The AI Executive Career Lounge is operated by NAKAMA Europe LTD (“we,” “us,” or “our”) registered address: Lower Baggot Street 71, D02 P593 Dublin, Ireland. We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data in the context of our Career Coaching and Newplacement services.
The definitions used in this Privacy Policy correspond to those set out in Article 4 of the GDPR. For the context of our Career Coaching and Newplacement services, the following definitions apply:
‘Personal Data’ means any information relating to an identified or identifiable natural person (hereinafter ‘Data Subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental (e.g., coaching assessments), economic, cultural, or social identity of that natural person.
‘Processing’ means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection (e.g., receiving a CV), recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
‘Restriction of Processing’ means the marking of stored personal data with the aim of limiting their processing in the future.
‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures.
‘Controller’ means the natural or legal person, authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data (in this case, NAKAMA Europe Ltd and Zoom Consult GmbH.
‘Processor’ means a natural or legal person, authority, agency or other body which processes personal data on behalf of the controller (e.g., cloud-based coaching platforms or CRM systems).
‘Recipient’ means a natural or legal person, authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry shall not be regarded as recipients.
‘Third Party’ means a natural or legal person, authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her (e.g., signing a coaching agreement or opting into a Newplacement program).
The Controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member States of the European Union, and other provisions related to data protection is:
NAKAMA EUROPE LTD.
Ground Floor
71 Lower Baggot Street
Dublin D02 P593
Ireland
Contact E-Mail: office (at) nakamaeurope.com
Website: www.nakamaeurope.com
1. Definition of Personal Data
Personal data includes any information that allows for the direct or indirect identification of a natural person. This includes identifiers such as a name, an identification number, location data, or an online identifier, as well as information regarding the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
2. General Principles and Legal Basis
As a general principle, we collect and use the personal data of our users only to the extent necessary to provide a functional website and to deliver our professional content and services (such as Career Coaching and Newplacement).
The collection and use of our users’ personal data is carried out regularly only with the user’s consent (Art. 6 (1) (a) GDPR). An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by statutory provisions (e.g., if there is a legitimate interest in the data processing according to Art. 6 (1) (f) GDPR or if it is necessary for the performance of a contract according to Art. 6 (1) (b) GDPR).
3. Data Processing Principles and Data Accuracy
All processing of personal data is carried out strictly in accordance with the principles set forth in Article 5 of the GDPR (including lawfulness, fairness, transparency, and data minimisation).
To ensure that the information we store about you remains accurate and up to date, we kindly ask you to keep us informed of any changes to your personal details.
Every time you access our website, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:
Information about the browser type and the version used
The user’s operating system
The user’s Internet Service Provider (ISP)
The IP address of the user
Date and time of access
Websites from which the user’s system reaches our website (Referrer)
Websites accessed by the user’s system via our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
Legal Basis: The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR (Legitimate Interest). Our legitimate interest lies in the technical provision, stability, and security of the website.
1. We will only pass on your personal data to third parties if:
You have given your explicit consent in accordance with Art. 6 (1) (a) GDPR.
The disclosure is necessary for the performance of a contract with you in accordance with Art. 6 (1) (b) GDPR (e.g., sharing data with a payment provider or a specific Newplacement partner).
There is a legal obligation to disclose the data in accordance with Art. 6 (1) (c) GDPR.
Disclosure is necessary to protect our legitimate interests or those of a third party in accordance with Art. 6 (1) (f) GDPR, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
2. Categories of Recipients In the course of our business operations, particularly in Career Coaching and Newplacement, we may share data with the following categories of recipients:
Service Processors (External Providers): These include providers of IT infrastructure, cloud storage (e.g., Google Workspace, Microsoft 365), CRM systems (e.g. Close, Hellotalent), and email marketing tools. These providers are contractually bound as Processors under Art. 28 GDPR.
Payment Service Providers: To process payments for coaching sessions (e.g., Stripe, PayPal, or Irish banking institutions).
Communication Platforms: Providers of video conferencing tools (e.g., Zoom, Google Meet, Microsoft Teams) used for remote coaching sessions.
Newplacement Partners & Employers: Only with your prior explicit consent or within the framework of a specific Newplacement agreement, we may share relevant profile data with potential employers, recruiters, or partner agencies to facilitate your professional transition.
3. Data Transfer to Third Countries (Non-EEA)
Should we transfer data to a third country outside the European Economic Area (EEA), we ensure that an adequate level of data protection is maintained. This is achieved through:
An Adequacy Decision by the European Commission (e.g., for the UK or Canada).
The use of Standard Contractual Clauses (SCCs) issued by the European Commission.
Your explicit consent in specific individual cases.
Cookies:
Our website uses “cookies”. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the user’s computer system.
