1. INTRODUCTION

This Privacy Policy describes how hicoachkai LLC / EIN: 32-0803106 (we, our or us), a limited liability company organized under the laws of Wyoming, United States, collects, uses, and protects your personal information when you visit our website at hicoachkai.com or use our services.

Effective Date: July 08, 2025 Contact: Kai Tai Kevin Qiu

2. INFORMATION WE COLLECT

Personal Information You Provide

We may collect the following personal information when you voluntarily provide it:

Name, email address, phone number

Billing and shipping addresses

Payment information (processed securely through third-party processors)

Communication preferences and feedback

professional background and goals (for coaching services)

Any information you provide in forms, surveys, or communications

Information Automatically Collected

When you visit our website, we automatically collect:

IP address and general location information

Browser type, device information, and operating system

Pages visited, time spent, and navigation patterns

Referring website and search terms used

Cookies and similar tracking technologies

Third-Party Information

We may receive information about you from third-party sources such as:

Social media platforms (if you connect your accounts)

Payment processors and financial institutions

Marketing and analytics service providers

Public databases and directories

3. HOW WE USE YOUR INFORMATION

We use your personal information for the following business purposes:

Service Delivery

Providing coaching, consulting, or other professional services

Processing transactions and managing your account

Communicating with you about our services

Customizing your experience and content

Business Operations

Improving our website and services

Conducting analytics and research

Managing customer relationships

Preventing fraud and ensuring security

Marketing Communications

Sending newsletters and promotional materials (with your consent)

Providing information about new services or offerings

Conducting customer surveys and feedback collection

Legal Compliance

Complying with applicable laws and regulations

Responding to legal requests and law enforcement

Protecting our rights and interests

Enforcing our terms and conditions

4. LEGAL BASIS FOR PROCESSING

We process your personal information based on:

Consent: When you explicitly agree to specific processing activities

Contractual Necessity: To fulfill our obligations under service agreements

Legitimate Business Interests: For business operations, analytics, and improvements

Legal Compliance: To comply with applicable laws and regulations

5. INFORMATION SHARING AND DISCLOSURE

Service Providers

We may share your information with trusted third-party service providers who assist us with:

Payment processing (Stripe, PayPal, etc.)

Email marketing and communications

Website hosting and cloud storage

Analytics and performance monitoring

Customer support services

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to appropriate confidentiality agreements.

Legal Requirements

We may disclose your information when required by law or in good faith belief that such disclosure is necessary to:

Comply with legal processes or government requests

Protect and defend our rights and property

Investigate potential violations of our terms

Protect the safety of our users or the public

With Your Consent

We may share your information for other purposes with your explicit consent.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. INTERNATIONAL DATA TRANSFERS

Cross-Border Processing

As a U.S.-based business serving international clients, your personal information may be transferred to and processed in the United States and other countries where our service providers operate.

Safeguards for International Transfers

When transferring data internationally, we implement appropriate safeguards including:

Standard contractual clauses with service providers

Adequacy decisions where available

Your explicit consent for specific transfers

Technical and organizational security measures

7. STATE-SPECIFIC PRIVACY RIGHTS

California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights:

Right to Know: Request information about personal information we collect, use, and share

Right to Delete: Request deletion of your personal information

Right to Correct: Request correction of inaccurate personal information

Right to Opt-Out: Opt-out of the sale or sharing of personal information (we do not sell personal information)

Right to Limit Sensitive Personal Information: Limit the use of sensitive personal information

Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

Virginia Residents (VCDPA)

Virginia residents have similar rights to access, correct, delete, and obtain a copy of their personal information, as well as opt-out of certain processing activities.

Colorado Residents (CPA)

Colorado residents have rights to access, correct, delete, and port their personal information, as well as opt-out of certain processing.

Connecticut Residents (CTDPA)

Connecticut residents have rights similar to other state privacy laws regarding access, correction, deletion, and opt-out.

Other States

We monitor developments in state privacy laws and will update this policy as new regulations take effect.

8. INTELLECTUAL PROPERTY RIGHTS

Unless otherwise indicated, we own or license all rights, title and interest (including intellectual property rights) in our Site and all of the Content. You must not:

(a) copy or use, in whole or in part, any Content without permission;

(b) reproduce, retransmit, distribute, disseminate, sell, publish, broadcast or circulate any Content to any third party;

(c) reverse engineer, decompile, or disassemble any software or technology on our Site;

(d) remove or alter any copyright, trademark, or other proprietary notices; or

(e) breach any intellectual property rights connected with our Site or the Content.

