Privacy Policy - New Empowered You
Last updated: June 2026
1. Introduction
1.1 We are committed to safeguarding the privacy of our website visitors and service users.
1.2 This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
1.3 We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website and services, we will ask you to consent to our use of cookies when you first visit our website.
1.4 In this policy, “we”, “us,” and “our” refer to Olga Willemsen / New Empowered You. For more information about us, see Section 13.
2. How we use your personal data
2.1 In this section, we have set out: (a) the general categories of personal data that we may process; (b) the purposes for which we may process personal data; and (c) the legal bases of the processing.
2.2 Usage data. We may process data about your use of our website and services. This may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. This data is collected via Google Analytics. It is processed to analyze the use of our website and services. The legal basis is our legitimate interest in monitoring and improving our website and services.
2.3 Account data. We may process your name and email address. This data may be processed for the purposes of operating our website, providing our services, ensuring security, maintaining database backups, and communicating with you. The legal basis is our legitimate interests in the proper administration of our website and business, or the performance of a contract between you and us.
2.4 Profile and service data. We may process personal data provided in the course of using our services, including your name, address, telephone number, email address, and relevant personal background. The source of this data is you. It is processed to provide our services and communicate with you. The legal basis is the performance of a contract between you and us.
2.5 Health and session data (special category data). As a hypnotherapy and coaching practice, we may process health-related or sensitive personal information you share with us in the course of our services, such as information about your mental or physical health, personal history, and well-being. This is special category data under GDPR Article 9. We process this data only with your explicit consent, which we will request before or at the start of our work together. You may withdraw this consent at any time, though this may affect our ability to provide services. This data is used solely to deliver therapeutic and coaching services to you and is treated with the highest level of confidentiality.
2.6 Transaction data. We may process information related to transactions and purchases made through our website, including your contact and payment details, as well as transaction information. The source is you. This is processed to supply purchased services or products and maintain proper records. The legal basis is the performance of a contract between you and us.
2.7 Notification data. We may process information you provide when subscribing to our email newsletters or notifications, including your name and email address. This is processed for the purpose of sending you relevant communications. The legal basis is your consent, which you may withdraw at any time by using the unsubscribe link in any email.
2.8 Inquiry data. We may process information contained in any inquiry you submit to us. This is processed for the purposes of responding to your inquiry and offering relevant services. The legal basis is our legitimate interests in marketing our services.
2.9 Correspondence data. We may process the content and metadata of any communication you send to us. This is processed for the purposes of communicating with you and record-keeping. The legal basis is our legitimate interests in proper administration and communications.
2.10 We may also process any of your personal data where necessary for the establishment, exercise, or defense of legal claims; for compliance with a legal obligation; or to protect your vital interests or those of another person.
2.11 Please do not supply any other person’s personal data to us, unless we prompt you to do so.
3. Providing your personal data to others
3.1 We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise, or defense of legal claims.
3.2 Payment processing. Financial transactions are handled by Stripe (stripe.com). We share transaction data with Stripe only to the extent necessary to process payments, issue refunds, and handle related queries. You can review Stripe’s privacy policy at: https://stripe.com/privacy.
3.3 Bookings, email communications, and digital product delivery. We use GoHighLevel (gohighlevel.com) to manage appointment bookings, send email communications and newsletters, and deliver digital products. Your name, email address, and relevant booking or purchase information will be shared with GoHighLevel for this purpose. GoHighLevel is based in the United States. See Section 4 for information on international transfers.
3.4 Online sessions. We use Zoom (zoom.us) to conduct online sessions. When you participate in a Zoom session, Zoom may process your name, email address, and session data in accordance with their privacy policy, available at: https://zoom.us/privacy. Zoom is based in the United States. See Section 4 for information on international transfers.
3.5 Website analytics. We use Google Analytics (google.com/analytics) to analyze website usage. Google Analytics uses cookies to gather information about website use. You can review Google’s privacy policy at: https://policies.google.com/privacy.
3.6 In addition to the specific disclosures above, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation, to protect your vital interests or those of another person, or for the establishment, exercise, or defense of legal claims.
4. International transfers of your personal data
4.1 Some of our service providers are based outside the European Economic Area (EEA), in particular in the United States (GoHighLevel, Zoom, Google, Stripe). Transfers of personal data to these providers are made on the basis of Standard Contractual Clauses approved by the European Commission, or another appropriate safeguard under GDPR Chapter V.
4.2 You can obtain further information about the transfer safeguards used by contacting us using the details in Section 13.
4.3 You acknowledge that personal data you voluntarily submit for publication through our website may be available, via the internet, around the world. We cannot prevent others from using or misusing such personal data.
