Privacy Policy

The Change Leaders Attaché

Last updated: 16 March 2026

1. Introduction

Welcome to The Change Leaders Attaché (‘we’, ‘us’, ‘our’). We are an Australian coaching and change management consultancy dedicated to helping individuals and organisations navigate meaningful transformation.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, make an enquiry, or engage our services. It applies to all website visitors, prospective clients, and current clients.

By using our website or engaging our services, you acknowledge that you have read and understood how we handle your personal information. We encourage you to read this policy in full — your privacy matters to us.

We operate in accordance with the Privacy Act 1988 (Cth), including the 13 Australian Privacy Principles (APPs), and the Privacy and Other Legislation Amendment Act 2024 (Cth). Where relevant, we also have regard to international frameworks including the General Data Protection Regulation (GDPR) for European Union residents, the United Kingdom GDPR, and the California Consumer Privacy Act (CCPA) for Californian residents.

2. About Us

Business Name:  The Change Leaders Attaché

ABN:  47669294553

Contact Email:  kelly-anne@thechangeleadersattache.com

Website:  https://thechangeleadersattache.com/

We provide life coaching and change management consulting and coaching services to individuals and organisations across Australia and, increasingly, internationally. Our registered business address and primary operations are located in Australia.

3. Personal Information We Collect

We may collect the following types of personal information from you:

3.1 Information You Provide Directly

  • Full name, email address, phone number, and postal address
  • Professional details such as your job title, organisation, and industry
  • Information shared during coaching or consultancy sessions, including personal goals, challenges, employment circumstances, and life experiences
  • Payment and billing information (processed securely through third-party payment providers)
  • Correspondence and feedback you send us
  • Information submitted through our website contact or enquiry forms

3.2 Information Collected Automatically

  • IP address and browser type when you visit our website
  • Pages visited, time spent on site, and other usage analytics (via tools such as Google Analytics)
  • Cookie and tracking data as described in our Cookie Policy

3.3 Sensitive Information

If you choose to work with us as a client, coaching and change management engagements may involve the disclosure of sensitive personal information — such as details about your health and wellbeing, family circumstances, or career situation. We treat this information with the utmost care and confidentiality.

We will only collect sensitive information with your express consent, and it will only ever be used to support the services you have engaged us to provide. Website visitors who are simply browsing or making a general enquiry are not expected to share sensitive information.

4. How We Use Your Personal Information

We use the personal information we collect to run our business and serve you well. Specifically, we use it for the following purposes:

  • To provide, manage, and deliver our coaching and change management services to you
  • To communicate with you about your engagement, bookings, appointments, and progress
  • To process payments and maintain financial records
  • To send you relevant updates, newsletters, or resources (with your consent, and with an easy option to unsubscribe at any time)
  • To improve and develop our services and website
  • To comply with our legal and regulatory obligations
  • To respond to enquiries, feedback, or complaints

We will not use your personal information for any secondary purpose without your consent, unless permitted or required by law.

5. Disclosure of Personal Information

We respect your privacy and do not sell, rent, or trade your personal information. We may disclose your information in the following limited circumstances:

5.1 Service Providers

We may share information with trusted third-party providers who assist us in operating our business, including:

  • Website hosting and IT support providers
  • Email marketing platforms (e.g., Highpages or equivalent)
  • Payment processors (e.g., Stripe or equivalent)
  • Scheduling and video conferencing tools (e.g., Calendly, Zoom, GoogleHangouts)
  • Accounting and bookkeeping software (e.g., Xero)

These providers are contractually required to handle your information securely and only for the purposes for which it was shared.

5.2 Legal Requirements

We may disclose your information where required to do so by law, court order, or regulatory authority, or where we believe disclosure is necessary to protect our rights, safety, or the safety of others.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets, personal information may be transferred as part of that transaction. We will notify you if this occurs.

