You're in Control
BESA Coaching respects your privacy rights under GDPR, UK GDPR, CCPA, PIPEDA, LGPD, and other applicable laws. Use the tools below to exercise your rights at any time.
Continued use of the BESA Coaching platform constitutes acceptance of the current version.
Your Data Rights
Select any right below to submit a formal request. We respond within 30 days (GDPR) or 45 days (CCPA/PIPEDA) of receipt.
Right of Access
Request a full copy of all personal data we hold about you, including how it is used and with whom it is shared.
Right to Rectification
Request correction of any inaccurate or incomplete personal data we hold about you.
Right to Erasure
Request deletion of your personal data where it is no longer necessary, or where you withdraw consent. Some data may be retained for legal obligations.
Right to Data Portability
Receive your personal data in a structured, machine-readable format to transfer to another service.
Right to Object / Restrict
Object to processing based on legitimate interests or restrict processing while a dispute is resolved.
Opt Out of Marketing
Withdraw consent for marketing communications at any time. Transactional emails (receipts, booking confirmations) are unaffected.
Response Timelines
Identity Verification
To protect your data from unauthorized access, we verify your identity before processing rights requests. Here's what to expect:
Submit Request
Use the portal above (logged in) or email [email protected]
Verification Email
We send a verification email to your registered address within 2 business days
Confirm Identity
Click the verification link or reply with your account email and last 4 digits of your registered phone (if provided)
Processing Begins
Once verified, the response clock starts. We may request additional documentation for sensitive requests (e.g., deletion of financial records)
Response Delivered
We deliver your data export, confirmation of deletion, or other response within the applicable legal timeframe
We will not charge a fee for reasonable requests. Manifestly unfounded or excessive requests may incur a reasonable administrative fee or be refused, with written explanation.
Appeal Process
If we decline your request or you are unsatisfied with our response, you have the right to appeal.
Step 1 — Internal Appeal
Email [email protected] with subject "Privacy Rights Appeal" within 30 days of our response. Include your original request reference and the reason for your appeal. We will respond within 30 days.
Step 2 — Supervisory Authority
If unsatisfied with our appeal response, you may lodge a complaint with your local data protection authority (see the Supervisory Authorities section below). This right is available at any time — you do not need to exhaust our internal process first.
CCPA Appeal Rights
California residents: if we deny your CCPA request, we will provide a written explanation. You may appeal to the California Privacy Protection Agency (CPPA) at cppa.ca.gov.
EU/UK Judicial Remedy
EU and UK residents have the right to an effective judicial remedy against BESA Coaching if we fail to comply with applicable data protection law, without prejudice to any administrative remedy before a supervisory authority.
Contact Our Privacy Team
For privacy rights requests, data breach notifications, or any privacy concern, contact our Privacy Officer directly. We are committed to responding within the timeframes required by applicable law.
Privacy Officer — B.E.S.A
Email: [email protected]
Security incidents: [email protected]
Response time: 30 days (GDPR/UK GDPR) · 45 days (CCPA/PIPEDA) · 15 business days (LGPD)
Identity verification may be required before processing requests.
Supervisory Authorities
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority:
EU / EEA
Your Member State DPA
United Kingdom
Information Commissioner's Office (ICO)
Canada
Office of the Privacy Commissioner
Québec
Commission d'accès à l'information
Brazil
ANPD — Autoridade Nacional de Proteção de Dados
Australia
Office of the Australian Information Commissioner
South Africa
Information Regulator
Singapore
Personal Data Protection Commission
California
California Privacy Protection Agency
Your Data is Secure
All personal data is encrypted at rest (AES-256) and in transit (TLS 1.3). We conduct regular security audits and maintain strict access controls. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.