MindGlow – Global Client Privacy and Data Protection Agreement
1. Purpose of Data Processing
This Privacy and Data Protection Agreement (“Agreement”) explains how MindGlow d.o.o. (“MindGlow”, “we”, “our”, or “the Platform”) and its independent mentors and coaches collect, use, and protect your personal data.
MindGlow complies with:
The EU General Data Protection Regulation (GDPR),
The UAE Federal Decree-Law No. 45/2021 on Personal Data Protection (PDPL), and
The Australian Privacy Act 1988 (as amended 2024).
MindGlow acts as the Data Controller for all platform-related data.
Independent Mentors and Coaches act as separate Data Controllers for any personal data generated during their individual coaching or mentoring sessions.
2. Categories of Data Collected
Data Collected and Controlled by MindGlow
MindGlow collects and processes only the information necessary to operate the digital platform, process bookings, manage client accounts, and facilitate mentoring or coaching sessions.
Collected data may include:
Identification details: name, email address, and contact information.
Administrative data: billing details, payment confirmations, time zone, scheduling preferences.
Technical data: IP address, browser type, device information, session duration, and login metadata.
Communication metadata: messages or correspondence within MindGlow systems (Acuity, email, or integrated chat).
MindGlow does not collect or access any private notes, reflections, or progress documents from coaching sessions unless explicitly shared by the client for administrative or feedback purposes.
Data Collected and Controlled by Mentors and Coaches
Independent Mentors and Coaches may collect and process limited personal data directly related to their professional work with you, including:
Session notes, reflections, progress records, or developmental goals.
Each Mentor or Coach acts as an independent Data Controller for this session data and is solely responsible for maintaining its confidentiality and security in compliance with GDPR and equivalent international data protection standards.
3. Legal Basis for Processing
MindGlow processes personal data under one or more of the following legal bases:
Explicit consent (e.g., completing intake forms or subscribing to communications).
Performance of a contract (e.g., delivering coaching services).
Legal obligations (e.g., accounting or tax compliance).
Legitimate interests (e.g., improving platform security, service quality, and client experience).
4. Confidentiality and Security
All information shared through the MindGlow platform is treated as confidential.
MindGlow uses secure cloud hosting, encryption (SSL/TLS), access controls, and anonymization protocols to protect all stored data.
Mentors and Coaches are required to:
Use only GDPR-compliant and secure tools (Zoom, Google Workspace, Notion, or similar).
Store session data securely and confidentially.
Avoid sharing personal data or notes with any third party without client consent.
MindGlow, its Coaches, and Mentors do not sell, rent, or share personal data for advertising or marketing purposes.
5. International Data Transfers
MindGlow’s headquarters are based in the Republic of Croatia (EU), and its administrative and digital infrastructure are operated by T&C Enterprises Pty Ltd, Australia.
Where data is transferred outside the European Economic Area (EEA) — including to Australia, the UAE, or other jurisdictions — such transfers are safeguarded under:
EU Standard Contractual Clauses (SCCs), or
Other legally recognized mechanisms ensuring equivalent levels of protection.
6. Data Retention
Platform and administrative data are retained only as long as necessary for service delivery, legal compliance, or dispute resolution.
Mentors and Coaches retain personal session data only for the duration of the mentoring relationship and must securely delete or anonymize it within a reasonable time after service completion.
Accounting and billing data may be retained for up to 10 years in accordance with Croatian tax law.
7. Your Data Rights
Under EU GDPR, UAE PDPL, and Australian Privacy Law, you have the right to:
Access the personal data we hold about you.
Rectify inaccurate or outdated data.
Request erasure (“right to be forgotten”) where applicable.
Restrict or object to specific processing activities.
Request data portability (obtain your data in a structured format).
Withdraw consent at any time for non-essential processing.
Requests regarding platform data should be directed to MindGlow, while requests regarding session data should be directed to your Mentor or Coach.
MindGlow will respond to verified data requests within 30 days.
8. Data Breach Notification
MindGlow will promptly notify affected individuals and relevant supervisory authorities in the event of any confirmed personal data breach involving platform data, as required under GDPR.
Mentors and Coaches must notify MindGlow within 24 hours of discovering any data breach affecting client data collected during their sessions.
9. Cookies and Analytics
MindGlow uses cookies and analytics tools to enhance site functionality and track performance.
You can manage or disable cookies via your browser settings at any time.
Analytics data is aggregated and anonymized to ensure compliance with GDPR and UAE PDPL.
10. Children’s Data
MindGlow services are intended for adults (18+).
Clients under 18 must obtain the consent of a parent or legal guardian before using the platform or participating in coaching services.
11. Updates to This Agreement
This Agreement may be updated periodically to reflect legal or operational changes.
The current version is always available on the MindGlow website.
Continued use of MindGlow services after updates constitutes acceptance of the revised terms.
12. Contact Information
MindGlow d.o.o.
Email: andrea@mindglowccm.com
Administrative Partner: Chase Design Pty Ltd, Australia
Website: www.mindglowccm.com
If your inquiry relates to data collected by your Mentor or Coach, please contact them directly.
Effective Date: November 15, 2025