Back to home
ORSI.COACH

Privacy Policy

Last updated: April 21, 2026

This Privacy Policy explains what personal information we collect at orsi.coach, how we use it, and the rights you have over it. It is written in plain English because we actually want you to read it. If anything here is unclear, write to us at durberrylabs@gmail.com and we will answer.

Summary

We do not run advertising. We do not build profiles of you. We do not sell or share your data. We use Google Analytics only with your consent, and you can decline via the cookie banner. We collect your name and email when you buy a coaching package, we use a scheduling tool to help you book sessions, and that is essentially the entire story. The rest of this page is the careful version for anyone who wants the full picture.

Who we are

This site is operated by Durberry Labs, LLC, a Florida limited liability company that operates orsi.coach, with a mailing address at 1000 East Island Blvd. Apt 2709, Aventura, FL, USA. We are referred to in this policy as “we,” “us,” or “Durberry Labs.” We are the “data controller” of the personal information described here, within the meaning of the EU General Data Protection Regulation (GDPR) and the UK GDPR. For any privacy question, or to exercise any right described below, contact us at durberrylabs@gmail.com or by mail at the address above.

What we collect

We collect a very small amount of personal information, and only when you do one of a few specific things.

When you purchase a coaching package.Our payment processor, Stripe, collects your name, email address, and payment details at checkout. We never see your payment card number, CVV, or bank information. Stripe handles all of that directly, and we only receive confirmation that a payment succeeded, along with your name and email. Stripe may also capture your IP address and information about your device for fraud-prevention purposes under Stripe's own privacy policy.

When you book a session.After purchase, you receive a link to our scheduling tool, which is provided by Google Calendar. Google will ask you for your name, email address, and time zone to book the session, and you may optionally add a note about what you want to discuss. We receive this booking information by email. Google's handling of this data is governed by Google's own privacy policy.

When you email us. If you contact us directly, we see your name, email address, and the contents of your message.

When you visit the site. Our website host, Vercel, records standard server logs that include IP address and basic request information. We do not use these logs to profile visitors or build marketing audiences.

When you consent to analytics. If you accept the cookie banner, Google Analytics sets cookies that record a pseudonymous identifier, the pages you view, how long you stay, your approximate location (city/country from IP), and basic device and browser info. IP addresses are truncated by Google before storage. You can decline or withdraw consent at any time by clearing the orsi-coach-cookie-consent entry in your browser storage or by declining the banner on first visit. Withdrawing consent does not affect the lawfulness of any processing that took place before you withdrew it.

How we use your information

We use your name and email to process your purchase, deliver coaching sessions, send you scheduling links and reminders, respond to questions, and follow up about future sessions if you ask us to. We use booking information to run the session you booked. We use email contents to reply to you. That is the full list.

We do not use your information for advertising, profiling, automated decision-making, or marketing to third parties. We do not train any machine learning models on your data. We do not sell or rent your data to anyone, ever.

Sub-processors

We use a small number of trusted third-party services to run the business. Each is a “sub-processor” under GDPR terminology. None of them use your data for their own purposes beyond providing their service to us.

  • Stripe, our payment processor. Stripe handles all payment processing and holds your name, email, and payment details. See stripe.com/privacy.
  • Google LLC, scheduling via Google Calendar's appointment booking feature. Google holds the booking information you enter when scheduling a session. See policies.google.com/privacy.
  • Vercel Inc., our website hosting provider. Vercel serves orsi.coach to your browser and maintains standard server logs. See vercel.com/legal/privacy-policy.
  • Google LLC (analytics), via Google Analytics, acting as a data processor on our behalf. Engaged only if you consent to analytics cookies. Google Analytics is configured without Google Signals or demographic features, and data sharing with Google products and services is disabled. See policies.google.com/privacy.

If we add a new sub-processor that handles your personal data, we will update this policy before that change takes effect for existing customers.

International data transfers

If you are located in the European Union or the United Kingdom, your personal data will be transferred to and processed in the United States, where we and our sub-processors operate. Our US-based sub-processors Stripe, Google, and Vercel are all certified under the EU-US Data Privacy Framework(and the UK extension), which the European Commission has recognized as providing an adequate level of protection for personal data transferred from the EU to the US. Where Data Privacy Framework coverage is unavailable for any reason, transfers rely on the European Commission's Standard Contractual Clauses.

Cookies

Strictly necessary cookiesare set by Stripe's embedded checkout during a purchase. They are exempt from consent requirements under the EU ePrivacy Directive because they are strictly necessary to deliver a service you actively requested.

Analytics cookies (_ga, _ga_*) are set by Google Analytics only if you accept the cookie banner. They expire after up to 2 years. You can withdraw consent at any time.

We do not set advertising cookies and we do not embed third-party trackers other than Google Analytics (consent-gated).

