Privacy Policy Intimacy Coach Annika

Last updated: April 24, 2026

Summary

At Intimacy Coach Annika, we take your privacy seriously. In this privacy policy, we explain what personal data we collect, why we do it, how we protect it, and what your rights are. We process special categories of personal data (about intimacy and relationships) and do so only with your explicit consent and with the utmost care.

Table of Contents

1. Who are we?

Intimacy Coach Annika is the trade name of the coaching practice of Annika de Groot, located in the Netherlands.

  • Controller: Annika de Groot
  • Websites: verlangenterug.nl, intimiteitscoachannika.nl
  • Web application: proefweek.ontvlammen.nl and ontvlammen.nl
  • Emails: info@verlangenterug.nl, annika@verlangenterug.nl, info@intimiteitscoachannika.nl
  • Chamber of Commerce number: 86549596

Annika de Groot is the data controller within the meaning of the General Data Protection Regulation (GDPR). This means she decides which personal data is collected, for what purpose, and in what way.

Given the scope of the processing, appointing a Data Protection Officer (DPO) is currently not legally required. If this changes, the privacy policy will be updated.

2. What personal data do we collect?

We collect the following categories of personal data:

2.1 Ordinary personal data

(See the full terms and conditions for specific data)

2.2 Special categories of personal data

(See the full terms and conditions for specific data)

Note: We collect this sensitive data solely with your explicit consent and use it only to help you better. See section 5 for more information.

3. What do we use your data for?

We use your personal data for the following purposes:

(See the full terms and conditions for specific purposes)

The GDPR requires us to have a legal basis for every processing. Below is the applicable basis per processing:

4.1 Performance of a contract (Art. 6(1)(b) GDPR)

  • Executing the coaching program
  • Providing access to the web application and online programs
  • Processing payments
  • Scheduling appointments
  • Communication about your coaching program

4.2 Consent (Art. 6(1)(a) GDPR)

  • Sending email newsletters and marketing messages
  • Placing non-essential cookies (analytical, marketing)
  • Sending WhatsApp follow-up messages
  • Processing special categories of personal data (see also Art. 9(2)(a) GDPR)

4.3 Legitimate interest (Art. 6(1)(f) GDPR)

  • Website security and fraud prevention
  • Improving our services and website
  • Keeping basic statistics on website usage

4.4 Legal obligation (Art. 6(1)(c) GDPR)

  • Tax administration and accounting (retention period 7 years)

5. Special categories of personal data

Why do we process special categories of personal data?

Our coaching services focus on intimacy, relationships, and sexuality. As a result, we process data that is classified as special categories of personal data under the GDPR (Art. 9 GDPR). This specifically concerns:

  • Data concerning sexual behavior and sexual orientation: Answers to the Desired Man Score scan, Magnetic Woman scan, intake interviews in the platform, coaching session notes regarding intimacy and sexuality
  • Health data: Information about emotional well-being that you share during sessions

How do we handle this?

  1. Explicit consent: We process this data exclusively based on your explicit, prior consent (Art. 9(2)(a) GDPR). Before you fill out the scan or after you have filled out the scan or start a coaching program, we explicitly ask for your consent for the processing of this sensitive data.
  2. Minimal processing: We only collect the special data that is strictly necessary for the coaching program.
  3. Limited access: Only Annika de Groot has access to coaching notes and scan results. These are not shared with third parties, unless separate consent has been given for this.
  4. Encrypted storage: Special categories of personal data are stored encrypted and separated from ordinary personal data where possible.
  5. Withdrawal of consent: You can withdraw your consent at any time. This does not have retroactive effect, but we will delete the data after withdrawal, unless a legal retention period applies.

Data Protection Impact Assessment (DPIA)

Due to the processing of special categories of personal data, we have conducted a Data Protection Impact Assessment (DPIA) in accordance with Art. 35 GDPR. This maps out the risks of the processing and the measures taken to mitigate these risks. The DPIA is reviewed periodically.

6. Who do we share your data with?

We share your personal data with the following parties (processors and recipients):

(See the full terms and conditions for specific processors)

Data Processing Agreements have been concluded with all processors in accordance with Art. 28 GDPR, in which agreements have been made about the security, confidentiality, and use of your data.

We never sell your personal data to third parties.

7. Transfer outside the EU/EEA

A number of our processors are located in the United States. This means that your personal data may be processed outside the European Economic Area (EEA). We implement the following safeguards for this:

7.1 EU-US Data Privacy Framework

GoHighLevel and Stripe are certified under the EU-US Data Privacy Framework (adequacy decision of the European Commission, July 2023). This means that the European Commission has determined that these parties offer an adequate level of protection.

7.2 Standard Contractual Clauses (SCCs)

In addition, Standard Contractual Clauses (SCCs) have been agreed with processors in the US, the model contract clauses approved by the European Commission that offer additional protection for the transfer of personal data.

7.3 Additional measures

Where necessary, we take additional technical and organizational measures, such as encryption of data during transport and storage, to ensure an adequate level of protection.

7.4 Transfer Impact Assessment

We have conducted a Transfer Impact Assessment (TIA) to assess whether the law and practice in the US undermine the effectiveness of the protection measures. Based on this assessment and the applicable adequacy decisions and SCCs, we consider the transfer permissible.

Note: The adequacy decision for the US is periodically reviewed by the European Commission. Should changes occur, we will adjust our safeguards accordingly.

8. How long do we keep your data?

We do not keep your personal data longer than necessary for the purpose for which they were collected, unless a longer retention period is legally required.