8. EUROPEAN UNION RESIDENTS (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

Enhanced Rights

Right of Access: Obtain copies of your personal data

Right of Rectification: Correct inaccurate or incomplete data

Right of Erasure: Request deletion of your personal data

Right to Restrict Processing: Limit how we process your data

Right to Data Portability: Receive your data in a portable format

Right to Object: Object to processing based on legitimate interests

Rights Related to Automated Decision-Making: Protection against automated profiling

Legal Basis for EU Processing

We process EU residents' data based on:

Consent for marketing and non-essential services

Contractual necessity for service delivery

Legitimate interests for business operations

Legal compliance where required

Data Transfers from EU

We ensure adequate protection for EU data through:

Standard Contractual Clauses approved by the European Commission

Adequacy decisions where available

Your explicit consent for specific transfers

9. PAYMENT INFORMATION SECURITY

PCI DSS Compliance

We comply with the Payment Card Industry Data Security Standard (PCI DSS) when handling payment card information. We use certified payment processors and implement industry-standard security measures.

Secure Payment Processing

All payment transactions are encrypted using SSL/TLS technology

We use tokenization to avoid storing actual card numbers

Payment data is processed by PCI-compliant third-party providers

We maintain minimal payment information necessary for business purposes

10. DATA RETENTION

We retain your personal information for the following periods:

Customer Data

Active customers: For the duration of the business relationship plus 3 years

Former customers: 7 years for tax and business record purposes

Marketing contacts: Until you unsubscribe or request deletion

Website Data

Analytics data: 26 months (Google Analytics default)

Server logs: 12 months

Cookie data: As specified in our cookie settings

Legal Requirements

Tax records: 7 years as required by IRS regulations

Employment records: As required by federal and state laws

Dispute-related records: Until resolution plus applicable statute of limitations

11. DATA SECURITY

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

Encryption of data in transit and at rest

Secure hosting with reputable cloud providers

Regular security updates and patches

Multi-factor authentication for administrative access

Firewall and intrusion detection systems

Organizational Safeguards

Employee training on data protection

Access controls and need-to-know principles

Regular security audits and assessments

Incident response procedures

Confidentiality agreements with employees and contractors

Data Breach Response

In the event of a data breach, we will:

Contain and assess the breach within 24 hours

Notify affected individuals without unreasonable delay

Report to relevant authorities as required by law

Take remedial actions to prevent future incidents

12. YOUR PRIVACY CHOICES

Email Communications

Unsubscribe from marketing emails using the link in each email

Contact us directly to opt-out of all communications

Update your communication preferences in your account settings

Cookies and Tracking

Adjust cookie settings through your browser preferences

Opt-out of Google Analytics tracking

Use browser "Do Not Track" settings (where supported)

Account Information

Update your account information through our website

Request deletion of your account and associated data

Download your personal information in a portable format

13. CHILDREN'S PRIVACY

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

For children between 13 and 18, we require parental consent before collecting personal information for marketing purposes.

14. COOKIES AND TRACKING TECHNOLOGIES

Types of Cookies We Use

Essential Cookies: Necessary for website functionality and security

Performance Cookies: Help us analyze website usage and performance

Functionality Cookies: Remember your preferences and settings

Advertising Cookies: Used for targeted advertising (with your consent)

Third-Party Tracking

We may use third-party services such as:

Google Analytics for website analytics

Facebook Pixel for advertising optimization

Payment processor tracking for fraud prevention

Customer service tools for support functionality

Managing Cookies

You can control cookies through:

Browser settings and preferences

Our cookie consent banner

Third-party opt-out tools

Industry opt-out pages

15. UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically to reflect:

Changes in our business practices

Updates to applicable privacy laws

New features or services we offer

Feedback from users and regulators

We will notify you of material changes by:

Posting the updated policy on our website

Sending email notifications to registered users

Updating the "Last Updated" date at the top of this policy

16. CONTACT INFORMATION

For privacy-related questions, concerns, or to exercise your rights, please contact us:

hicoachkai LLC – EIN: 32-0803106 Privacy Contact: Kai Tai Kevin Qiu

Email: [email protected]

Response Time: We will respond to privacy requests within 45 days (or as required by applicable law).

Last updated: July 08, 2025