Server logs

Our hosting provider, Vercel, maintains standard server logs that include IP addresses and basic request data for security and operational purposes. These logs are retained for approximately 30 days by default (this figure is based on Vercel's current published defaults and is subject to change by Vercel). We do not use these logs for analytics, marketing, or profiling, and we access them only to diagnose operational issues.

How long we keep your data

We keep your personal data only as long as we need it.

  • Purchase information (name, email, transaction records): kept for as long as you have unused credits, plus seven years afterwards to comply with US and international tax and accounting requirements.
  • Booking information (via Google Calendar): kept for the duration of our coaching relationship and typically up to two years after your last session, after which it is deleted from our calendar.
  • Email correspondence: kept for up to two years from the last message, unless longer retention is needed for a specific purpose such as an unresolved dispute.
  • Server logs (via Vercel):approximately 30 days, per Vercel's default retention.
  • Analytics data (via Google Analytics): retained per our GA property setting (default 14 months), after which it is aggregated or deleted by Google.

We delete data sooner on request where we are legally able to, under the rights described below.

Your rights

You have rights over your personal data. These rights apply to all buyers, though the specific legal source differs depending on where you live.

  • The right to know. You can ask us what personal data we hold about you, and we will tell you.
  • The right to a copy. You can ask us to send you a copy of your personal data in a portable format.
  • The right to correct. If any of your data is wrong, you can ask us to fix it.
  • The right to delete. You can ask us to delete your personal data. We will do so unless we are legally required to keep it (for example, tax records for a completed purchase).
  • The right to object and restrict. You can ask us to stop or limit certain processing of your data.
  • The right to withdraw consent.Where processing is based on your consent, you can withdraw it at any time—for analytics cookies, by clearing the orsi-coach-cookie-consent entry in your browser storage. Withdrawal does not affect the lawfulness of processing carried out before you withdrew it.

To exercise any of these rights, email durberrylabs@gmail.comwith the subject line “Privacy Request.” We will respond within 30 days. These requests are free, except in the rare cases where the law allows us to charge.

If you are in the EU or UK

You also have the right to lodge a complaint with your national Data Protection Authority if you are unhappy with how we handle your data. A list of EU authorities is at edpb.europa.eu. The UK authority is the ICO at ico.org.uk.

If you are in California

You have the additional rights under the CCPA/CPRA to know the categories of personal information we collect, to delete your data, to correct inaccurate data, and to opt out of the “sale” or “sharing” of personal information. As stated above, we do not sell or share your personal information under any definition of those terms, and we do not engage in cross-context behavioral advertising. California residents may also authorize an agent to make a request on their behalf.

If you are in Colorado, Connecticut, Virginia, Utah, or another US state with a consumer privacy law

You have substantially similar rights under your state's privacy law. Contact us at the same email address and we will handle your request under whichever framework gives you the strongest protection.

Lawful basis under GDPR

For buyers in the EU and UK, we process your personal data on the following lawful bases under Article 6 of the GDPR:

  • Performance of a contract (Article 6(1)(b)). We need your name, email, and payment details to provide the coaching you purchased.
  • Legitimate interests (Article 6(1)(f)). When you email us, we have a legitimate interest in responding to you. When we keep basic records of coaching engagements, we have a legitimate interest in running our business responsibly.
  • Legal obligation (Article 6(1)(c)). We retain purchase records for seven years to comply with tax and accounting law.
  • Consent (Article 6(1)(a)). We rely on consent when you accept analytics cookies via the cookie banner, or if you opt into a future newsletter. You can withdraw that consent at any time; withdrawal does not affect the lawfulness of processing carried out before you withdrew it.

We do not process any special-category personal data under Article 9 of the GDPR, and we ask that you do not share such data with us during a coaching engagement.

Children

Our services are for adults. We do not knowingly collect personal data from anyone under 18. You must be 18 or older to purchase coaching from orsi.coach. If you are under 18, please do not purchase a session and please do not send us your personal information.

Security

We take reasonable steps to protect your personal information. All traffic to and from orsi.coach is encrypted in transit using HTTPS. We rely on reputable sub-processors (Stripe, Google, Vercel) that maintain industry-standard security practices, and we limit access to data on a need-to-know basis. That said, no system is perfectly secure, and we will not pretend otherwise. We cannot guarantee the absolute security of information transmitted over the internet.

If we learn of a personal data breach that affects your information, we will notify you and the relevant supervisory authority as required by applicable law. For EU and UK buyers, this means notifying the supervisory authority within 72 hours of becoming aware of the breach where the breach is likely to result in a risk to your rights and freedoms, and notifying you directly where the breach is likely to result in a high risk.

Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change—for example adding a new sub-processor, changing how we use cookies, or starting to rely on a new lawful basis—we will update the “Last Updated” date at the top and, for significant changes, notify customers with active credits by email.

Contact

Privacy questions, data requests, or anything else covered by this policy: durberrylabs@gmail.com.