(See the full terms and conditions for specific retention periods)

9. Cookies and tracking

9.1 What are cookies?

Cookies are small text files that are placed on your device when you visit our website. They help the website to function properly and provide us with information about how the website is used.

9.2 Which cookies do we use?

(See the full terms and conditions for specific cookies)

9.3 Consent

Pursuant to Article 11.7a of the Telecommunications Act, we ask for your consent before we place analytical and marketing cookies. Necessary cookies are placed without consent, as these are essential for the functioning of the website.

You can change your cookie preferences at any time via the cookie settings on our website or by adjusting your browser settings.

9.4 localStorage

Our web application stores certain data in the localStorage of your browser (such as progress of exercises). This data remains locally on your device and is not sent to our servers. You can delete this data via your browser settings.

9.5 Meta Pixel

We use the Meta Pixel to measure the effectiveness of our advertisements on Facebook and Instagram. The Meta Pixel collects data about your website visit and shares it with Meta. Meta can use this data for its own purposes in accordance with Meta's privacy policy. We only place the Meta Pixel after your consent.

10. Your rights

Under the GDPR, you have the following rights regarding your personal data:

10.1 Right of access (Art. 15 GDPR)

You have the right to know what personal data we process about you and to request a copy of it.

10.2 Right to rectification (Art. 16 GDPR)

Is your data incorrect or incomplete? You have the right to ask for correction or addition.

10.3 Right to erasure (Art. 17 GDPR)

You have the right to request the erasure of your personal data. We will comply with this, unless we have a legal obligation to keep the data.

10.4 Right to restriction of processing (Art. 18 GDPR)

You can ask to temporarily restrict the processing of your data, for example if you dispute the accuracy of the data.

10.5 Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer it to another service provider.

10.6 Right to object (Art. 21 GDPR)

You can object to the processing of your data based on legitimate interest. You can also object at any time to the use of your data for direct marketing.

10.7 Right to withdraw consent

Where the processing is based on your consent, you can withdraw it at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.

10.8 Right regarding automated decision-making (Art. 22 GDPR)

We do not make decisions about you based solely on automated processing (including profiling) that have legal effects on you or similarly significantly affect you. The quiz results are solely used as a starting point for conversation and not for automated decision-making.

How do you exercise your rights?

Send an email to info@intimiteitscoachannika.nl with a clear description of your request. We will respond to your request within 1 month. In exceptional cases, this period may be extended by 2 months, of which we will inform you in a timely manner.

We may ask you to identify yourself before we process your request, to prevent data from being provided to the wrong person.

11. Security

We take the protection of your data seriously and take appropriate technical and organizational measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized modification. Our measures include:

  • Encryption: All data transfer takes place via secure connections (SSL/TLS). Special categories of personal data are stored encrypted.
  • Access management: Only Annika de Groot has access to coaching notes and sensitive client data. Access to systems is secured with strong passwords and where possible two-factor authentication (2FA).
  • Processor security: All processors (GoHighLevel, Stripe, etc.) comply with appropriate security standards and are contractually obliged to adequate security.
  • Awareness measures: We keep our knowledge of privacy legislation and security risks up to date.
  • Incident management: In the event of a data breach, we follow the reporting obligation of the GDPR. Data breaches are reported to the Dutch Data Protection Authority within 72 hours and, if necessary, to the data subjects.

12. Changes to this privacy policy

We may amend this privacy policy from time to time, for example in response to new legislation, changed services, or new insights. The most current version is always available on our website.

In the event of substantial changes, we will inform you about this via email or via a notification on the website. We recommend that you consult this privacy policy regularly.

The date of the last change is at the top of this document.

Future legislation

We follow the developments surrounding the following legislation and adjust our privacy policy and processing as soon as they come into effect:

  • ePrivacy Regulation: The proposal was withdrawn in February 2025. The European Commission is working on a revision of the cookie policy, possibly via integration into the GDPR. We follow these developments.
  • AI Act (EU AI Regulation): Should Intimacy Coach Annika use AI systems for the processing of personal data in the future, we will comply with the requirements of the AI Act.
  • Data Act: The European Data Act may have consequences for data sharing. We monitor the impact of this on our services.

13. Complaints and supervisory authority

Do you have a complaint about how we handle your personal data? Please contact us first via info@intimiteitscoachannika.nl. We are happy to look for a solution together with you.

Can't we figure it out together? Then you have the right to file a complaint with the supervisory authority:

Dutch Data Protection Authority (Autoriteit Persoonsgegevens)
Postbus 93374, 2509 AJ Den Haag
Telephone: +31 (0)88 - 1805 250
Website: www.autoriteitpersoonsgegevens.nl

For data subjects outside the Netherlands: you can also file a complaint with the supervisory authority in your own EU member state.

Contact Details

For questions about this privacy policy or about the processing of your personal data, you can contact:

Intimacy Coach Annika
Annika de Groot
Email: info@intimiteitscoachannika.nl
Website: intimiteitscoachannika.nl

This privacy policy has been drawn up in accordance with the General Data Protection Regulation (GDPR), the Dutch GDPR Implementation Act (UAVG), the Dutch Telecommunications Act (Art. 11.7a), and the guidelines of the Dutch Data Protection Authority and the European Data Protection Board (EDPB).

We use cookies to give you the best experience on our website. Functional cookies are necessary for the site to work properly. Analytical and marketing cookies are only placed with your consent.

Set preferences