understand how Our Website is being used, analyze performance, improve user experience, and potentially for marketing purposes. This includes information about your browsing actions and patterns. Please see Section 13 (Cookie Usage) for more details on how We use these technologies and your choices regarding them.

Sensitive Personal Information (CCPA/CPRA): We do not intentionally collect "sensitive personal information" as defined under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) (such as social security numbers, precise geolocation, racial or ethnic origin, religious beliefs, genetic data, biometric data, or health information) unless necessary for specific services and with your explicit consent or as permitted by law. If We were to collect such information, you would have the right to limit its use and disclosure as described in Section 11.

Listing these data types explicitly fulfills transparency requirements under GDPR and CCPA and ensures the policy is tailored to the specific features of the Website, such as the quiz and booking functions.

4. Methods of Data Collection

We collect personal data through the following methods:

  • Direct Interactions: You may give Us your identity and contact data by filling in forms or by corresponding with Us by post, phone, email, or otherwise. This includes personal data you provide when you:

  • Subscribe to Our newsletter or publications.

  • Complete a contact form or request information.

  • Request a booking or schedule a consultation.

  • Participate in the Core Values Quiz or other interactive features.

  • Create an account on Our Website (if applicable).

  • Communicate directly with Us.

  • Automated Technologies or Interactions: As you interact with Our Website, We may automatically collect technical data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see Section 13 (Cookie Usage) for further details.

  • Third Parties or Publicly Available Sources: We may occasionally receive personal data about you from various third parties, such as analytics providers (e.g., Google based outside the EU) or scheduling tool providers.

Clearly outlining how data is collected enhances transparency and complements the information on what data is collected.

5. Purpose and Legal Basis for Processing (GDPR Compliance)

We only collect and process your personal data when We have a legal basis to do so under applicable data protection laws, particularly the GDPR if you are located in the European Economic Area (EEA) or the United Kingdom (UK). The purposes for which We process your personal data and the corresponding legal bases are detailed below. We rely on several legal bases, including your consent, Our legitimate interests, the need to perform a contract with you, and compliance with Our legal obligations.

Purpose of Processing

Examples of Data Processed

Legal Basis (GDPR)

To provide and manage Website services & access

Contact Info (if logged in), Log Data, Device Info, Usage Data

Legitimate Interest (to operate and maintain Our Website); Performance of a Contract (if providing services under an account agreement)

To deliver requested content (e.g., quiz results, downloads)

Email Address, Name, Quiz Responses

Performance of a Contract (to fulfill your request); Consent (if bundled with marketing, requires separate, explicit opt-in)

To respond to inquiries and booking requests

Contact Info, Communication Content, Booking Info

Legitimate Interest (to respond to user inquiries); Performance of a Contract (taking steps at your request prior to potentially entering into a contract)

To send newsletters and marketing communications

Name, Email Address

Consent (freely given, specific, informed, unambiguous opt-in)

To process bookings and schedule consultations

Contact Info, Booking Info

Performance of a Contract (to fulfill your booking request)

To improve Website functionality and user experience

Log Data, Device Info, Usage Data (via Analytics)

Legitimate Interest (to improve Our services); Consent (for non-essential analytics cookies/tracking)

To analyze Website traffic and usage patterns

Aggregated/Anonymized Usage Data, IP Address (potentially)

Legitimate Interest (to understand site usage for business planning); Consent (for detailed tracking via cookies)

To ensure Website security and prevent fraud

Log Data, IP Address

Legitimate Interest (to protect Our Website, network, and users)

To comply with legal obligations

Relevant data as required by law

Legal Obligation

Consent: Where We rely on your consent to process personal data (e.g., for sending marketing newsletters or using certain cookies), We will obtain this consent explicitly through clear affirmative action, such as an unticked checkbox. You have the right to withdraw your consent at any time by contacting Us or using the unsubscribe link in emails, without affecting the lawfulness of processing based on consent before its withdrawal. Consent for accessing content (like quiz results) will be sought separately from consent for ongoing marketing communications to ensure it is specific and unbundled.

Legitimate Interests: When We rely on legitimate interests, We ensure that the processing is necessary for the purpose and that Our interests are not overridden by your interests, fundamental rights, or freedoms. Our legitimate interests include operating Our business, providing and improving Our services, communicating with users, and ensuring the security of Our Website.

Specifying the legal basis for each processing activity is a fundamental requirement of GDPR, ensuring lawfulness and transparency.

