top of page

Privacy Policy

​​

Effective Date: 30th June 2025

​

1. Introduction

Welcome to NarrativeEdge Coaching, a trading name of Alex Papaioannou, a sole trader registered with HMRC. We're dedicated to protecting your privacy and personal data. This policy explains how we collect, use, store, and share your data when you use our website, engage our services, or communicate with us.

As a UK sole trader, we comply with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

​

2. Who We Are (Data Controller)

Alex Papaioannou, trading as NarrativeEdge Coaching, is the Data Controller responsible for your personal data.

Our Contact Details: Name: Alex Papaioannou (NarrativeEdge Coaching) Email: info@narrativeedgegroup.co.uk Website: www.narrativeedgegroup.co.uk

​

3. What Data We Collect

We collect various types of personal data:

  • Identity & Contact Data: Your name, business name, role, email, LinkedIn, and website.

  • Service Interest Data: Information from your questionnaire about your coaching needs.

  • Communication Data: Records of emails and transcribed coaching sessions (e.g., from Google Meet, Zoom).

  • Technical & Usage Data: Limited website usage information collected automatically (e.g., IP address, browser type) by Wix for analytics and security.

We generally don't collect "special category data" (e.g., health information). If such data is incidentally disclosed during sessions, we handle it with extreme care and only process it with your explicit consent or if legally required.

​

4. How We Collect Your Data

We collect data through:

  • Directly from you: When you complete our website questionnaire, email us, or during coaching sessions.

  • Automated means: Wix automatically collects some technical data when you visit our website.

  • Third parties: Services like Google Meet or Zoom provide session transcripts, and Calendly provides scheduling information. Read.ai processes meeting data as part of our service delivery.

​​

5. How We Use Your Data (Lawful Basis)

We only use your personal data when legally permitted. Our main uses and their legal bases are:

  • Providing Coaching Services & Communication: Using your Identity, Contact, Service Interest, and Communication Data to deliver services and communicate with you.

    • Lawful Basis: Performance of a contract with you.

  • Service Enhancement with AI (Gemini & Read.ai): Using your Identity, Contact, Service Interest, and Communication Data (emails, session transcripts) to improve our understanding of your needs and tailor our coaching using Google's Gemini AI and Read.ai.

    • Lawful Basis: Explicit Consent. We obtain your specific, informed consent via our client contract before using these AI tools for this purpose.

  • Managing Our Relationship: Using your Identity and Contact Data to update you on changes or manage our service.

    • Lawful Basis: Performance of a contract; Legal obligation; Legitimate interests (business operations).

  • Business Operations & Security: Using Identity, Contact, Technical, and Usage Data for website administration, troubleshooting, security, and fraud prevention.

    • Lawful Basis: Legitimate interests (running our business, IT security); Legal obligation.

  • Website & Service Improvement: Using Technical and Usage Data for analytics to enhance our website, services, and marketing.

    • Lawful Basis: Legitimate interests (developing our business, improving user experience).

 

6. Sharing Your Data

We may share your data with:

  • Service Providers: Third parties who process data on our behalf and are bound by strict data protection agreements. These include:

    • Wix: For website hosting. (Wix Privacy Policy)

    • Google Workspace: For email, Google Meet, and Gemini for AI processing (under your consent). (Google Workspace Security Whitepaper)

    • Calendly: For scheduling. (Calendly Privacy Notice)

    • Read.ai: For AI-powered meeting transcription and analysis (under your consent). Our use of Read.ai complies with GDPR and DPA requirements; by default, your data processed by Read.ai is private and not used to train their AI models. You can find more details on Read.ai's compliance at their Trust Center: .

    • Lumin: For secure electronic signing and document management. Lumin processes data like your name, email, and document content during the signing process. Your files are encrypted in transit and at rest, and Lumin states they do not train models on your data or sell your information. Their servers are located in the United States, with transfers secured by SSL encryption. For full details, see Lumin's Privacy Policy and Personal Data policy

  • Legal & Regulatory Bodies: HMRC and other authorities when legally required. (HMRC Privacy Notice)

  • Professional Advisors: eg, Lawyers, accountants, etc., for professional services.

 

We ensure all third parties respect your data's security and use it only for specified purposes under our instructions.

 

7. International Data Transfers

Some service providers (like Google and Read.ai) may process your data outside the UK/EEA. When this occurs, we ensure your data receives similar protection by using appropriate safeguards, such as approved contractual clauses or transfers to countries with adequate protection deemed by the UK or European Commission.

 

8. Data Security

We implement robust security measures to protect your personal data from unauthorised access, loss, or disclosure. Access is limited to essential personnel, and we have procedures for handling any suspected data breaches.

 

9. Data Retention

We keep your personal data only as long as necessary to fulfil the purposes we collected it for, including legal and accounting requirements. Coaching-related data (communications, transcripts) is generally retained for the duration of our engagement and a reasonable period afterwards (e.g., 2-5 years) for reference and compliance.

 

10. Your Legal Rights

Under GDPR, you have rights regarding your personal data, including the right to:

  • Access your data.

  • Correct inaccurate data.

  • Request erasure of your data.

  • Object to or restrict processing.

  • Request data transfer.

  • Withdraw consent where we rely on it.

To exercise any of these rights, please contact us at info@narrativeedgegroup.co.uk. We aim to respond to legitimate requests within one month and may need to verify your identity for security.

 

11. Complaints

If you have concerns about our data practices, please contact us first. You also have the right to complain at any time to the Information Commissioner's Office (ICO), the UK's data protection supervisory authority (www.ico.org.uk).

 

12. Changes to This Policy

We review and update this Privacy Policy regularly. This version was last updated as per the effective date above.

bottom of page