Privacy Policy

1. Introduction

Welcome to RD-Coaching. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we look after your personal data when you visit our website (https://www.rd-coaching.eu) and use our services, including Human Design readings and coaching sessions.

2. Data Controller

The “Controller” responsible for the processing of your personal data under the General Data Protection Regulation (GDPR) is:

Ralitza Dontcheva e.U.
Marisa-Mell-Gasse 3/2/2
1230 Vienna, Austria

Email: contact@rd-coaching.eu

3. Personal Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped as follows:

Identity Data: First name, last name, username (if applicable).
Human Design Data: Birth date, exact birth time, and birth location (city/country). This data is strictly necessary to generate your Human Design Chart and provide accurate readings.
Contact Data: Email address, billing address, telephone number.
Financial Data: Payment details. Note: We do not store credit card information. Payments are processed securely by our payment provider (Stripe).
Transaction Data: Details about payments to and from you and other details of products and services you have purchased from us.
Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
Usage Data: Information about how you use our website (via Google Analytics).

4. How We Collect Data

We use different methods to collect data from and about you:

– Direct interactions: You may provide us with your identity, Human Design, and contact data by filling in forms on our website (e.g. booking a session, purchasing a product, requesting a free chart) or by corresponding with us by email.

– Automated technologies: As you interact with our website, we automatically collect technical data about your devices and browsing behavior through cookies and server logs.

– Server log files: When you visit our website, technical information is automatically collected by the hosting provider in so-called server log files. This may include, in particular, IP address, date and time of access, page/file accessed, browser type, operating system, and referrer URL. Processing is carried out to ensure the technical operation of the website, system security, and error analysis on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR.

5. Purposes and Legal Bases for Processing

We will only use your personal data when the law allows us to. Most commonly, we use your personal data in the following circumstances:

Purpose / Activity	Type of Data	Legal Basis for Processing
To process your order (Human Design Readings, coaching packages)	Identity, contact, financial, transaction	Performance of a contract (Art. 6(1)(b) GDPR)
To create your Human Design chart and personal interpretation	Identity, Human Design data (date of birth, time of birth, place of birth)	Performance of a contract (Art. 6(1)(b) GDPR)
To plan and manage appointments	Identity, contact	Performance of a contract (Art. 6(1)(b) GDPR)
To process payments and fees	Identity, financial, transaction	Performance of a contract (Art. 6(1)(b) GDPR)
To comply with tax and legal obligations (e.g. accounting)	Identity, transaction, financial	Legal obligation (Art. 6(1)(c) GDPR)
To analyse website traffic and improve our services	Technical data, usage data	Consent (Art. 6(1)(a) GDPR) via cookie banner
To ensure website security and fraud prevention	Technical data	Legitimate interest (Art. 6(1)(f) GDPR)

6. Data Sharing and Third-Party Processors

We do not sell your personal data. However, in order to provide our services, we share data with trusted third-party providers (“processors”). We have entered into appropriate data processing agreements with these providers to ensure that your data is protected.

The service providers we use include:

Hosting: Hostinger (website hosting).
CRM, appointment scheduling & communication: GoHighLevel (HighLevel Inc., USA) for managing customer data, bookings, calendars, appointment confirmations, follow-up communication, and — where separately consented to — email marketing.
Chart creation: Bodygraph (Human Design Technologies LTD, United Kingdom) for creating Human Design charts and analyses. In particular, name, email address, and birth data are processed for this purpose.
E-commerce & shop: FunnelKit (order processing).
Payment processing: Stripe (Stripe Payments Europe, Ltd., Ireland / Stripe Inc., USA). We share the necessary data with Stripe to process payments. Stripe also enables the use of third-party providers such as Apple Pay (Apple Inc.) and PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A.). If you choose these services, your data will be transmitted to these providers. The actual payment to us may be made via PayPal.
Video conferencing: Zoom (conducting online coaching/readings).
Analytics: Google Analytics (website usage statistics — only with your explicit consent).
Consent management: Complianz (management of cookie consent).

Special note regarding Human Design data:
To the extent that birth data is processed in connection with the creation of Human Design charts, this is done on the basis of your explicit consent (Art. 6(1)(a) GDPR). Since this data may allow conclusions to be drawn about personal beliefs or worldview, we also rely, as a precaution, on Art. 9(2)(a) GDPR.

7. International Data Transfers

Some of our service providers are located outside the European Union (EU) or the European Economic Area (EEA). We ensure that an adequate level of data protection is guaranteed whenever personal data is transferred to a third country.