6. Data Usage

We use the personal information We collect for various purposes, consistent with the legal bases outlined above, including :

  • To Provide and Operate Our Services: To present Our Website and its contents to you, allow you to participate in interactive features (like the quiz), provide information or services you request (like consultation bookings or downloadable content), and manage any accounts you may have with Us.

  • To Communicate With You: To respond to your inquiries submitted via contact forms or email, to send you information related to bookings or services, to provide customer support, and, where you have consented, to send you Our newsletter, marketing emails, and other promotional communications about Our services, events, or content We think may interest you.

  • To Improve and Personalize Our Website: To understand how users access and use Our Website, to analyze usage trends and preferences, to improve the Website's design, functionality, and content, and potentially to personalize your experience (e.g., tailoring content based on quiz participation, if applicable and consented to).

  • For Analytics and Measurement: To track and analyze website traffic, measure the effectiveness of Our content and marketing efforts, and generate aggregated statistics about Our user base.

  • For Security and Fraud Prevention: To maintain the security and integrity of Our Website, systems, and data, detect and prevent fraudulent activity, and protect the rights, property, or safety of the Company, Our users, or others.

  • To Comply With Legal Obligations: To comply with applicable laws, regulations, court orders, subpoenas, or other legal processes, and to fulfill Our legal and regulatory obligations.

This section provides a user-friendly summary of how data is practically applied, reinforcing the transparency established in the previous section.

7. Data Sharing & Third-Party Disclosures

We respect your privacy and do not "sell" your personal information in the traditional sense. However, under the CCPA/CPRA definition, certain sharing of data with third parties, particularly through advertising cookies, might be considered a "sale" or "sharing." We sell or share your personal information as defined by the CCPA/CPRA. If We do, you have the right to opt-out (see Section 11). We provide the following link for California residents to exercise this right: Do Not Sell or Share My Personal Information ([Link to Opt-Out Page/Mechanism]).

We may disclose your personal information to the following categories of third parties for the business purposes described in this policy :

  • Service Providers: We engage third-party companies and individuals to perform services on Our behalf (data processors). These service providers have access to your personal information only to perform these tasks on Our behalf and are contractually obligated not to disclose or use it for any other purpose. Examples include:

  • Website Hosting Provider: ([Placeholder Vendor Name]) - Provides the infrastructure for Our Website.

  • Email Marketing Platform: ([Placeholder Vendor Name, e.g., Mailchimp, ConvertKit, Flodesk]) - Manages Our email lists and distributes newsletters and marketing communications.

  • Website Analytics Provider: ([Placeholder Vendor Name, e.g., Google Analytics]) - Helps Us understand Website traffic and usage patterns.

  • Quiz Platform: () - Hosts and manages Our online quizzes.

  • Scheduling Tool: ([Placeholder Vendor Name, e.g., Calendly]) - Facilitates the booking of consultations and appointments.

  • Payment Processor: () - Securely processes payments for services, if applicable.

  • Customer Relationship Management (CRM) System: ([Placeholder Vendor Name, e.g., ActiveCampaign]) - Helps manage interactions with clients and potential clients.

  • Cloud Storage Providers: ([Placeholder Vendor Name]) - Used for data backup and storage.

  • Legal and Regulatory Authorities: We may disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency), or to comply with a legal obligation.

  • Protection of Rights and Safety: We may disclose information where We believe it necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Our Terms of Use, or as evidence in litigation in which We are involved.

  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of Our business by another company, your personal information may be transferred as part of that transaction.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only permit Our service providers to process your personal data for specified purposes and in accordance with Our instructions. We advise you to review the privacy policies of these third-party service providers.

This disclosure is vital for transparency and compliance with GDPR and CCPA , particularly identifying the types of tools likely used by a coaching website.

8. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. Our primary operations are based in Seattle, Washington, USA.

If you are located outside of the state of Washington and choose to provide information to Us, please note that We transfer the data, including personal data, to Washington and process it there.

For individuals located in the EEA or UK, We will ensure that transfers of personal data to countries outside the EEA or UK are made in compliance with applicable data protection laws. We will rely on appropriate safeguards, such as Adequacy Decisions issued by the European Commission or the UK Government, or Standard Contractual Clauses (SCCs) approved for such transfers, or your explicit consent where permitted. Our third-party service providers (listed in Section 7) may also transfer your data internationally under their own established safeguards and privacy policies.

This section addresses GDPR requirements concerning cross-border data flows, essential if the website has an international audience.


9. Data Retention Policy

We will retain your personal data only for as long as is necessary to fulfill the purposes We collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will not keep your personal data for longer than required.

