Privacy Policy

Last updated: March 2026

1. Data Controller

This privacy policy applies to Touching Distance, a leadership coaching business operated by:

Linda Steinbock
Touching Distance Inh.Steinbock
Switzerland
Email: [email protected]

Linda Steinbock is the data controller responsible for the processing of your personal data. This means she determines the purposes and means of data processing and is responsible for compliance with applicable data protection laws, including the Swiss Federal Act on Data Protection (nDSG/revFADP) and the EU General Data Protection Regulation (GDPR).

2. What Data We Collect

We collect personal data in the following ways:

Contact and Enquiry Forms:

  • Name

  • Email address

  • Role and organisation

  • Location (for coaching context)

  • Coaching context and background information

  • Any other information you choose to share in forms

Newsletter Signups

  • Email address

  • First name

Payment Information

When you book a coaching session or purchase our services, payment information is collected through Stripe. We do not store credit card details directly; Stripe handles all payment processing securely. You may be asked for name, email, and billing address for invoicing purposes.

Website Usage Data

Our website hosting platform may collect basic server-level data, including:

  • Pages visited and time spent on each page

  • Browser and device type

  • General geographic location (country or region level only)

  • Referral source (how you found us)

  • Interaction patterns (e.g., buttons clicked, forms engaged with)

Cookies

We use functional and analytics cookies to improve your experience. See Section 9 (Cookies) for detailed information.

3. Legal Basis for Processing

Under the EU GDPR and Swiss nDSG, we process your personal data on the following lawful bases:

Consent (GDPR Article 6(1)(a) and Swiss nDSG Article 6(3)(a))

  • Newsletter signups: You explicitly consent to receive our newsletter by signing up

  • Marketing communications: Any optional marketing emails require your prior consent

  • Analytics and non-essential cookies: We ask for your consent before placing these on your device

Contractual Necessity (GDPR Article 6(1)(b) and Swiss nDSG Article 6(1)(b))

  • Coaching services: We process your data to deliver the coaching services you've requested

  • Payment processing: Name, email, and billing information is necessary to process payments and send invoices

  • Booking and scheduling: Contact information is necessary to confirm and manage your coaching sessions

Legitimate Interest (GDPR Article 6(1)(f) and Swiss nDSG Article 6(1)(c))

  • Website analytics and improvement: We have a legitimate interest in understanding how our website is used to enhance user experience

  • Service improvement: We improve our coaching offerings and services based on enquiry data and feedback

  • Fraud prevention: We process data to prevent fraudulent transactions and protect both your and our interests

4. How We Use Data

We use the personal data we collect for these specific purposes:

  • Responding to your enquiries and providing coaching programme briefs or quotations

  • Delivering coaching services you've booked with us

  • Processing payments and sending invoices

  • Sending newsletters and updates (only if you've signed up and not opted out)

  • Scheduling and confirming coaching sessions

  • Improving our website, services, and customer experience

  • Complying with legal obligations and professional standards

  • Preventing fraud and protecting our services from misuse

We will not sell, trade, or rent your personal information to third parties. We do not use your data for automated decision-making or profiling.

5. Third-Party Data Processors

We share your data with selected third parties only to the extent necessary to provide our services. All processors are bound by data protection agreements and are required to process data only as instructed.

Stripe (Payment Processing)

  • Location: USA (with EU-US Data Privacy Framework compliance)

  • Data processed: Name, email, billing address, transaction information

  • Purpose: Secure payment processing and invoicing

  • Privacy: Stripe Privacy Policy

Proton Mail (Email Communications)

  • Location: Switzerland

  • Data processes: Email address, name, message content

  • Purpose: All client and enquiry communications

  • All emails are end-to-end encrypted when sent between Proton users, and zero-access encrypted at rest

  • Privacy: Proton Privacy Policy

Proton Drive (Secure File Storage)

  • Location: Switzerland

  • Data processed: Coaching session notes, session recordings, and related client documents

  • Purpose: Secure, encrypted storage of confidential coaching materials

  • All data is end-to-end encrypted and stored on Swiss servers

  • Privacy: Proton Privacy Policy

FEA Create (Website and Newsletter Hosting)

  • Data processed: Email address, first name (for newsletters), website analytics, server logs

  • Purpose: Delivering newsletter and marketing communications, hosting and maintaining the Touching Distance website and courses

  • We use a GDPR-compliant email provider with Standard Contractual Clauses in place

Calendar and Booking Tools

  • Data processed: Name, email, coaching context, session preferences

  • Purpose: Scheduling and confirming coaching sessions

All processors are vetted for data protection compliance and are contractually required to implement appropriate technical and organisational security measures.

6. International Data Transfers

Touching Distance is based in Switzerland. Some of our service providers are located in the USA and other countries outside Switzerland and the EU.

