Coul & Gold

Privacy Policy

Effective date: May 9, 2026 | Last updated: May 9, 2026

This Privacy Policy explains how Coul & Gold (“Coul & Gold,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you visit our website, contact us, engage our professional services, or otherwise interact with us. By using our website or services, you agree to the practices described in this Policy.

This policy is designed to address U.S. privacy law (including the California Consumer Privacy Act / California Privacy Rights Act, “CCPA/CPRA”) and the EU and UK General Data Protection Regulation (“GDPR” / “UK GDPR”). If you are located in another jurisdiction, additional local rights may apply.

Contents

Who we are
Information we collect
How we use information
Legal bases for processing (EU/UK)
How we share information
Third-party services we use
Cookies and tracking technologies
Data retention
International data transfers
Data security
Your rights (EU/UK)
Your rights (California)
Children’s privacy
Changes to this policy
Contact us

1. Who we are

Coul & Gold provides professional services to clients and prospective clients. For purposes of the GDPR and UK GDPR, Coul & Gold is the “controller” of personal information collected through our website and in the course of providing our services, unless otherwise stated.

You can reach us at info@coulandgold.com.

2. Information we collect

2.1 Information you provide directly

Identity and contact information — such as your name, business name, title, email address, phone number, and mailing address.
Engagement information — details about the services you request, project background, documents you share with us, and communications.
Professional background and assessment information — career history, previous employers, job titles, dates of employment, education, professional credentials, references, resumes/CVs, biographical information, and any other personal or professional background information that you, your employer, or a third party (such as a recruiter or sponsoring organization) provide so that we can plan, conduct, score, and deliver our leadership assessments and related advisory services. This may include responses to assessment instruments, interview notes, 360-degree feedback, psychometric or behavioral assessment results, and supporting commentary.
Payment and billing information — billing name and address, and payment details processed by our payment provider (we do not store full card numbers ourselves).
Marketing preferences — your subscription status for our newsletters and marketing emails.

2.2 Information collected automatically

Device and usage data — IP address, browser type, operating system, referring URLs, pages viewed, links clicked, and timestamps.
Cookies and similar technologies — see Section 7.

2.3 Information from third parties

We may receive information from analytics providers, marketing platforms, hosting providers, and other partners (e.g., Google Analytics, HubSpot, Beehiiv, Notion, Netlify) about how you interact with our site, emails, or content.

3. How we use information

To provide, deliver, and administer our professional services, including planning, conducting, scoring, and delivering leadership assessments and related advisory work.
To respond to inquiries and communicate about engagements.
To process payments and manage billing.
To send service-related and (with your consent or where permitted by law) marketing communications.
To operate, maintain, secure, and improve our website and services.
To comply with legal obligations and enforce our agreements.
To establish, exercise, or defend legal claims.

4. Legal bases for processing (EU/UK)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

Activity	Legal basis
Providing services to a client	Performance of a contract; legitimate interests
Responding to inquiries	Legitimate interests (responding to your request); pre-contractual steps
Marketing communications	Consent (where required) or legitimate interests
Legal and regulatory compliance	Legal obligation
Website security and analytics	Legitimate interests; consent (for non-essential cookies)

We do not sell personal information for money. We share information only as follows:

Service providers / processors — vendors that host our site, process payments, send emails, and provide analytics, acting on our instructions.
Professional advisors — accountants, insurers, and lawyers, where appropriate.
Legal and safety — to comply with law, respond to lawful requests, or protect rights, property, or safety.
Business transfers — in connection with a merger, acquisition, financing, or sale of assets.
With your consent — where you have asked us to share information.

Some sharing for cross-context behavioral advertising or analytics may be considered a “sale” or “share” under California law. See Section 12 for your opt-out rights.

6. Third-party services we use

We use trusted third-party platforms to operate our business. These providers have their own privacy practices.