5. Retaining and deleting personal data
5.1 Personal data that we process shall not be kept for longer than is necessary for the purposes for which it is processed.
5.2 We will retain your personal data as follows: personal data and session/service data will be retained for a period of 15 years following the date of the last service provided by us, and in the case of minors, for a period of 15 years after they reach the legal age of majority. This retention period reflects our professional obligations and applicable legal requirements.
5.3 Transaction data and correspondence related to purchases will be retained for 7 years to comply with tax and accounting obligations.
5.4 Notwithstanding the above, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or to protect your vital interests or those of another person.
6. Amendments
6.1 We may update this privacy policy from time to time by publishing a new version on our website. The “Last updated” date at the top of this page indicates when it was last revised.
6.2 We recommend checking this page occasionally to ensure you are happy with any changes.
6.3 We may notify you of significant changes to this policy by email.
7. Your rights
7.1 Under data protection law, you have the following principal rights:
- (a) Right of access – to receive a copy of your personal data that we hold.
- (b) Right to rectification – to have inaccurate or incomplete data corrected.
- (c) Right to erasure – to have your data deleted in certain circumstances (e.g., where it is no longer necessary, or you withdraw consent), subject to legal exceptions.
- (d) Right to restrict processing – to limit how we use your data in certain circumstances.
- (e) Right to object – to object to processing based on legitimate interests, or to direct marketing.
- (f) Right to data portability – to receive your data in a structured, machine-readable format where processing is based on consent or contract and carried out by automated means.
- (g) Right to withdraw consent – where processing is based on consent, to withdraw it at any time without affecting the lawfulness of processing before the withdrawal.
- (h) Right to complain – to lodge a complaint with the Dutch supervisory authority, the Autoriteit Persoonsgegevens (AP), at autoriteitpersoonsgegevens.nl, or with the supervisory authority in your EU member state of habitual residence or place of work.
7.2 Some of these rights are subject to conditions and exceptions under applicable law. You may exercise any of your rights by contacting us using the details in Section 13.
8. About cookies
8.1 A cookie is a small file containing an identifier that is sent by a web server to a web browser and stored by the browser. The identifier is sent back to the server each time the browser requests a page.
8.2 Cookies may be “persistent” (stored until their expiry date or until deleted) or “session” cookies (which expire when the browser is closed).
8.3 Cookies do not typically identify you personally, but personal data we hold about you may be linked to information stored in cookies.
9. Cookies that we use
9.1 We use cookies for the following purposes:
- (a) Authentication – to identify you when you visit and navigate our website.
- (b) Analytics – to analyze the use and performance of our website and services (via Google Analytics).
- (c) Marketing – to track conversions from our Google Ads campaigns. Google may use cookies to measure the effectiveness of our advertising. You can manage your preferences at: https://adssettings.google.com.
10. Cookies used by our service providers
10.1 Our service providers may set cookies on your device when you visit our website.
10.2 Google Analytics – we use Google Analytics to analyze the use of our website. Google Analytics collects information about website usage through cookies. You can review Google’s privacy policy at: https://policies.google.com/privacy.
10.3 Google Ads – we use Google Ads to promote our services. Google may set cookies to track whether you have visited our website after seeing or clicking on one of our adverts. You can opt out of interest-based advertising at: https://adssettings.google.com.
11. Managing cookies
11.1 Most browsers allow you to refuse to accept cookies and to delete cookies. You can obtain up-to-date information about managing cookies in your browser via the links below:
- Chrome: https://support.google.com/chrome/answer/95647
- Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471
- Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge
- Opera: https://help.opera.com/en/latest/web-preferences/#cookies
11.2 Blocking all cookies may have a negative impact on the usability of many websites, including ours.
12. Special note on health data
12.1 In the course of our therapeutic and coaching work, we handle information that may relate to your physical or mental health. This is sensitive personal data (“special category data”) under Article 9 of the GDPR.
12.2 We process this data only on the basis of your explicit consent, given voluntarily before or at the start of our work together. We will never share health-related information with any third party except as set out in Section 3.1 (insurance and professional advisers) or where required by law.
12.3 All health and session data is treated with strict professional confidentiality, in line with our ethical obligations as a practitioner.
13. Our details
13.1 This website is owned and operated by Olga Willemsen, trading as New Empowered You.
13.2 We are registered in the Netherlands under Chamber of Commerce number 74866788. Our registered address is Dmn Honderslaan 8, 2242 RH Wassenaar, Netherlands.
13.3 You can contact us:
- By post: Dmn Honderslaan 8, 2242 RH Wassenaar, Netherlands
- By email: info@new-empowered-you.com
- By telephone: +31 6 15030900
- Via the contact form on our website: https://www.new-empowered-you.com/contact-rtt-therapist-hypnotherapist/