To determine the appropriate retention period for personal data, We consider :

  • The amount, nature, and sensitivity of the personal data.

  • The potential risk of harm from unauthorized use or disclosure of your personal data.

  • The purposes for which We process your personal data and whether We can achieve those purposes through other means.

  • The applicable legal, regulatory, tax, accounting, or other requirements.

For example:

  • If you subscribe to Our newsletter, We will retain your contact information for as long as you remain subscribed or until you withdraw your consent.

  • If you contact Us with an inquiry, We will retain your information for as long as necessary to respond to your inquiry and for a reasonable period thereafter for record-keeping purposes.

  • Data collected for analytics purposes is typically retained for a set period (e.g., as determined by the analytics provider like Google Analytics ) or kept in an aggregated/anonymized form.

  • Information related to client engagements (if managed via the site) will be retained for the duration of the engagement and for a subsequent period as required by professional standards or legal obligations.

When We no longer need your personal data for the purposes it was collected, We will securely delete or anonymize it.

This aligns with GDPR's storage limitation principle, providing transparency on data retention practices.

10. Data Security Measures

We are committed to protecting the security of your personal information. We implement and maintain reasonable administrative, technical, and physical security safeguards designed to protect the personal data We process against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include, for example, the use of secure servers, firewalls, encryption of data in transit (SSL/TLS), and access controls.

However, please be aware that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While We strive to use commercially acceptable means to protect your personal data, We cannot guarantee its absolute security.

The security of your information also depends on you. Where We have given you (or where you have chosen) a password for access to certain parts of Our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Communicating the implementation of security measures builds trust, while the disclaimer sets realistic expectations.

11. User Rights under GDPR and CCPA

Under applicable data protection laws, you have certain rights regarding your personal information. These rights may vary depending on your location, but commonly include :

  • Right of Access / Right to Know: You have the right to request confirmation as to whether We process your personal data and, if so, to access that data and receive information about how We process it (including categories of data collected, sources, purposes of processing, categories of third parties shared with).

  • Right to Rectification / Right to Correct: You have the right to request the correction of inaccurate or incomplete personal data We hold about you.

  • Right to Erasure / Right to Delete: You have the right to request the deletion of your personal data under certain circumstances (e.g., when the data is no longer necessary for the purposes collected, you withdraw consent, or the data was unlawfully processed). This right is subject to certain exceptions, such as compliance with legal obligations.

  • Right to Restrict Processing (GDPR): Under certain conditions, you have the right to request the restriction of the processing of your personal data.

  • Right to Data Portability (GDPR): You have the right to receive the personal data you provided to Us in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from Us, where processing is based on consent or contract and carried out by automated means.

  • Right to Object (GDPR): You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on legitimate interests. You also have the absolute right to object to the processing of your personal data for direct marketing purposes.

  • Right to Opt-Out of Sale/Sharing (CCPA/CPRA): If you are a California resident, you have the right to direct Us not to "sell" or "share" your personal information, as those terms are defined under the CCPA/CPRA. You can exercise this right by clicking the following link: Do Not Sell or Share My Personal Information ([Link to Opt-Out Page/Mechanism]).

  • Right to Limit Use and Disclosure of Sensitive Personal Information (CCPA/CPRA): If you are a California resident and We collect sensitive personal information, you have the right to limit Our use and disclosure of such information to certain permitted purposes. (Include mechanism if applicable).

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. This means We will not deny you goods or services, charge you different prices or rates, provide a different level or quality of goods or services, or suggest that you may receive a different price or rate or a different level or quality of goods or services.

  • Right to Withdraw Consent: Where Our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before withdrawal.

Clearly enumerating these rights is essential for compliance and user empowerment. The CCPA "Do Not Sell/Share" link is a specific legal requirement.

12. How to Exercise User Rights

To exercise any of the rights described above, please submit a verifiable request to Us by :

  • Emailing Us at: info@annetaylorco.com

The CCPA requires businesses to offer at least two methods for submitting requests, including, in many cases, a toll-free telephone number. Please include sufficient information in your request to allow Us to reasonably verify you are the person about whom We collected personal information or an authorized representative. Describe your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.

Verification: We cannot respond to your request or provide you with personal information if We cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with Us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. Verification may involve matching information you provide with information We already hold or requesting additional proof of identity depending on the sensitivity of the request.

Response Timing and Format: We endeavor to respond to a verifiable consumer request within the timeframes required by applicable law (typically within one month under GDPR and 45 days under CCPA). If We require more time (up to an additional two months under GDPR or an additional 45 days under CCPA), We will inform you of the reason and extension period in writing.

