Privacy Policy
Last Updated: 7 May 2026.
The Well-Nest Collective Co
ABN: 58 828 356 586
Aimee Presnall, Sole Trader
1/299 Elizabeth Street, Sydney NSW 2000, Australia
1. Introduction
This Privacy Policy outlines how The Well-Nest Collective Co (“we”, “our”, or “us”) collects, uses, stores, and protects your personal information. Aimee Presnall, trading as The Well-Nest Collective Co, is the data controller for the personal information described in this Policy. By accessing or using our services, including coaching, retreats, workshops, and keynote speaking engagements, you consent to the practices described in this Policy.
This Policy is designed to comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), the EU General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), and US state consumer privacy laws (including but not limited to the California Consumer Privacy Act).
This Policy works in conjunction with our Terms of Service.
2. What Data We Collect
We may collect and process the following types of personal information:
- Name, email address, phone number
- Role, school or organisation, location
- Notes from coaching sessions
- Session recordings (where you have consented), processed by Zoom, Fathom, or similar tools. Fathom uses automated AI summarisation on the recording to produce structured notes; the recording and notes are stored only in our private workspace
- Feedback, testimonials, and reflection responses
- Payment and billing information (via Stripe)
- Communication preferences and engagement history
We do not engage in automated decision-making or profiling.
2A. Working with Schools and Information About Children
We work with school leaders in K-12 settings. Our services are not directed to individuals under 18, and we do not knowingly collect personal information directly from minors.
In the course of coaching, school leaders may discuss situations involving specific students, staff, or parents. We treat all such information as confidential, do not retain identifying detail beyond what is required for the engagement, and limit any secondary use to anonymised reflection only.
Aimee Presnall holds a current NSW Working with Children Check (number WWC0022153E). Confidentiality is subject to the mandatory reporter and reportable conduct obligations of the relevant Australian state or territory. If, during a session, we become aware of a current or imminent risk of significant harm to a child or young person, we may be required by law to report that to the relevant authority (for example, under the NSW Children and Young Persons (Care and Protection) Act 1998 or its equivalent in the client's jurisdiction). We will follow that obligation in preference to our duty of confidentiality where there is a conflict.
3. How We Use Your Data
Your personal data is used to:
- Provide and personalise coaching and facilitation services
- Maintain communication, scheduling, and session reminders
- Where you have consented, record coaching sessions for continuity, accountability, and progress tracking
- Issue invoices and manage billing
- Improve our services through internal review and anonymised analysis
- Create public-facing insights (for example, social media posts, blog content) using anonymised, non-identifiable themes only
- Send newsletters and updates, which you may opt out of at any time. All commercial electronic messages comply with the Spam Act 2003 (Cth)
We do not sell or share your personal data for advertising or profiling purposes.
4. Sensitive Information
Coaching discussions may include sensitive topics such as stress, burnout, mental wellbeing, and personal challenges. While we treat all data with care and confidentiality, this information is not collected for medical or diagnostic use. We do not ask for nor store information on race, religion, sexual orientation, or political opinion unless explicitly shared by you in a coaching context.
We are not registered with the Australian Health Practitioner Regulation Agency (AHPRA), are not a registered health service, and our records are not health records under the My Health Records Act 2012 (Cth). Our services are not a substitute for psychological or medical care.
5. Legal Basis for Processing (GDPR and UK GDPR)
Where applicable, we rely on the following legal bases to process your personal data:
- Performance of a contract with you (Article 6(1)(b))
- Your consent (Article 6(1)(a))
- Our legitimate interests (Article 6(1)(f)), including improving services, secure communication, and maintaining the safety of the engagement
- Compliance with legal obligations (Article 6(1)(c))
For special-category data (including data concerning health or mental wellbeing within the meaning of Article 9 GDPR), we rely on your explicit consent under Article 9(2)(a), which is captured in your engagement letter.