6. Overseas Disclosure

Our primary operations are based in Australia and most of your personal information is stored and processed here. However, some of the third-party service providers we use (such as cloud storage, email, or video conferencing platforms) may store or process data in overseas locations, including the United States, the European Union, or other countries.

Where we disclose personal information to overseas recipients, we take reasonable steps to ensure those recipients protect your information to a standard comparable to the Australian Privacy Principles, as required under APP 8. This may include entering into data processing agreements, relying on approved transfer mechanisms, or confirming that the recipient country has comparable privacy protections.

If you are located outside Australia and engage our services, please be aware that your information will be transferred to and processed in Australia, in accordance with Australian privacy law.

7. Additional Rights for International Clients

We intend to serve clients globally, and we respect the privacy rights applicable in other jurisdictions. The following additional rights may apply to you depending on your location:

7.1 European Union and United Kingdom (GDPR / UK GDPR)

If you are located in the EU or UK, you have the following rights under the GDPR or UK GDPR:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure (‘right to be forgotten’) in certain circumstances
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

Our lawful basis for processing your data is typically the performance of a contract (providing coaching services), legitimate interests, or your explicit consent. We do not rely on consent for routine service delivery.

7.2 California Residents (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act, including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of your personal information. We do not sell personal information.

7.3 New Zealand

New Zealand clients are also protected under the New Zealand Privacy Act 2020. We apply equivalent standards of care to New Zealand residents as we do to Australian residents.

To exercise any of the rights listed above, please contact us using the details in Section 11. We will respond within a reasonable timeframe and in accordance with applicable law.

8. Data Security

We take your privacy seriously and implement reasonable technical and organisational measures to protect your personal information from unauthorised access, misuse, loss, modification, or disclosure. These measures include:

  • Password-protected and encrypted storage systems
  • Use of reputable, security-certified cloud service providers
  • Restricted access to personal information on a need-to-know basis
  • Secure deletion of data that is no longer required

In the event of a data breach that is likely to result in serious harm to any individual, we will notify the affected individual(s) and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act.

9. Data Retention

We retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. In general:

  • Client session notes and coaching records are retained for a minimum of 7 years following the end of our engagement, unless you request earlier deletion (where legally permissible)
  • Financial and billing records are retained for 7 years in accordance with Australian tax law requirements
  • Marketing contact lists are maintained until you unsubscribe or request removal

When data is no longer required, it is securely deleted or de-identified.

10. Cookies and Website Tracking

Our website may use cookies and similar tracking technologies to enhance your browsing experience, analyse usage, and support our marketing activities. A cookie is a small text file stored on your device when you visit our website.

You may configure your browser to refuse cookies or to alert you when cookies are being sent. Please note that some features of our website may not function properly if cookies are disabled.

We may use analytics tools such as Google Analytics. Information collected through these tools is aggregated and does not personally identify you.

11. Your Privacy Rights (Australian Residents)

Under the Australian Privacy Act and APPs, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate, outdated, or incomplete information
  • Make a complaint if you believe we have breached your privacy
  • Opt out of direct marketing communications at any time

To exercise any of these rights, or to make an enquiry or complaint, please contact us using the details below. We will respond within 30 days.

If you are not satisfied with our response to your complaint, you may escalate it to the Office of the Australian Information Commissioner (OAIC):

Website:  www.oaic.gov.au

Phone:  1300 363 992

Post:  GPO Box 5218, Sydney NSW 2001

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact us:

The Change Leaders Attaché

Contact Email:  kelly-anne@thechangeleadersattache.com

Website:  https://thechangeleadersattache.com/

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the ‘Last updated’ date at the top of this policy and, where appropriate, notify you by email or via a notice on our website.

We encourage you to review this policy periodically to stay informed about how we protect your information.

This Privacy Policy was prepared in accordance with the Privacy Act 1988 (Cth), the Privacy and Other Legislation Amendment Act 2024 (Cth), and relevant international privacy frameworks.