ASCENDIC is committed to protecting your privacy and handling your personal data with transparency and care. We comply with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.
ASCENDIC ("we", "us") is the data controller for personal data processed through the ASCENDIC platform at ascendic.ai and in the ASCENDIC mobile application. This Privacy Policy applies to all users — clients, coaches, and visitors — in the European Union and European Economic Area, as well as users in other jurisdictions where GDPR-equivalent standards apply.
Coaching can involve sensitive personal topics (health, mental wellbeing, relationships). We treat all coaching-related personal data with heightened care. We process such data only on the basis of your explicit consent. You control what you share with coaches through the Platform.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Create and manage your account | Account data | Contract performance |
| AI coach matching | Intake / matching data | Contract performance + Consent |
| Process payments | Payment data via Stripe | Contract performance |
| Deliver sessions and track progress | Session data, notes | Contract performance |
| AI Advisor functionality | Session history, goals, preferences | Consent |
| Online course delivery | Enrolment, progress data | Contract performance |
| Platform analytics and improvement | Usage data, aggregated | Legitimate interest |
| Legal compliance and accounting | Transaction records, identity | Legal obligation |
| Marketing communications | Email, preferences | Consent (opt-in only) |
| Fraud prevention and security | Account, IP, device data | Legitimate interest |
We rely on the following legal bases under GDPR Article 6:
We do not sell your personal data. We share data only with:
What you discuss in coaching sessions is confidential. Coaches on the ASCENDIC platform are bound by professional confidentiality obligations and ASCENDIC's Coach Terms. ASCENDIC does not access the content of coaching conversations. Session notes created by coaches are accessible only to the coach and, where shared, to the client. ASCENDIC staff do not have access to session content.
If you use the AI Advisor feature, anonymised and aggregated insights from your coaching goals and progress may be used to improve the AI system. This processing is subject to your explicit consent, which you can withdraw at any time in your account settings. Raw session notes are never used to train AI models without separate explicit consent.
The AI Advisor processes your coaching goals, session summaries (where shared by you or your coach), and in-app interactions to provide personalised guidance. This processing requires your explicit consent. The AI system is not used for automated decision-making that produces legal or significant effects — all matching and recommendations are suggestions that require human action.
We use the following types of cookies:
You can manage cookie preferences at any time via the cookie settings in your browser or the Platform settings menu.
Your data is primarily stored within the European Economic Area. Where data is transferred outside the EEA (e.g. certain cloud services), we ensure appropriate safeguards are in place — including EU Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account data (active) | Duration of account + 30 days | Service delivery |
| Account data (deleted) | 30 days after deletion request | Fraud prevention |
| Transaction records | 7 years | Legal / tax obligation (EU) |
| Session notes | Duration of coaching relationship + 2 years | Coach professional obligation |
| Analytics data | 24 months (aggregated) | Platform improvement |
| Marketing consent records | Until consent withdrawn + 3 years | Compliance documentation |
As a data subject in the EU/EEA, you have the following rights. To exercise any right, email petra.mesarichorvat@ascendic.ai — we will respond within 30 days.
Request a copy of all personal data we hold about you.
Correct inaccurate or incomplete personal data.
"Right to be forgotten" — request deletion of your data, subject to legal retention obligations.
Request that we limit processing of your data in certain circumstances.
Receive your data in a structured, machine-readable format to transfer to another service.
Object to processing based on legitimate interests or for direct marketing purposes.
Withdraw consent for any consent-based processing at any time, with effect going forward.
Lodge a complaint with your national data protection authority (e.g. AZOP in Croatia).
The ASCENDIC Platform is not directed at children under 18. We do not knowingly collect data from minors. If you believe we have collected data about a minor, please contact us immediately and we will delete it.
We implement appropriate technical and organisational measures to protect your data, including: TLS encryption for all data in transit; encryption at rest for sensitive data; access controls and authentication; regular security reviews; payment card data processed exclusively by Stripe (PCI-DSS compliant). In the event of a data breach that poses a high risk to your rights, we will notify you within 72 hours in accordance with GDPR Article 33.
Data protection enquiries: petra.mesarichorvat@ascendic.ai
Croatian supervisory authority: Agencija za zaštitu osobnih podataka (AZOP) — azop.hr
EU Online Dispute Resolution: ec.europa.eu/consumers/odr