6. Consent and Data Subject Rights
You have the right to:
- Request access to the personal information we hold about you
- Request correction or deletion of your data
- Withdraw consent at any time (subject to any contractual obligations)
- Request copies of session recordings (where applicable)
- Object to or restrict certain processing
- Where your data has been provided in machine-readable form, request data portability
- Opt out of any email or marketing communications
To exercise these rights, email aimee@well-nest.com.au. We will respond within 30 days.
7. Data Storage and Security
We store your data securely using trusted third-party tools, including:
- Google Workspace (email, documents, drive)
- Zoom and Fathom (session delivery and AI-generated notes)
- Stripe (payments)
- Calendly (scheduling)
- Beehiiv (newsletter)
- Vercel (website hosting)
- Buzzsprout (podcast hosting)
- HubSpot (customer relationship management)
- Canva (design tooling)
We take reasonable steps to prevent loss, misuse, or unauthorised access to your data. While we use secure platforms, we are not responsible for any breach or outage caused by third-party providers.
8. Data Retention
We retain personal data only as long as necessary to fulfil the purposes of our services. Session recordings and notes may be retained for up to 24 months for continuity and professional tracking, unless you request deletion earlier. Billing records will be kept as required by Australian taxation law (currently 5 years).
9. International Clients and Cross-Border Data Transfers
We are based in Australia and process personal data in Australia. If you are located outside Australia, your data will be transferred to and processed in Australia.
For clients in the European Economic Area:the European Commission has not issued an adequacy decision for Australia. We rely on the European Commission's Standard Contractual Clauses (SCCs) as the lawful transfer mechanism, incorporated into your engagement letter.
For clients in the United Kingdom: we rely on the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs as the lawful transfer mechanism, incorporated into your engagement letter.
Our processing of EU and UK resident data is occasional, small in scale, and limited to delivering coaching, retreat, workshop, or keynote services on request. On that basis, we have not appointed a representative under Article 27 of the GDPR or UK GDPR. We have not appointed a Data Protection Officer. If your engagement requires either, please tell us before signing.
We do not export, license, or transmit personal data to countries under international sanctions.
10. EU and UK Residents, Your Rights
If you are a resident of the EU or UK, you have the rights set out in clause 6 above and the additional right to lodge a complaint with your local data protection authority. In Australia, you may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
11. US Residents, Your Rights
If you are a resident of a US state with a comprehensive consumer privacy law (including but not limited to California, Virginia, Colorado, Connecticut, Texas, Utah, Oregon, and other states with similar legislation), you may have additional rights including access, deletion, correction, portability, and the right to opt out of sale or targeted advertising. We do not sell or share personal data for advertising or targeted advertising. To exercise these rights, contact us at aimee@well-nest.com.au.
12. Children's Data
See clause 2A above for the full position on children's data in the context of school engagements. Our services are not directed to individuals under 18. If you are a parent or guardian and believe we hold information about a child outside the scope described in clause 2A, please contact us and we will take steps to delete it.
13. Breach Notification
If we become aware of a breach involving your personal data, we will notify you and the relevant regulator (where required) as soon as reasonably possible, in accordance with the Notifiable Data Breaches scheme under the Australian Privacy Act 1988 (Cth) and any other applicable regulations.
14. Cookies and Analytics
Our website may use cookies and basic analytics tools to understand usage trends. You can disable cookies through your browser settings. Where required, we will obtain your consent before deploying non-essential cookies.
15. Updates to this Policy
We may update this Privacy Policy from time to time. Any updates will be posted on our website, and continued use of our services indicates your acceptance of the revised terms.
16. Complaints and Contact
For any privacy-related inquiries, data access requests, or complaints, contact:
Aimee Presnall
aimee@well-nest.com.au
The Well-Nest Collective Co
ABN: 58 828 356 586
1/299 Elizabeth Street, Sydney NSW 2000, Australia
If you believe we have not handled your personal information in accordance with the Privacy Act 1988 (Cth) or Australian Privacy Principles, you may contact us first using the details above. If unresolved, you have the right to complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.