Technically Necessary Cookies: We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. (Legal Basis: Art. 6 (1) (f) GDPR).
Analytical/Marketing Cookies: We also use cookies on our website that allow an analysis of the user’s surfing behavior (e.g., Google Analytics). These are only used with your explicit consent. (Legal Basis: Art. 6 (1) (a) GDPR).
There is a contact form on our website which can be used for electronic contact regarding coaching or newplacement inquiries. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. Alternatively, contact is possible via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.
Legal Basis: The legal basis for processing the data is Art. 6 (1) (a) GDPR (Consent). If the contact aims at the conclusion of a coaching or Newplacement contract, the additional legal basis is Art. 6 (1) (b) GDPR (Performance of a contract).
Our website uses functions of the LinkedIn social media network. Within the European Economic Area (EEA) and Switzerland, these services are provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. For users outside the EEA, the provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Functionality and Data Transfer When you click the LinkedIn button (Plug-in) on our website, a direct connection is established between your browser and the LinkedIn server. If you are logged into your LinkedIn account, LinkedIn can assign your visit to our website to your user account.
By clicking the button, you will be redirected to our LinkedIn profile in a separate browser window. If you are logged in, you may then “follow” us or interact with our profile. LinkedIn receives the information that you have visited our website with your IP address.
Data Responsibility We wish to point out that as the provider of this website, we have no knowledge of the specific content of the (personal) data transmitted or its further use by LinkedIn. The data processing that occurs after clicking the button is the sole responsibility of LinkedIn.
Legal Basis The legal basis for the integration and display of the LinkedIn Plug-in on our website is our legitimate interest in the effective information of users and communication with users (Art. 6 (1) (f) GDPR). If you click the button and are redirected, the subsequent data processing by LinkedIn is based on your relationship with LinkedIn and their respective terms.
For more information, please refer to LinkedIn’s Privacy Policy at: https://www.linkedin.com/legal/privacy-policy.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. The provider within the European Economic Area (EEA) and Switzerland is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For all other users, the provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Purpose of Processing The purpose of reCAPTCHA is to verify whether data entry on our website (e.g., in a contact form) is performed by a human or by an automated program (bot). To this end, reCAPTCHA analyses the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the visitor enters the website.
Data Analysis During the analysis, reCAPTCHA evaluates various types of information, such as:
The IP address of the device used
The duration of the visit on the website
Mouse movements and keyboard strokes made by the user
Technical specifications of the browser and operating system
The data collected during this analysis is transmitted to Google. These analyses run entirely in the background, and website visitors are not explicitly notified that an analysis is taking place.
Legal Basis The data processing is based on Art. 6 (1) (f) GDPR (Legitimate Interest). As the website operator, we have a legitimate interest in protecting our professional coaching services and contact forms from abusive automated crawling, data harvesting, and SPAM.
Further Information For more information about Google reCAPTCHA and Google’s Privacy Policy, please visit the following links: https://policies.google.com/privacy and https://www.google.com/recaptcha/about/.
We offer the possibility to book coaching sessions or initial consultations directly through our website using the service TidyCal. The provider is ASO, LLC (AppSumo), 1645 E 6th St. Suite 125, Austin, TX 78702, USA.
Purpose and Data Collection If you use the TidyCal booking tool, you will be asked to provide certain personal data. This typically includes:
Identification and Contact Data: Name and email address.
Appointment Details: Date, time, and, if applicable, the subject or specific questions regarding your career coaching or Newplacement needs.
This data is transmitted directly to TidyCal and stored on their servers. TidyCal also integrates with our internal calendar (e.g., Google Calendar or Microsoft Outlook) to prevent double bookings.
Legal Basis The processing of your data through TidyCal is based on:
Art. 6 (1) (b) GDPR: For the performance of a contract or to take steps prior to entering into a contract (e.g., scheduling a consultation).
Art. 6 (1) (f) GDPR: Our legitimate interest in providing a user-friendly, efficient, and automated scheduling system for our clients.
Data Transfer to Third Countries As TidyCal is based in the USA, your data will be processed outside the European Economic Area (EEA). To ensure an adequate level of data protection, we rely on Standard Contractual Clauses (SCCs) and additional safeguards where necessary to protect your personal data.
Further Information For more details on how TidyCal handles your data, please refer to the Privacy Policy of AppSumo/TidyCal at: https://tidycal.com/privacy.
1. Scope of Data Collection
When you engage our services for Career Coaching or Newplacement, we collect and process the personal data necessary for the performance of our contractual relationship. This includes, in particular:
Master Data: Name, title, and contact information (email, phone, address).
Professional Profile Data: Curriculum Vitae (CV), employment references, academic transcripts, professional history, and LinkedIn profile details.