Authorized Agents (CCPA): California residents may designate an authorized agent to make a request under the CCPA on their behalf. We will require the authorized agent to provide proof of authorization (e.g., written permission signed by you) and may also require you to verify your own identity directly with Us.

Providing clear, practical instructions is necessary for users to effectively exercise their rights.

13. Cookie Usage

Our Website uses cookies and similar tracking technologies (such as web beacons and pixels) to enhance your browsing experience, analyze site traffic, understand user interaction, and potentially for marketing purposes.

What are Cookies? Cookies are small text files placed on your device (computer, tablet, mobile phone) when you visit a website. They help the website recognize your device and remember information about your visit, preferences, or actions over time.

Types of Cookies We Use:

  • Strictly Necessary/Essential Cookies: These cookies are essential for the Website to function properly and cannot be switched off in Our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then. These cookies generally do not store personally identifiable information.

  • Performance/Analytics Cookies: These cookies allow Us to count visits and traffic sources so We can measure and improve the performance of Our site. They help Us know which pages are the most and least popular and see how visitors move around the site. We may use third-party analytics tools like Google Analytics for this purpose. Under GDPR, your explicit consent (opt-in) is required before We place these cookies.

  • Functionality Cookies: These cookies enable the Website to provide enhanced functionality and personalization. They may be set by Us or by third-party providers whose services We have added to Our pages. If you do not allow these cookies, then some or all of these services may not function properly. Consent may be required depending on the specific function.

  • Targeting/Advertising Cookies: These cookies may be set through Our site by Us or Our advertising partners. They may be used to build a profile of your interests and show you relevant advertisements on other sites. They work by uniquely identifying your browser and internet device. Under GDPR, your explicit consent (opt-in) is required before We place these cookies. The use of these cookies may constitute a "sale" or "sharing" of personal information under the CCPA, for which you have the right to opt-out (see Section 11).

Cookie Duration: Cookies can be "session" cookies (which expire once you close your web browser) or "persistent" cookies (which stay on your device for a set period or until you delete them).

Your Cookie Choices and Consent Management: We respect your right to privacy. When you first visit Our Website, you will be presented with a cookie banner or tool that provides information about the cookies We use and allows you to manage your preferences. Except for strictly necessary cookies, We will only place other cookies on your device if you provide your explicit opt-in consent via this tool (required by GDPR). You can withdraw or change your consent at any time through the same tool or link, typically found in the website footer. You can also control and manage cookies through your web browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, if you disable or refuse cookies, please note that some parts of this Website may become inaccessible or not function properly.

14. Children's Privacy

Our Website and services are intended for adults and are not directed to children under the age of 13 (as defined by the U.S. Children's Online Privacy Protection Act - COPPA) or under the age of 16 (as relevant for GDPR consent and CCPA opt-in for sale/sharing).

We do not knowingly collect personal information online from children under these ages without verifiable parental consent (for under 13s per COPPA) or appropriate opt-in consent (for under 16s regarding sale/sharing per CCPA). If We learn that We have collected or received personal information from a child under the relevant age without verification of parental consent or necessary opt-in, We will take steps to delete that information.

If you are a parent or guardian and believe that your child has under the relevant age provided Us with personal information without your consent, please contact Us using the contact information provided in Section 16 below, and We will take steps to remove that information from Our systems.

This clause addresses specific legal requirements regarding minors' data and limits liability by stating the site's intended audience and policy against knowingly collecting children's data

15. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in Our practices, service offerings, legal requirements, or other factors. We will post any changes We make to Our Privacy Policy on this page. If We make material changes to how We treat Our users' personal information, We will notify you through a notice on the Website home page, by updating the "Last Updated" date at the top of this policy, and/or potentially via email if We have your address and the changes are significant.

The CCPA requires that We review and update Our privacy disclosures at least once every 12 months. We encourage you to review this Privacy Policy periodically to stay informed about how We are protecting the personal information We collect. Your continued use of the Website after We make changes is deemed to be acceptance of those changes.

This ensures compliance with update requirements (like CCPA's annual review) and informs users how they will be notified of changes.

16. Contact Information

If you have any questions, comments, or concerns about this Privacy Policy, Our data practices, or if you wish to exercise your privacy rights, please contact Us at:

Anne Taylor Communications Email: info@annetaylorco.com Providing clear and accessible contact information is essential for users to raise privacy concerns or exercise their rights.