PRIVACY POLICY

===============

Alastair Ballentyne

Last updated: March 2026

1. WHO WE ARE

==============

This privacy policy explains how Alastair Ballentyne ("we," "us," "our") collects, uses, stores, and protects your personal data when you use our website, services, and communications.

Data Controller: Alastair Ballentyne (sole trader)

Contact email: [email protected]

Website: www.alastairballentyne.com

Location: London, United Kingdom

ICO registered

2. WHAT DATA WE COLLECT

=========================

We collect the following categories of personal data:

2.1 Data you provide directly:

— Name and email address (via the Resonance Compass quiz, masterclass opt-in, booking forms, newsletter signup, contact forms)

— Phone number (if provided during booking)

— Information you share during sessions (Belief Coding, EFT, readings, consultations) including personal circumstances, emotions, experiences, and goals

— Payment information (card details are processed by our payment provider and are not stored by us directly)

— Any other information you choose to share with us via email, messaging, or social media

2.2 Data collected automatically:

— IP address and approximate location

— Browser type and device information

— Pages visited and time spent on site

— Referral source (how you found us)

— Cookie data (see Section 9)

2.3 Special category data:

Some of our services (particularly Belief Coding and EFT) may involve the processing of special category data including information about your physical or mental health, emotional wellbeing, and personal beliefs. This data is processed on the basis of your explicit consent, given when you engage with the relevant service.

3. HOW WE USE YOUR DATA

=========================

We use your personal data for the following purposes:

Purpose: To deliver our services

Data used: Name, email, session information

Lawful basis: Contract — necessary to perform the service you have requested

Purpose: To send your quiz results and personalised recommendations

Data used: Name, email, quiz responses

Lawful basis: Consent — given when you submit the quiz

Purpose: To send you the masterclass and related follow-up emails

Data used: Name, email

Lawful basis: Consent — given when you opt in

Purpose: To send marketing emails (newsletter, offers, content updates)

Data used: Name, email

Lawful basis: Consent — given when you subscribe or opt in

Purpose: To process payments

Data used: Name, email, payment details

Lawful basis: Contract — necessary to complete the transaction

Purpose: To improve our website and services

Data used: Anonymised analytics data, cookies

Lawful basis: Legitimate interest — understanding how visitors use our site to improve the experience

Purpose: To respond to enquiries and complaints

Data used: Name, email, message content

Lawful basis: Legitimate interest — responding to communications

Purpose: To comply with legal obligations

Data used: As required

Lawful basis: Legal obligation

4. WHO WE SHARE YOUR DATA WITH

================================

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

Your data may be shared with the following categories of service providers who process data on our behalf:

— GoHighLevel (CRM, email marketing, quiz hosting, website hosting, booking system)

— Stripe (payment processing)

— Zoom (video sessions and consultations)

— Voxer / Telegram (accountability support messaging, where applicable)

— Google Analytics (website analytics, if enabled)

These providers act as data processors and are contractually required to handle your data securely and only for the purposes we specify.

Your data may also be disclosed where we are required to do so by law, regulation, or legal process, or where there is a serious and imminent risk of harm to you or another person.

5. HOW LONG WE KEEP YOUR DATA

===============================

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

— Client session records: Retained for 6 years from the date of the last session (in line with the UK limitation period for contractual claims)

— Email subscriber data: Retained until you unsubscribe. Upon unsubscription, your data is removed from active marketing lists within 30 days

— Quiz responses: Retained for 2 years from the date of submission

— Payment records: Retained for 6 years as required by HMRC for tax purposes

— Website analytics data: Anonymised and retained indefinitely for statistical purposes

— Enquiries and correspondence: Retained for 2 years from the date of the last communication

When data is no longer needed, it is securely deleted or anonymised.

6. HOW WE PROTECT YOUR DATA

==============================

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

— Secure, password-protected access to all systems containing personal data

— Use of reputable, GDPR-compliant third-party service providers

— Regular review of data handling practices

— Limiting access to personal data to only those who need it to deliver the services

No method of transmission over the internet or electronic storage is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security of your data.

7. YOUR RIGHTS

===============

Under the UK GDPR, you have the following rights regarding your personal data:

Right of access: You can request a copy of the personal data we hold about you.

Right to rectification: You can ask us to correct inaccurate or incomplete data.

Right to erasure: You can ask us to delete your data where there is no compelling reason for us to continue processing it.

Right to restrict processing: You can ask us to suspend processing of your data in certain circumstances.

Right to data portability: You can request that we provide your data in a structured, commonly used, machine-readable format.

Right to object: You can object to processing based on legitimate interests. You can also object to direct marketing at any time.

Right to withdraw consent: Where we rely on your consent to process data, you can withdraw that consent at any time. This does not affect the lawfulness of processing carried out before withdrawal.

Rights related to automated decision-making: You have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. We do not currently use solely automated decision-making in our services.

To exercise any of these rights, contact us at [your email address]. We will respond within one calendar month.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Website: ico.org.uk

Helpline: 0303 123 1113

8. INTERNATIONAL TRANSFERS

============================

Some of our service providers (such as GoHighLevel and Stripe) may process data outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your data to the standard required by UK GDPR.

9. COOKIES

===========

Our website uses cookies — small text files placed on your device — to improve your experience and help us understand how the site is used.

9.1 Types of cookies used:

Essential cookies: Required for the website to function (form submissions, session management, security). These cannot be disabled without affecting site functionality.

Analytics cookies: Used to understand how visitors interact with the site (e.g. pages visited, time on site). These help us improve the website. Data is anonymised where possible.

Third-party cookies: Set by embedded services such as video players (e.g. YouTube, Vimeo), social media widgets, or payment processors. These are governed by the respective third party's privacy policy.

9.2 Managing cookies:

You can manage or disable cookies through your browser settings. Most browsers allow you to:

— View what cookies are set

— Delete individual or all cookies

— Block third-party cookies

— Block all cookies from specific or all sites

— Set preferences for certain websites

Disabling certain cookies may affect the functionality of the website, particularly forms and booking systems.

For more information about cookies, visit allaboutcookies.org.

10. MARKETING COMMUNICATIONS

==============================

We will only send you marketing communications where you have given explicit consent — for example, by subscribing to our newsletter, opting in via the masterclass signup, or completing the Resonance Compass quiz.

Every marketing email includes an unsubscribe link. You can opt out at any time and your request will be processed within 48 hours.

Opting out of marketing communications does not affect any service-related communications (such as booking confirmations, session reminders, or account notifications).

11. CHILDREN'S DATA

=====================

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from someone under 18, we will delete it promptly.

12. CHANGES TO THIS POLICY

============================

This privacy policy may be updated from time to time to reflect changes in our practices, legal requirements, or the services we offer. The most current version will always be available at alastairballentyne.com/privacy.

Where significant changes are made, we will notify subscribers via email where practical.

13. CONTACT

=============

If you have any questions about this privacy policy or how we handle your personal data, please contact:

Alastair Ballentyne

Email: [email protected]

Website: www.alastairballentyne.com

© 2026 Alastair Ballentyne. All Rights Reserved.