Coaching-Specific Data: Career goals, strengths/weaknesses analyses, results of personality or aptitude assessments, and notes taken during coaching sessions.
Payment and Billing Data: Bank details or credit card information (processed via secure payment providers), tax identification numbers (if applicable), and invoicing history.
2. Purpose of Processing
The processing of this data is carried out for the following purposes:
To provide tailored Career Coaching and Newplacement consulting.
To manage the client relationship (e.g., scheduling sessions via TidyCal, billing, and communication).
To assist in job search activities and professional repositioning.
To fulfill our legal and tax obligations (e.g., maintaining financial records under Irish law).
3. Legal Basis
Performance of a Contract (Art. 6 (1) (b) GDPR): Most of the processing is necessary to fulfill our coaching agreement with you.
Legal Obligation (Art. 6 (1) (c) GDPR): For tax and accounting purposes.
Consent (Art. 9 (2) (a) GDPR): Should you voluntarily provide health-related information (e.g., regarding burnout or disability) during coaching, we process this only with your explicit verbal or written consent.
4. Data Retention
As a career coaching provider based in Ireland, we retain your data only as long as necessary:
Client Files: Usually kept for the duration of the coaching and a period of [e.g., 3 years] thereafter, unless longer retention is required for legal defense.
Accounting Records: Under Irish tax law, invoices and related financial data must be kept for 6 years.
5. Confidentiality
All information shared during coaching sessions is treated with the highest level of confidentiality. We do not disclose the content of your sessions to third parties (including former employers in Newplacement cases) without your prior written permission.
1. General Retention Periods
Your personal data will be stored as long as there is a legitimate interest on our part in the data processing pursuant to Art. 6 (1) (f) GDPR or as long as your consent is provided.
We will delete your data as soon as you request such deletion; an informal email to our contact address is sufficient for this purpose.
2. Standard Deletion Cycles
In any case, we delete your personal data no later than three years after your last use of our services or our last contact with you. This period allows us to provide follow-up support or address potential liability claims within the standard limitation periods.
3. Statutory Exceptions
The aforementioned deletion periods only apply provided that no statutory retention obligations (e.g., under Irish tax or commercial law) prevent deletion.
Financial records and related personal data must be retained for 6 years to comply with Irish Revenue and accounting requirements.
In such cases, processing will be restricted, and the data will be deleted once these statutory periods expire.
We use Google Workspace (formerly G Suite) for our office administration, communication, and cloud storage. The provider within the European Economic Area (EEA) and Switzerland is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Scope of Processing As part of our Career Coaching and Newplacement services, we use Google Workspace for the following purposes:
Email Communication: Processing of inquiries, session notes, and client communication (Gmail).
Document Management: Storage and collaborative editing of CVs, coaching logs, and assessment results (Google Drive, Docs, Sheets).
Scheduling: Management of coaching appointments (Google Calendar).
In this context, Google processes the personal data you provide (e.g., name, contact details, professional history) on our behalf as a Data Processor.
Legal Basis
Art. 6 (1) (b) GDPR: The processing is necessary for the performance of our coaching contract with you.
Art. 6 (1) (f) GDPR: Our legitimate interest lies in the use of secure, professional, and efficient cloud-based administration and communication tools.
Data Security and Transfer to Third Countries
We have concluded a Data Processing Amendment (DPA) with Google Ireland Limited, which meets the requirements of Art. 28 GDPR. While Google Ireland Limited is our primary contractor, data may be processed on servers located in the United States or other third countries. To ensure an adequate level of data protection, Google relies on the EU-U.S. Data Privacy Framework and/or Standard Contractual Clauses (SCCs) approved by the European Commission.
Further Information
For more details on Google’s data processing, please consult Google’s Privacy Policy: https://policies.google.com/privacy.
Under the GDPR, you have the following rights regarding your personal data. To exercise any of these rights, please contact us at [office@nakamaeurope.com].
You have the right to request confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and detailed information about the processing.
You have the right to demand the immediate correction of inaccurate personal data concerning you and the completion of incomplete personal data.
You have the right to request the deletion of your personal data, provided that the processing is no longer necessary (e.g., the data is no longer needed for the coaching purposes) and no legal retention obligations (such as Irish tax law) prevent the deletion.
You have the right to request the restriction of processing of your personal data under certain conditions (e.g., if you contest the accuracy of the data, for a period enabling us to verify it).
You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Art. 6 (1) (f) GDPR (legitimate interests). We will then stop processing unless we can demonstrate compelling legitimate grounds that override your interests.
If the processing is based on your consent (e.g., for newsletters or specific coaching assessments), you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR. For our company, the competent authority is:
Data Protection Commission (DPC) 21 Fitzwilliam Square South Dublin 2, D02 RD28 Ireland Website: www.dataprotection.ie