This policy explains how Mindshift With Danni (Danni Suriano) collects, uses, and protects personal information for 1:1 coaching/counselling services, website enquiries, and bookings.
Information we collect
We collect information you provide directly, including your name, contact details, enquiry content, preferred session times, and any goals or concerns you share. If you book, we collect booking details and payment confirmations (processed securely by our payment provider—we do not store full card numbers). During 1:1 work, brief session notes may be kept to support continuity of care. We also receive basic website analytics and cookie data to improve the site.
How we use your information
We use your information to deliver 1:1 coaching/counselling; schedule sessions and manage administration; respond to enquiries; provide resources you request; maintain client records; improve services and website performance; and meet legal or regulatory obligations. With your consent, we may send emails with helpful tools or updates—you can unsubscribe anytime.
Sharing and third‑party providers
We do not sell your data. We share only what’s necessary with trusted providers for email, calendar/booking, video calls, payments, forms, and secure file storage (e.g., email platforms, calendar/booking tools, Zoom/Meet, Stripe/Square, cloud storage). These providers process data under their own privacy terms and may store data outside Australia. Confidential information shared in sessions is handled with care and disclosed only with your consent or if required by law (e.g., risk of harm or legal request.
Your choices and access
You can request access to, correction of, or deletion of your personal information (subject to legal and record‑keeping obligations). You may opt out of emails at any time. You can manage cookies in your browser settings. If you have questions about your data, contact us using the details below.
Security and retention
We use reasonable administrative, technical, and physical safeguards to protect personal information. While no system is 100% secure, we aim to minimise risk with strong passwords, limited access, and reputable providers. We retain information only as long as needed for the purposes above or as required by law, then securely delete or de‑identify it.
- Access limited to authorised personnel.
- Encrypted or secure connections where available.
- Regular review of stored data and retention periods.
