top of page
logo

Privacy Policy

Privacy Policy
Last updated: [07/Feb/2026]

This Privacy Policy explains how Andy Baker (“I”, “me”, “my”) collects, uses, and protects your personal data when you visit andybaker.xyz (the “Site”), contact me, or use my mentoring, coaching, speaking, and related services.

1) Who I am (Data Controller)

For the purposes of UK data protection law, I am the Data Controller for personal data collected via this Site and my services.

Name: Andy Baker
Email: [andy@able-training.co.uk]
Business address: [Unit 21, Springfield business park, Grantham, NG317FZ]


If you have any questions about this Privacy Policy or how I use your data, contact me using the details above.

2) The personal data I collect

Depending on how you interact with the Site or services, I may collect:

a) Identity and contact data
Name, email address, phone number, business name, role, and any information you choose to share in messages.

b) Booking and service data
When you book via Calendly, I may receive details such as your name, email, the appointment type, date/time, and any answers you provide to booking questions.

c) Payment and transaction data
If you pay via PayPal, I receive confirmation of payment and basic transaction details (for example your name, email, and payment reference). I do not receive or store your full card details.

d) Communications data
Emails and messages you send (including via website forms, email, and any business messaging channels used for support). This includes follow-ups, summaries, and action plans created during an engagement.

e) Session content and recordings (if applicable)
If your package includes recorded sessions, or we agree to record a call, this may include audio/video recordings and written summaries/action plans. Recordings and related files may be stored in Google Drive.

f) Technical and usage data (Site data)
Wix may collect information such as IP address, browser/device type, pages viewed, and cookie-related identifiers to help the Site function and (where enabled) to analyse performance.

3) How I use your data and the lawful basis

I only use your data where I have a lawful basis to do so:

a) To respond to enquiries and communicate with you
Purpose: reply to messages, arrange calls, provide information.
Lawful basis: Legitimate interests (running my business) and/or taking steps to enter into a contract.

b) To provide mentoring, coaching, speaking, and related services
Purpose: deliver what you book, create session plans, summaries, and agreed follow-up actions.
Lawful basis: Contract.

c) To manage bookings and scheduling (Calendly)
Purpose: confirm appointments, send reminders, reschedule, reduce admin errors.
Lawful basis: Contract and legitimate interests.

d) To take payments and keep financial records (PayPal, invoicing)
Purpose: process payments, refunds (if applicable), bookkeeping and tax.
Lawful basis: Contract and legal obligation.

e) To record and summarise sessions (only where included or agreed)
Purpose: accuracy, continuity, and providing you with recordings/summaries where promised.
Lawful basis: Contract (where included in your package) and/or consent where appropriate. You can ask not to be recorded, and I’ll work with that.

f) To send newsletters and marketing communications (Wix Email and Mailchimp)
Purpose: send updates, resources, offers, and relevant news.
Lawful basis: Consent (for most email marketing) and/or legitimate interests where permitted by law. You can unsubscribe at any time using the link in the email.

g) To keep the Site working and improve it (Wix)
Purpose: site functionality, security, and (where enabled) performance analytics.
Lawful basis: Legitimate interests and cookie consent (for non-essential cookies).

4) Who I share your data with

I share personal data only when needed to run the Site and deliver services. Key providers include:
Wix – website hosting, forms, and site infrastructure
Calendly – appointment scheduling
PayPal – payment processing
Mailchimp – email marketing and newsletters (and Wix Email for some communications)
Google Drive (Google) – storage of client resources and session recordings (where applicable)

These providers process data on my instructions (or as separate controllers in some contexts) and are expected to apply appropriate security measures. I may also share data where required by law (for example with HMRC, regulators, or law enforcement).

5) International transfers

Some providers (for example Calendly, PayPal, Mailchimp, and Google) may process data outside the UK. Where personal data is transferred internationally, safeguards may include recognised contractual protections and other measures designed to protect your information.

6) How long I keep your data (retention)

I keep data only for as long as necessary for the purpose it was collected, including legal and accounting obligations. Typical retention periods (adjust if you want different):
Enquiries (no booking): up to 12 months
Client engagement notes/summaries/action plans: up to 24 months after the final session (unless you request earlier deletion and there’s no legal reason to retain)
Session recordings (if used): up to 6 months after the final session, unless agreed otherwise
Invoices and transaction records: up to 6 years (for UK accounting/tax records)

7) Your data protection rights

You have rights including:
Access to your data
Correction of inaccurate data
Deletion of your data (in certain circumstances)
Restricting how your data is used
Objecting to processing in some cases
Data portability (where applicable)
Withdrawing consent at any time (where consent is the basis)
To exercise any rights, email me at [your email].

8) Complaints

If you’re unhappy with how I’ve handled your data, please contact me first so I can try to resolve it. You also have the right to complain to the Information Commissioner’s Office (ICO).

9) Cookies

The Site is built on Wix, which uses cookies and similar technologies for site functionality, security, and performance. Essential cookies help the Site work and generally cannot be switched off. Non-essential cookies (for example analytics/marketing cookies) are used only where enabled and, where required, with your consent. You can manage cookie preferences via the Site’s cookie banner (if enabled) and through your browser settings.

10) Security

I take reasonable steps to protect your personal data, including using reputable platforms (Wix, Google Drive, Calendly, PayPal, Mailchimp) and limiting access to information to what’s necessary for delivery and admin. No method of transmission or storage is 100% secure, but I aim to use sensible safeguards and good practice.

11) Children

This Site and my services are not intended for children, and I do not knowingly collect data from children.

12) Testimonials and public content

I do not publish testimonials using your name or photo unless you explicitly request it and agree what will be shared.

13) Changes to this Privacy Policy

I may update this Privacy Policy from time to time. The latest version will always be posted on this page with the updated date.

bottom of page