| Category | Typical Items | Source | Purpose | Legal Basis | Retention |
|---|---|---|---|---|---|
| Contact data | name, e-mail, phone | You | Scheduling calls; direct marketing you requested | Contract (answer your enquiry) / Consent | 5 years from last interaction |
| Professional profile | job title, company details, challenges you share | You | Tailoring your coaching plan | Legitimate interest (deliver personalised service) | 5 years |
| Technical data | IP address, browser & device info, cookie ID | Automated | Site security; analytics | Legitimate interest (security, analytics) | 25 months (Google Analytics default) |
(888) 850-2716
Privacy Policy Page
1. Who we are
Davis Layne Group, LLC (“Davis Layne,” “we,” “us”) provides business-coaching services worldwide from the United States.
Main contact: [email protected]│ (888) 850-2716
Privacy Officer / DPO: Same as above (please mark the subject line “Privacy”).
EU/UK representative: [Pending – complete if/when you exceed GDPR Art 27 threshold].
2. Scope
This notice applies to personal information we collect when you:
visit davislaynegroup.com or any page we host,
request a call or consultation,
receive e-mails, SMS messages or other direct marketing from us, or
interact with us on social media.
3. What we collect & why
GDPR terminology provided for global clarity; under U.S. state laws these map to “business purposes.”
We do not collect sensitive personal data, children’s data (< 13 yrs), or financial/health data.
4. How we use cookies & tracking
Cookies are limited to:
Necessary– site security, load-balancing
Analytics – aggregate site statistics (Google Analytics 4 set to IP-anonymise)
You can block cookies in your browser at any time, and we honour Global Privacy Control (GPC) and other universal opt-out signals where required (currently CA, CO, CT, MT, NH, NE, TX and NJ from the relevant 2025 effective dates). koleyjessen.com
5. Sharing & selling
We do not sell personal information and do not share it for cross-context behavioural advertising. We disclose data only to:
| Recipient | Role | Safeguards |
|---|---|---|
| Cloud hosting & e-mail service providers | Data processors | Bound by written contracts & confidentiality |
| CRM / marketing-automation tool | Data processor | Processes contact data solely on our instructions |
| Legal / accounting advisors | Independent controllers | Only if necessary to comply with law |
No other third-party access occurs without your consent or a legal requirement.
6. Your rights & how to exercise them
| Jurisdiction | Rights | How to exercise |
|---|---|---|
| California, Colorado, etc. | Access, correct, delete, opt-out of sale/share, opt-out of targeted ads & profiling decisions | Fill in the web form or call (888) 850-2716 |
| Minnesota (from 31 Jul 2025) |
Above + right to question the result of a profiling decision felhaber.com | Same as above |
| EU / UK | Access, rectification, erasure, restriction/objection, portability, withdraw consent, lodge complaint | E-mail the Privacy Officer; complaints to your supervisory authority |
| China (PIPL) | Copy, correct, delete, portability; request audit summary | E-mail [email protected] |
| India (DPDP) | Access, correction, erasure, grievance redress | Contact our Grievance Officer ( |
7. International transfers
Primary servers are in the United States. Where GDPR applies, transfers rely on EU Standard Contractual Clauses; for the UK, the International Data Transfer Addendum; for China, CAC-filed SCCs where required. Data in transit and at rest is encrypted (TLS 1.2 +/AES-256).
8. Security measures
We follow ISO 27001 controls, perform annual penetration tests, and align our privacy program to the NIST Privacy Framework (v1.1), qualifying for the affirmative defence in the Tennessee Information Protection Act (effective 1 Jul 2025). whitecase.com
9. Automated decision-making
We do not use algorithms to make decisions that produce legal or similarly significant effects on you. If that changes, we will update this notice and provide a right to opt-out or obtain human review.
10. Retention
Contact and coaching-related data are kept no longer than five years after your last interaction unless a longer period is required by tax or accounting rules. This meets CPRA Regs §7021, which obliges businesses to publish maximum retention periods. pwc.com
11. Children’s privacy
Our services target adults. We do not knowingly collect information from children under 13 and we do not serve targeted ads to teens. Please contact us if you believe a child has provided data so we can delete it.
12. Changes to this policy
Material changes will be posted here and, if substantial, we will notify you by e-mail or site banner 30 days before they take effect.
Annex A – U.S. State Disclosures (supplement)
Sale / share: None in the preceding 12 months.
Targeted advertising: None.
Sensitive data: Not collected.
Universal opt-out: GPC and similar signals auto-processed in CA, CO, CT, MT, NH, NE, NJ, TX from their effective dates.
Appeals: If your request is denied you may appeal via [email protected]; unresolved issues may be escalated to your state AG.
Annex B – GDPR / UK GDPR
Controller: Davis Layne Group, LLC, United States.
Supervisory authority contact: Your local authority; in the EEA the lead is TBD once EU representative appointed.
Legal bases: See section 3.
DPIAs / data protection assessments: Conducted for any new processing that may pose high risk.
Right to lodge a complaint: You may complain to a supervisory authority at any time.
© 2025 Davis Layne Group. All rights reserved.