Provider	Purpose
Stripe and/or PayPal	Payment processing
Google Analytics	Website analytics and traffic measurement
HubSpot	Customer relationship management, forms, and marketing automation
Beehiiv	Newsletter delivery and subscriber management
Notion	Internal documentation, content management, and embedded pages or forms
Netlify	Website hosting, deployment, and related infrastructure (including server logs)

7. Cookies and tracking technologies

We and our service providers use cookies, pixels, and similar technologies to operate the site, remember your preferences, measure usage, and (where applicable) tailor marketing. Categories include:

Strictly necessary — required for the site to function.
Analytics — help us understand how visitors use the site (e.g., Google Analytics).
Marketing — used by HubSpot, Beehiiv, and similar tools to measure campaigns and personalize messages.

You can control cookies through your browser settings and, where offered, our cookie banner. Disabling cookies may affect site functionality.

8. Data retention

We retain personal information for as long as necessary to provide our services, comply with our legal, tax, accounting, and regulatory obligations, resolve disputes, and enforce our agreements. As a baseline, we retain personal information for a minimum of 12 months from the date of collection or the most recent interaction, and longer where required by law or where a longer retention period is justified by an ongoing client relationship, dispute, or legal obligation. When information is no longer needed, we delete or anonymize it.

9. International data transfers

We are based in the United States, and our service providers may process information in countries other than where you reside. Where we transfer personal information from the EU, EEA, or UK to a country that has not been recognized as providing an adequate level of protection, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable).

10. Data security

We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, loss, misuse, and alteration. No system is perfectly secure, however, and we cannot guarantee absolute security.

11. Your rights (EU/UK)

Subject to applicable law, you have the right to:

Access the personal information we hold about you;
Rectify inaccurate or incomplete information;
Request erasure of personal information;
Restrict or object to certain processing (including direct marketing);
Data portability;
Withdraw consent at any time, where processing is based on consent;
Lodge a complaint with your local data protection authority (in the UK, the Information Commissioner’s Office, ico.org.uk).

To exercise these rights, contact us at info@coulandgold.com.

12. Your rights (California)

If you are a California resident, the CCPA/CPRA gives you the right to:

Know what categories of personal information we collect, the sources, the purposes, and the categories of third parties with whom we share it;
Access a copy of the specific pieces of personal information we have collected about you;
Request correction of inaccurate personal information;
Request deletion of personal information, subject to certain exceptions;
Opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising;
Limit the use of sensitive personal information (we do not currently use sensitive personal information for purposes that trigger this right);
Be free from retaliation or discrimination for exercising your rights.

To submit a request, email info@coulandgold.com. We will verify your request using information we already hold about you. You may also designate an authorized agent to make a request on your behalf.

Categories of information collected, disclosed, or shared (last 12 months)

Category (Cal. Civ. Code §1798.140)	Collected	Disclosed for a business purpose	Sold/Shared
Identifiers (name, email, IP, etc.)	Yes	Yes	Possibly, via online advertising/analytics tools
Customer records (billing, contact)	Yes	Yes	No
Commercial information (services purchased)	Yes	Yes	No
Professional or employment-related information (career history, employers, titles, education, assessment data)	Yes	Yes	No
Internet/network activity (site usage)	Yes	Yes	Possibly, via analytics/advertising tools
Geolocation (general, IP-derived)	Yes	Yes	No
Inferences drawn from the above	Yes	Yes	No

13. Children’s privacy

Our services are directed to businesses and adults. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us so we can delete it.

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the “Last updated” date above. Material changes will be communicated through reasonable means.

15. Contact us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

Coul & Gold
Email: info@coulandgold.com

1. Who we are

2. Information we collect

2.1 Information you provide directly

2.2 Information collected automatically

2.3 Information from third parties

3. How we use information

4. Legal bases for processing (EU/UK)

5. How we share information

6. Third-party services we use

7. Cookies and tracking technologies

8. Data retention

9. International data transfers

10. Data security

11. Your rights (EU/UK)

12. Your rights (California)

Categories of information collected, disclosed, or shared (last 12 months)

13. Children’s privacy

14. Changes to this policy

15. Contact us