Transfers to the USA

When we transfer data to USA-based processors (such as Stripe), we rely on:

  • The EU-US Data Privacy Framework for adequacy determinations

  • Standard Contractual Clauses (SCCs) approved by the European Commission and Swiss authorities

  • These mechanisms ensure that your data receives an adequate level of protection equivalent to EU/Swiss law

Swiss-Based Processing

The majority of your data is processed and stored in Switzerland through Proton Suite (email and file storage) and our Switzerland-based operations. Switzerland is recognised by both the EU and other jurisdictions as having adequate data protection laws. Your data is protected under Swiss law by default.

If you have concerns about international data transfers, please contact us at [email protected]

7. Data Retention

We keep your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Enquiry data (non-clients): Kept for 2 years from the date of enquiry, then securely deleted

  • Client coaching records: Kept for 5 years after the end of coaching services (professional and legal requirement for coaching records)

  • Newsletter subscribers: Kept until you unsubscribe, then immediately removed from mailing lists

  • Website usage data: Basic server logs retained by our hosting provider in accordance with their retention policy

  • Payment records: Invoice data is retained for 7 years (Swiss tax requirement)

  • Cookies: See Section 9 for cookie-specific retention periods

When data is no longer needed, it is securely deleted or irreversibly anonymised.

8. Your Rights

Under EU GDPR and Swiss nDSG, you have the following rights regarding your personal data:

Right of Access

You have the right to request and receive a copy of the personal data we hold about you, including information about how it's being processed.

Right of Rectification

If your personal data is inaccurate or incomplete, you have the right to request correction or completion.

Right of Erasure

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the original purpose or if consent is withdrawn. Note: Legal or professional obligations may require us to retain certain data (e.g., coaching records for 5 years).

Right of Restriction

You can request that we restrict the processing of your data (e.g., suspend use while you contest its accuracy).

Right to Data Portability

You have the right to request your personal data in a structured, commonly-used format and, where technically feasible, to transmit it to another organisation.

Right to Object

You can object to processing of your data on grounds of legitimate interest. For example, you can opt out of analytics tracking or marketing communications at any time.

Right to Withdraw Consent

If processing is based on consent, you have the right to withdraw consent at any time. This does not affect the lawfulness of processing before consent was withdrawn.

How to Exercise Your Rights: To exercise any of these rights, please contact Linda Steinbock at [email protected]. Please be as specific as possible about what you're requesting. We will respond within 30 days (or 45 days under Swiss nDSG if you're a Swiss resident) and will not charge a fee unless your request is manifestly unfounded.

Right to Lodge a Complaint

If you believe we've violated your data protection rights, you have the right to lodge a complaint with your local data protection authority:

  • EU residents: Your national Data Protection Authority (DPA)

  • Swiss residents: The Federal Data Protection and Information Commissioner (FDPIC / Préposé fédéral à la protection des données)

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website.

Functional Cookies (Essential)

  • These are necessary for the website to function properly (e.g., session management, form validation)

  • No consent is required; these are placed automatically

  • Retention: Session duration or up to 1 year

Marketing Cookies

  • We may use marketing cookies to display relevant content and track the effectiveness of campaigns

  • These are placed only with your explicit consent

Your Cookie Preferences

You have the right to accept, decline, or withdraw consent for non-essential cookies at any time. You can manage your preferences through:

  • Cookie banner: Shown on your first visit

  • Browser settings: Most browsers allow you to refuse or delete cookies

Please note that declining cookies may affect the functionality or appearance of our website.

10. Children's Personal Data

Our services are not directed at or intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16.

If we become aware that we have collected data from a child under 16 without parental consent, we will take steps to delete such data promptly.

For EU residents: Under GDPR, children under 16 cannot provide valid consent to data processing (in some member states, the age is higher). If you are under 16 and wish to sign up for services, please ask a parent or guardian to do so on your behalf.

11. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction.

These measures include:

  • Secure HTTPS connections for all data transmission

  • End-to-end encrypted email communications via Proton Mail (Switzerland)

  • End-to-end encrypted cloud storage for all coaching session notes and recordings via Proton Drive (Switzerland)

  • Access controls limiting data to authorised personnel only

  • Regular security reviews and updates

  • Secure payment processing through PCI-DSS compliant providers (Stripe)

While we strive to protect your data, no system is 100% secure. If you have security concerns, please contact us immediately.

12. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by email (if you have provided an email address) or by displaying a prominent notice on our website.

Your continued use of our website and services following notification of changes constitutes your acceptance of the updated privacy policy.

This policy was last updated in March 2026.

13. Contact Us

If you have questions about this privacy policy, your personal data, or how we process it, please don't hesitate to contact us:

Linda Steinbock

Touching Distance Inh.Steinbock

Switzerland

Email: [email protected]

We aim to respond to all privacy enquiries within 30 days.

FREE DOWNLOAD

Headline that hooks people in, gets them excited and makes them want to sign up.

© Touching Distance. 2026. All rights reserved.