1. Who We Are
This Privacy Policy explains how New Empowered You ("we", "us", "our") collects, uses, and protects personal data in connection with our digital products and training programs.
Business name: New Empowered You – Olga Willemsen (ZZP)
Registered address: Dominee Honderslaan 8, 2242RH Wassenaar, Netherlands
Contact email: [email protected]
We are the data controller for personal data processed in connection with purchases made through our website and GoHighLevel platform.
2. What Personal Data We Collect
We collect the following personal data:
2.1 At the Point of Purchase
Full name
Email address
This data is collected directly from you when you complete a purchase. It is necessary to create your account, deliver your digital products, and provide you with access to your training content and community.
2.2 Automatically via Third-Party Platforms
When you access our platform, our payment processor and hosting service may collect technical data such as IP addresses, browser type, and transaction details. Please refer to the relevant third-party privacy policies listed in Section 5.
3. Why We Process Your Data and the Legal Basis
Under the General Data Protection Regulation (GDPR), we rely on the following lawful bases:
3.1 Performance of a Contract (Article 6(1)(b) GDPR)
We process your name and email address to:
Fulfill your purchase and grant access to digital products
Send you login credentials and order confirmations
Provide access to the online community (where purchased)
Communicate with you about your account or access issues
3.2 Legal Obligation (Article 6(1)(c) GDPR)
We retain transaction and financial records for a minimum of 7 years to comply with Dutch tax and accounting law (Belastingdienst requirements).
3.3 Legitimate Interests (Article 6(1)(f) GDPR)
We may send you service-related communications (e.g., reminders about upcoming Q&A sessions, important updates to your access) via our email platform. These communications are directly related to the service you have purchased, and we consider this use proportionate to our legitimate interest in supporting your use of the product.
You may opt out of non-essential communications at any time by contacting us at [email protected].
4. Data Retention
We retain your personal data for the following periods:
Transaction and financial records: 7 years from the date of purchase (as required by Dutch tax law).
Account and access records: For as long as your access to our platform remains active, plus 2 years thereafter, unless you request earlier deletion.
Community membership data: Deleted or anonymised within 90 days after your community access period ends.
After these periods, your data is securely deleted or anonymised.
5. Third-Party Data Processors
We share your personal data only with trusted processors who help us deliver our services. All processors are bound by data processing agreements that require them to protect your data.
5.1 Stripe (Payment Processing)
We use Stripe, Inc. to process payments. When you make a purchase, your payment details are handled directly by Stripe. We do not store full card details.
Stripe is PCI-DSS Level 1 certified.
Stripe may process data in the United States. Transfers are safeguarded by Standard Contractual Clauses (SCCs) approved by the European Commission.
Stripe Privacy Policy: https://stripe.com/gb/privacy
5.2 GoHighLevel (Platform, Community & Email)
Our training content, community, and email communications are delivered through GoHighLevel (HighLevel, Inc.), a US-based CRM and marketing platform.
GoHighLevel processes your name and email to provide access to training content, the online community, and to send service emails.
GoHighLevel is based in the United States. Data transfers are safeguarded by Standard Contractual Clauses (SCCs).
GoHighLevel Privacy Policy: https://www.gohighlevel.com/privacy-policy
6. International Data Transfers
As noted above, we use processors (Stripe and GoHighLevel) that are based in the United States. When your personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place in accordance with Chapter V of the GDPR. These safeguards include Standard Contractual Clauses (SCCs) as approved by the European Commission.
By purchasing our products, you acknowledge that your data may be processed in the United States under these safeguards.
7. Cookies and Tracking Technologies
We currently do not use analytics or advertising tracking cookies on our funnel or website pages.
We may, in the future, implement the Meta Pixel (Facebook Pixel) to measure the effectiveness of advertising campaigns. If and when we do, we will update this Privacy Policy and implement a cookie consent mechanism in compliance with GDPR and the Dutch Telecommunications Act (Telecommunicatiewet) before any tracking commences.
8. Your Rights Under GDPR
As a data subject in the EU/EEA, you have the following rights:
Right of access: Request a copy of the personal data we hold about you.
Right to rectification: Ask us to correct inaccurate or incomplete data.
Right to erasure ("right to be forgotten"): Request deletion of your data, subject to our legal retention obligations.
Right to restriction of processing: Ask us to limit how we use your data in certain circumstances.
Right to data portability: Receive your data in a structured, machine-readable format.
Right to object: Object to processing based on legitimate interests.
Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at: [email protected]
We will respond within 30 days. We may need to verify your identity before fulfilling a request.
9. Data Security
We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These include:
Access to customer data is restricted to authorised personnel only.
Data is transmitted over encrypted (HTTPS) connections.
Payment data is processed directly by Stripe and never stored on our systems.
In the event of a personal data breach that is likely to pose a risk to your rights and freedoms, we will notify the Autoriteit Persoonsgegevens (AP) within 72 hours and, where required, notify you directly.
10. Complaints
If you have a concern about how we handle your personal data, please contact us first at [email protected]. We aim to respond within 14 business days.
If you are not satisfied with our response, you have the right to lodge a complaint with the Dutch data protection supervisory authority:
Autoriteit Persoonsgegevens (AP)
Website: https://www.autoriteitpersoonsgegevens.nl
Telephone: +31 (0)70 888 85 00
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Material changes that affect how we process your data will be communicated to you directly by email.
New Empowered You | The Hague, Netherlands | [email protected]