At Leelou, we are committed to protecting your personal data and ensuring your privacy is safeguarded. This privacy policy outlines how we collect, process, and protect your personal information while you use our services, including our AI-driven coaching app, in compliance with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws.
1. Who We Are
Leelou is a service provided by TNM Coaching LLP, a Limited Liability Partnership registered in the United Kingdom (Companies House Partnership Number: OC340256). Our registered office is at 7 Bell Yard, London WC2A 2JR, UK. For any questions relating to this privacy policy, please contact us at dataprotection@tnmcoaching.com
2. What Is the Purpose of This Policy?
This privacy policy explains how we collect, use, and protect your personal information when you use our Leelou service. It also details your rights under data protection law, including the GDPR, and how you can exercise these rights. It applies to all clients and consumers of our products and services through TNM Coaching Business, TNM Life and TNM Academy.
3. Data Protection Principles
We are committed to processing your personal data in accordance with the GDPR principles. This means that your personal data will be:
- Processed lawfully, fairly, and transparently
- Collected for specified, legitimate purposes and not further processed
- Adequate, relevant, and limited to what is necessary for the purposes we’ve outlined
- Accurate and kept up to date
- Kept for no longer than is necessary for the purposes we collected it
- Stored securely and protected from unauthorised access
4. Information We Collect About You
When you use Leelou, we may collect the following types of data:
- Personal information: Name, email, phone number, and country (provided during signup or engagement through WordPress).
- Personal content: Information you choose to share during coaching engagements.
- Usage data: Activity logs, including the number of sessions and login timestamps.
- Conversation history: Retained for the duration of your assignment to enable Leelou to provide coaching services. It is up to you what you share. The history is kept solely for the purpose of facilitating coaching.
- Technical data: Device details, browser information, and IP address.
- Session engagement: Including session dates and any feedback provided.
5. How We Collect Your Data
We collect your data in the following ways:
- Directly from you when you sign up for our services, register for coaching sessions, or through interactions with the Leelou app or TNM Team
- Automatically via cookies and similar technologies when you use the Leelou app or website.
- Through third-party providers such as payment processors (e.g., Stripe, PayPal) or when you share feedback with us.
- Through referrals from clients (e.g. companies or organizations) who may put forward their employees to participate in a program, in which case we collect personal data shared by the client with appropriate consent.
6. How We Use Your Data
Your data is used exclusively to:
- Facilitate coaching sessions and enhance your experience.
- Retain conversation history temporarily to support effective coaching (deleted post-engagement).
- Track session engagement (e.g., login history, session counts).
- Communicate updates, session reminders, or promotional offers (based on your preferences).
- Ensure compliance with legal or contractual obligations.
7. Data Sharing and Third-Party Processors
We may share your personal data with trusted third-party service providers in the following circumstances:
- To support operational tasks such as payment processing, cloud storage, app development, communication services, and analytics. These service providers include (but are not limited to) WordPress, Twilio, Adamant Code, and OpenAI (used to power the Leelou AI coaching functionality).
- To improve our services via third-party analytics platforms like Google Analytics.
- To comply with legal obligations, such as responding to lawful requests from public authorities or regulatory requirements.
All third-party service providers are contractually obligated to handle your personal data securely and in compliance with applicable data protection laws.
8. International Data Transfers
Your personal data may be transferred to, and stored at, destinations outside the European Economic Area (EEA) as part of the services we provide, including for cloud storage and processing by third-party providers.
Our primary data storage locations are in Switzerland and the United States, but data may also be processed in other jurisdictions as necessary to operate our services effectively.
We take all necessary steps to ensure your data is handled securely and in compliance with GDPR requirements. This includes implementing appropriate safeguards such as Standard Contractual Clauses (SCCs) or other lawful mechanisms to ensure adequate protection of your data in jurisdictions that may not provide the same level of legal protection as the EEA.
We are committed to maintaining the highest level of security during these transfers to protect your privacy.
9. Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, including satisfying any legal, accounting, or reporting requirements. Retention periods for Leelou users are as follows:
- Personal Content: Information you choose to share during coaching engagements is retained for the duration of your assignment. It is deleted 30 days after the conclusion of your last coaching session or termination of your engagement with Leelou, whichever occurs later.
- Conversation History: This includes the full record of interactions during coaching sessions. It is retained for the duration of your assignment to enable Leelou to provide effective coaching services and is deleted 30 days after your last session. It is entirely up to you what personal information or details you share during these sessions.
- System Logs: Data such as login timestamps and the number of sessions are retained for analytics and support purposes.
- Retention Timeline: All personal data, including system logs and technical data, will be securely deleted or anonymized 7 months after your initial engagement with Leelou, or 30 days after your last coaching session, whichever comes first, unless legal or contractual obligations require otherwise.
After these retention periods, we will securely delete or anonymise your data, unless legal or contractual obligations require otherwise.
10. Your Rights Regarding Personal Data
Under the GDPR, you have the following rights regarding your personal data:
- Right to access: You can request a copy of the personal data we hold about you.
- Right to correction: You can request that we correct any inaccurate or incomplete data we hold about you.
- Right to erasure: You can ask us to delete your data if there is no valid reason for us to retain it.
- Right to restriction: You can ask us to limit the processing of your data in certain circumstances.
- Right to object: You can object to the processing of your data, especially if we are relying on legitimate interests as the basis for processing.
- Right to data portability: You can request your data in a structured, commonly used format so that you can transfer it to another service provider.
To exercise any of these rights, please contact us at dataprotection@tnmcoaching.com
11. Right to Withdraw Consent
If we process your personal data based on your consent, you have the right to withdraw that consent at any time. To do so, please contact us at dataprotection@tnmcoaching.com. Upon receiving your request, we will stop processing your personal data for the specific purpose(s) to which you originally consented, unless we have a legitimate legal basis to continue processing.
Please note that withdrawing your consent may limit your ability to access or use certain aspects of our services.
12. Security of Your Data
We have implemented appropriate technical and organisational measures to protect your personal data from accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures include access restrictions, secure storage systems, and regular security assessments.
Access to your personal data is strictly limited to individuals who require it for legitimate business purposes. All personnel with access to your data are trained in GDPR compliance and the importance of maintaining its security and confidentiality.
Additionally, conversation history is safeguarded with strict controls. Access to conversation history is limited solely to the user upon request and is not accessible by any other means. This provides an additional layer of privacy protection.
13. Cookies and Tracking Technologies
Leelou uses cookies and similar technologies to collect information about how you use our app and website, such as the pages you visit, time spent, and any actions taken during your coaching sessions. You can manage your cookie preferences by adjusting your browser settings. For more information, please read our Cookie Policy.
14. Changes to This Privacy Policy
We may update this privacy policy from time to time. If we make substantial changes, we will notify you via email or by providing a notice on our website. We encourage you to periodically review this policy to stay informed about how we are protecting your data.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled, please contact us at: