Privacy Policy for Dan Goldfield

Last Updated: June 3, 2025

1. Introduction

I, Dan Goldfield ("I", "me", "my"), am committed to protecting the privacy and security of your personal information. This Privacy Policy describes how I collect, use, store, share, and protect your personal data when you visit my website https://dangoldfield.com (the "Site"), use my services (including my online quiz, email sequences, and any potential 1:1 coaching sessions), or otherwise interact with me.

This policy has been prepared in accordance with the UK General Data Protection Regulation (UK GDPR).

2. About Me (Data Controller)

For the purpose of the UK GDPR, the data controller is:

Dan Goldfield

Email: dan@dangoldfield.com

Website: https://dangoldfield.com

3. What Personal Data I Collect

I may collect, use, store, and transfer different kinds of personal data about you, which I have grouped together as follows:

• Identity Data: Includes first name, last name (if you provide it).
• Contact Data: Includes email address.
• Quiz & Profile Data: Includes your answers to quiz questions, the spiritual path segment you are assigned (e.g., "Striver," "Surrenderer"), your preferences, feedback, and survey responses.
• Technical Data: Includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. This is often collected via cookies or server logs.
• Usage Data: Includes information about how you use my website, products, and services (e.g., which pages you visit, how long you spend on them, email open and click-through rates).
• Marketing and Communications Data: Includes your preferences in receiving marketing from me and your communication preferences.
• Client Data (for 1:1 Coaching): Any personal information you choose to share with me during coaching sessions for the purpose of receiving coaching. This information is treated with strict confidentiality.
• Payment Data (for 1:1 Coaching): I use third-party payment processors (e.g., Stripe, PayPal) to handle payments. I do not store your full credit card or bank account details. The payment processor will have its own privacy policy.

4. How I Collect Your Personal Data

I use different methods to collect data from and about you including through:

Direct interactions: You may give me your Identity, Contact, Quiz & Profile Data by filling in forms (like my online quiz or contact forms) or by corresponding with me by post, phone, email, or otherwise. This includes personal data you provide when you:

• Take my online quiz.
• Subscribe to my email list or publications.
• Request marketing to be sent to you.
• Engage in 1:1 coaching sessions.
• Give me feedback or contact me.

Automated technologies or interactions: As you interact with my website, I may automatically collect Technical Data about your equipment, Browse actions, and patterns. I collect this personal data by using cookies, server logs, and other similar technologies. Please see Section 10 (Cookies) for further details.

5. Lawful Basis for Processing Your Data

I will only use your personal data when the law allows me to. Most commonly, I will use your personal data in the following circumstances:

• Consent: Where you have given me explicit consent to process your personal data for a specific purpose (e.g., to receive my email sequences and marketing emails after taking the quiz). You can withdraw your consent at any time by contacting me or using the unsubscribe link in emails.
• Contract: Where I need to perform the contract we are about to enter into or have entered into with you (e.g., to provide 1:1 coaching services you have paid for).
• Legitimate Interests: Where it is necessary for my legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, for analyzing website usage to improve my services, or for administrative purposes.
• Legal Obligation: Where I need to comply with a legal or regulatory obligation.

6. How I Use Your Personal Data

I use your personal data for the following purposes:

• To provide you with quiz results and tailored email sequences based on your quiz answers.
• To send you newsletters, spiritual guidance, information about my services, and other communications you have consented to receive.
• To provide 1:1 coaching services and support.
• To manage my relationship with you, including notifying you about changes to my terms or privacy policy.
• To administer and protect my business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).
• To use data analytics to improve my website, services, marketing, customer relationships, and experiences.
• To respond to your enquiries and provide support.

7. Data Sharing and Third Parties

I do not sell your personal data. I may have to share your personal data with the parties set out below for the purposes set out in Section 6:

Service Providers:

• Email marketing and automation services (e.g., ConvertKit) to manage my email lists and send you communications.
• Quiz platform providers (e.g., Tally.so, if applicable) to host my quiz.
• Automation tools (e.g., Zapier) to integrate my software.
• Website hosting providers.
• Analytics providers (e.g., Google Analytics) to understand website traffic and user behaviour.
• Payment processing providers (e.g., Stripe, PayPal) for coaching services.

Professional Advisers: Acting as processors or joint controllers including lawyers, bankers, auditors, and insurers based in the UK who provide consultancy, banking, legal, insurance, and accounting services.

HM Revenue & Customs, regulators, and other authorities: Acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

I require all third parties to respect the security of your personal data and to treat it in accordance with the law. I only permit them to process your personal data for specified purposes and in accordance with my instructions.

International Data Transfers:

Some of my external third-party providers are based outside the UK, so their processing of your personal data will involve a transfer of data outside the UK.

Whenever I transfer your personal data out of the UK, I ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• The country has been deemed to provide an adequate level of protection for personal data by the UK.
• I use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (e.g., the UK Addendum to the EU Standard Contractual Clauses).

Please contact me if you want further information on the specific mechanism used by me when transferring your personal data out of the UK.

8. Data Retention

I will only retain your personal data for as long as reasonably necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

• For email subscribers, I will retain your data as long as you remain subscribed or until you request deletion.
• For coaching clients, data may be retained for a period necessary to comply with legal and professional indemnity obligations (e.g., typically 6-7 years after our engagement ends).

I may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case I may use this information indefinitely without further notice to you.

9. Data Security

I have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These include, but are not limited to, SSL encryption for data transfer, secure servers, and password protection for systems where personal data is stored.

In addition, I limit access to your personal data to myself and those agents, contractors, and other third parties who have a business need to know. They will only process your personal data on my instructions, and they are subject to a duty of confidentiality.

I have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where I am legally required to do so.

10. Cookies

My website may use cookies to enhance your experience. Cookies are small text files placed on your device to collect standard Internet log information and visitor behaviour information.

You can set your browser not to accept cookies, and the below websites tell you how to remove cookies from your browser. However, in a few cases, some of my website features may not function as a result.

For further information visit www.aboutcookies.org or www.allaboutcookies.org.

You may also be presented with a cookie consent banner on my website where you can manage your preferences for non-essential cookies.

11. Your Legal Rights

Under certain circumstances, you have rights under UK data protection laws in relation to your personal data:

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data (e.g., for direct marketing).
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent at any time where I am relying on consent to process your personal data.

To exercise any of these rights, please contact me at dan@dangoldfield.com. I may need to request specific information from you to help me confirm your identity.

12. Children's Privacy

My services are not intended for children (individuals under the age of 18), and I do not knowingly collect data relating to children.

13. Links to Other Websites

My website or emails may contain links to other websites. This privacy policy only applies to my website, so when you link to other websites, you should read their own privacy policies.

14. Changes to This Privacy Policy

I keep this privacy policy under regular review and may update it from time to time. The "Last Updated" date at the top of this policy indicates when it was last revised. I will notify you of any material changes as required by law. I encourage you to review this Privacy Policy periodically to stay informed about how I am protecting your information.

15. Contact Information and Complaints

If you have any questions about this privacy policy or my privacy practices, or if you wish to exercise any of your rights, please contact me at:

Dan Goldfield

Email: dan@dangoldfield.com

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). I would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact me in the first instance.

ICO Contact Details:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk