LEGAL

Privacy Policy

Last updated: 1 May 2026

1. Who We Are

ChristianMindLab operates the website christianmindlab.com and provides private 1:1 guidance and coaching services. For the purposes of the General Data Protection Regulation (GDPR) and applicable European data protection law, ChristianMindLab is the data controller for personal data collected through this website.

If you have questions about how your data is handled, contact us at: hello@christianmindlab.com

2. Data We Collect and Why

We collect personal data only when you voluntarily provide it or when it is generated by your use of this website. We do not sell your data to third parties.

2.1 Booking a Session (Calendly)

When you book a free first conversation or a paid 1:1 session via our Calendly link, Calendly collects your name, email address, and any information you provide in the booking form. This data is processed by Calendly Inc. under their own Privacy Policy. We receive a copy of your booking details in order to prepare for and conduct the session.

Legal basis: Performance of a contract (Article 6(1)(b) GDPR).

2.2 State Notes Newsletter

If you subscribe to State Notes, we collect your email address. We use this to send you occasional essays and practical notes on pressure, avoidance, difficult conversations, and repeated professional patterns. You can unsubscribe at any time via the link in any email.

Legal basis: Consent (Article 6(1)(a) GDPR). You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

2.3 One-Sentence Contact Form

If you use the one-sentence contact form, we collect your email address and the message you submit so we can reply to your enquiry. This is processed through our form provider and used only for direct correspondence.

Legal basis: Legitimate interests (Article 6(1)(f) GDPR) and, where relevant, steps prior to entering a contract (Article 6(1)(b) GDPR).

2.4 Website Analytics

We collect anonymised usage data to understand how visitors interact with this website. This includes pages visited, scroll depth, and clicks on booking links. This data does not identify you personally and is not shared with advertising networks.

Legal basis: Legitimate interests (Article 6(1)(f) GDPR) — improving our website and understanding what content is useful.

2.5 Contact

If you contact us directly by email, we will hold your name, email address, and the content of your message in order to respond to your enquiry.

Legal basis: Legitimate interests (Article 6(1)(f) GDPR).

3. Cookies

This website uses a minimal number of cookies necessary for the site to function correctly. We do not use advertising or tracking cookies. We do not use Google Analytics or third-party advertising pixels.

Session data generated by your browser (such as scroll depth and click events) is processed locally and is not linked to a persistent identifier.

You can control cookies through your browser settings. Blocking all cookies may affect site functionality.

4. How We Share Your Data

We do not sell, rent, or trade your personal data. Data may be shared only in the following limited circumstances:

  • Calendly — for booking management (see Section 2.1)
  • Email service provider — for State Notes delivery (your email address only)
  • Legal obligation — if required by applicable law or a court order

All third-party processors we use are contractually required to handle your data in accordance with GDPR.

5. International Transfers

Calendly is a US-based service. Data transferred to Calendly is subject to Standard Contractual Clauses approved by the European Commission, ensuring an adequate level of protection. For more information, see Calendly's Privacy Policy.

6. How Long We Keep Your Data

  • Booking records — retained for as long as is reasonably necessary for the provision of services and applicable tax or legal obligations (typically 5–7 years).
  • Newsletter subscribers — retained until you unsubscribe or request deletion.
  • Email enquiries — retained for 24 months or until the matter is resolved, whichever is sooner.
  • Anonymised analytics — retained for up to 24 months.

7. Your Rights Under GDPR

If you are in the European Economic Area (EEA) or the United Kingdom, you have the following rights regarding your personal data:

  • Access — request a copy of the data we hold about you.
  • Rectification — request correction of inaccurate or incomplete data.
  • Erasure — request deletion of your data where there is no compelling reason for continued processing.
  • Restriction — request that we restrict processing of your data in certain circumstances.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at hello@christianmindlab.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

8. Data Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. This website is served over HTTPS. Access to booking and subscriber data is restricted to authorised individuals only.

9. Children's Privacy

This website and our services are not directed at persons under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Where changes are material, we will take reasonable steps to notify you (for example, by email if you are a subscriber).

11. Contact

For any questions or concerns about this Privacy Policy or how your data is handled, please contact:

ChristianMindLab
Email: hello@christianmindlab.com
Website: christianmindlab.com