United Kingdom (UK) – Bodygraph:
Data processing by Bodygraph takes place in the United Kingdom. The United Kingdom benefits from an adequacy decision by the European Commission confirming a level of data protection equivalent to that of the EU.

USA – HighLevel Inc., Stripe, Zoom, Google:
These providers are based in the USA. Transfers take place on the following legal bases:

– EU-U.S. Data Privacy Framework (DPF): The above-mentioned providers (in particular HighLevel Inc., Stripe Inc., Zoom Video Communications Inc., and Google LLC) are certified under the EU-U.S. Data Privacy Framework. For certified companies, the European Commission has recognized an adequate level of protection (adequacy decision pursuant to Art. 45 GDPR).

– Standard Contractual Clauses (SCCs): Additionally, or in the event that DPF certification is not in place or ceases to apply, we use the Standard Contractual Clauses approved by the European Commission pursuant to Art. 46 GDPR to contractually safeguard your data.

8. Social Media Presence

We maintain online presences on social networks to communicate with customers and interested parties (Art. 6 para. 1 lit. f GDPR). In this context, data may be processed outside the European Union.

– Instagram: ralli_dontcheva (Provider: Meta Platforms Ireland Ltd.).

– TikTok: rd_coaching (Provider: TikTok Technology Ltd., Ireland / TikTok Inc., USA).

– Facebook Fanpage: RD-Coaching (Provider: Meta Platforms Ireland Ltd.).

When you visit these profiles, the providers set cookies that analyze your user behavior. We receive anonymized statistics (“Insights”) from the providers, which help us optimize our content. For Meta products (Facebook/Instagram), a “Joint Controller” agreement exists in accordance with Art. 26 GDPR.

9. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying legal, accounting, or reporting requirements.

– Tax & accounting data: In Austria, under the Federal Fiscal Code (BAO), we are legally required to retain basic information about our customers (including contact, identity, financial, and transaction data) for tax purposes for 7 years. This period begins at the end of the calendar year in which the invoice was issued.

– Human Design data: Birth data (date, time, place) and the analyses created from it are stored for the duration of contract performance and customer care. Unless statutory retention obligations apply, this data will be deleted as soon as it is no longer required for the purpose for which it was collected or if you request deletion.

– Session/customer data: Data related to active coaching is stored for the duration of our coaching relationship. To ensure continuity of support, we retain this data for up to 3 years after our last interaction, unless you request earlier deletion and no legal obligations require longer retention.

– Analytics data: User-related data in Google Analytics is automatically deleted after 14 months.

10. Data Security

We have implemented appropriate security measures (including SSL encryption) to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. Access to your personal data is limited to those persons who have a genuine business need to know.

11. Your Rights (GDPR)

Under data protection laws, you have rights regarding your personal data, including the right to:

– Access your personal data.

– Correct your personal data.

– Erase your personal data (“right to be forgotten”).

– Object to the processing of your personal data.

– Restrict the processing of your personal data.

– Data portability.

– Withdraw consent at any time (where we rely on consent to process your data).

– You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data. In Austria, the competent authority is in particular the Austrian Data Protection Authority, Barichgasse 40–42, 1030 Vienna, dsb.gv.at.

To exercise any of these rights, please contact us at contact@rd-coaching.eu. We aim to respond to all legitimate requests within one month.

12. Cookies and Tracking

Our website uses cookies to distinguish you from other users of our website. This helps us provide you with a good browsing experience and enables us to improve our website.

We use Complianz to manage your cookie preferences. You can change your settings or withdraw your consent at any time via the cookie settings on our website.

– Essential cookies: Necessary for the functionality of the website (e.g. to maintain session data during the checkout process).

– Analytics cookies: (Google Analytics) Only activated if you give your consent.

Special note regarding Google Analytics:
Where we use Google Analytics, this is done exclusively on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future via the cookie settings. We use Google Analytics with activated IP anonymization (IP masking), so that your IP address is shortened within member states of the EU or in other contracting states to the Agreement on the European Economic Area. Data may be transferred to Google in the USA (see section 7 “International Data Transfers”).

13. Changes to This Policy

We keep our Privacy Policy under regular review. Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.

(Current version: March 2026)

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Ralitza Dontcheva e.U.
Email: contact@rd-coaching.eu
Address: Marisa-Mell-Gasse 3/2/2, 1230 Vienna, Austria