Privacy Policy
Privacy Policy
This Privacy Policy outlines how Grant Galvin trading as CC YOUR FUTURE and Galvin & Co (“we”, “us”, “our”) collects, uses, stores, and protects personal information. We comply with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and other relevant legislation.
1. Who we are
We provide executive coaching, facilitation, and leadership development services. You can contact us at grant@ccyourfuture.
2. Personal information we collect
We collect personal information such as names, contact details, enquiry and booking information, coaching notes, recordings, transcripts, billing details, and website analytics data.
3. How we collect and use information
Coaching and group sessions may be recorded and transcribed using secure digital technology as part of our professional practice. These recordings and transcripts are used solely for reflection, analysis, professional supervision, and action summaries. Recordings are never shared with third parties and can be deleted on request. We also collect and use personal information to deliver coaching and facilitation services, manage records, process payments, and improve our services.
4. Confidentiality and professional ethics
We recognise that in most engagements, the coaching client and the paying organisation are different parties. All information shared in coaching sessions remains strictly confidential and is not disclosed to the sponsoring organisation without explicit written consent or legal requirement. We comply with the International Coaching Federation (ICF) Code of Ethics.
5. Client versus Sponsor roles and access to information
For the purposes of this policy:
Client means either:
(a) the individual who receives one-to-one coaching, or
(b) a team or group receiving collective coaching or facilitation.
Sponsor means any organisation, entity, or person that commissions, pays for, or sponsors services on behalf of a Client.
Where services are sponsored by an organisation, the Client’s confidentiality rights remain primary. Personal coaching data, session notes, emails, messaging including WhatsApp or similar, recordings, transcripts, reflections, and other process material are treated as confidential personal information of the Client.
We will not disclose confidential coaching information to a Sponsor, its executives, or any other third party without the Client’s express written consent, except where required by law.
Where a Sponsor is permitted to receive information about coaching progress, this will be limited to high-level themes or summaries that have been agreed in writing by both the Client and the Sponsor.
6. Team and Group Engagements
Where services are delivered to a team or group, we treat the team as a collective Client for the purposes of process, learning, and agreed outputs.
Individual contributions made during group sessions, including comments, reflections, or personal disclosures, are treated as confidential within the coaching process and are not attributed to named individuals in any reports or feedback to a Sponsor without that person’s explicit written consent.
Agreed team outputs, including shared insights, principles, actions, or commitments that emerge from facilitated sessions, may be shared with the Sponsor or relevant organisational stakeholders as part of the engagement, provided they do not identify individuals without consent.
Where we work with both an individual leader and their team, the individual’s one-to-one coaching remains confidential to that leader unless they provide express written consent for sharing. Team-level work is treated separately under this clause.
Team participants are not treated as individual coaching clients unless separately contracted.
7. Access to records and disclosure requests
Requests for access to personal coaching materials or records from Sponsors, executives, or third parties must be made in writing and will only be considered where the Client has provided express written consent or disclosure is required by law.
Formal deliverables prepared specifically for a Sponsor or Board under an engagement may be subject to separate contractual arrangements. Any request for release of such deliverables will be directed to the relevant governance authority of the sponsoring organisation, such as the current Chair of the Board, rather than being handled unilaterally by us.
We are not the custodian of organisational records, and we do not determine internal access rights within a sponsoring organisation.
8. Third-party tools and storage
We use secure technology platforms such as Squarespace, Google Workspace, Xero and AI tools, for hosting, communication, billing and synthesis of information. These providers may process data overseas. All are selected for their compliance with strong privacy and security standards aligned with the APPs.
9. Data security and retention
Your data is stored securely using password protection, encryption, and limited access. Recordings and related notes are retained only as long as necessary for service delivery, professional supervision, or compliance obligations.
10. Access, correction, and complaints
You may request access to, correction of, or deletion of your personal information at any time by contacting GRANT@CCYOURFUTURE.COM. Complaints can also be directed to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
11. Relationship with Terms and Conditions
This Privacy Policy operates alongside our Terms and Conditions. Where services are provided under a formal engagement agreement, issues of ownership of deliverables, governance access, and disclosure processes are governed primarily by the Terms and Conditions and any specific contract in place.
12. Updates
This policy may be updated periodically, with the most recent version available on our website.
13. Compliance with Australian Law
We operate under Australian law and comply with all applicable legislation, including the Privacy Act 1988 (Cth), the Australian Privacy Principles, and any other relevant consumer protection or data-handling regulations. If we serve international clients, we also act in the spirit of the EU GDPR where appropriate.