Privacy Policy

Last Updated: 11 September 2025

At Generative Leadership (GL), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you engage with our website and services. By accessing www.generativeleadership.co, you consent to the practices outlined in this policy.

1. What Information We Collect
   We may collect personal and behavioral data, including:
   
   • Name, job title, and company affiliation
   • Contact details, including email, phone, and mailing address
   • Demographic information (e.g., location, preferences, professional interests)
   • Behavioral and interaction data (e.g., page views, downloads, clicks)
   • Information related to customer surveys, offers, or learning platform usage
   • IP address and device/browser information
   • Payment information (processed securely through third-party providers)

   
   

2. Why We Collect Your Data
   We collect and use your data to:
   
   • Deliver personalized leadership development and training experiences
   • Provide access to our content, programs, and coaching services
   • Process transactions and manage your account
   • Improve our services, curriculum, and website functionality
   • Communicate program updates, offers, and thought leadership content
   • Conduct research and surveys to inform generative leadership development
   • Ensure compliance with applicable laws and policies
   • Provide customer support and respond to inquiries

3. Legal Basis for Processing
   We process personal data based on:
   
   • Consent: When you sign up, opt in, or provide explicit consent
   • Contract: To provide services you have requested or purchased
   • Legitimate Interest: For operational improvements, security, and direct communication
   • Legal Obligation: Where required by law or regulation

   
   

4. How We Store and Secure Your Information
   We use a combination of secure cloud platforms, encrypted databases, and access controls to store and protect your data. Our security measures include:
• Industry-standard encryption for data in transit and at rest
• Regular security audits and vulnerability assessments
• Access controls limiting data access to authorized personnel only
• Staff training on data protection and privacy principles

All vendors and systems used (e.g., CRM, learning platforms, payment processors) are required to comply with industry-standard data security protocols (ISO 27001, SOC 2, etc.).


5. Cookies & Tracking Technologies
   We use cookies and similar technologies to enhance your experience. For detailed information about our cookie usage, please see our separate [Cookie Policy].
   
   
6. Data Sharing
   We do not sell or lease your personal information. We may share data with:
   
   • Trusted partners and service providers under contract (e.g., LMS, CRM providers, payment processors)
   • Legal authorities, if required by law or to protect our rights
   • Coaches and faculty strictly for program delivery and support
   • Third-party analytics providers (in aggregated, non-identifiable form)

   
   All partners are contractually bound to safeguard your data and use it only for specified purposes.
   
   

7. Data Retention
   We retain your information only as long as necessary for the purposes described or to meet legal and contractual obligations. Specific retention periods include:
   
   • Account information: While your account is active, plus 5 years after closure
   • Marketing communications: Until you unsubscribe or opt out
   • Transaction records: 7 years as required by law 
   • Website analytics: 26 months in identifiable form
   • Email communications: 3 years for business records


You may request deletion at any time, subject to legal retention requirements.


8. Your Privacy Rights
   Depending on your state of residence, you may have the following rights:
   
   • Access, correct, or delete your personal information
   • Object to or restrict processing
   • Data portability (receive your data in a structured format)
   • Withdraw consent at any time
   • Opt-out of sale of personal information (where applicable)
   • File a complaint with a data protection authority
     
     

   To exercise these rights, contact us at: contact@generativeleadership.co

   We will respond within the timeframes required by applicable law (typically 30-45 days) and may need to verify your identity before processing your request.
   
   

9. Email Marketing and Communications
   We comply with the CAN-SPAM Act and other applicable laws regarding electronic communications:
   
   • Clear Identification: We clearly identify ourselves as the sender
   • Truthful Subject Lines: Our email subject lines accurately reflect the content
   • Physical Address: Our emails include our physical business address
   • Easy Unsubscribe: Every marketing email includes an easy way to unsubscribe
   • Prompt Processing: We process unsubscribe requests within 10 business days
   • No Deceptive Practices: We do not use misleading or deceptive practices

   You can unsubscribe from marketing emails at any time by clicking the unsubscribe link or contacting us directly.
   
   

10. International Data Transfers
    If you are outside the United States, please note that your data may be processed in the U.S. and other countries. We ensure appropriate safeguards are in place, including:
    
    • Standard Contractual Clauses for EU data transfers
    • Adequacy decisions where available
    • Other legally recognized transfer mechanisms
      
      
11. Children’s Privacy
    GL does not knowingly collect data from individuals under 18. If we learn we have received such data, we will delete it promptly. Parents or guardians may contact us for deletion requests.
    
    
12. Third-Party Links
    Our website may contain links to third-party websites, services, or applications. We are not responsible for their privacy practices. Please review their privacy policies separately before providing any personal information.
    
    
13. Colorado Privacy Act Compliance
    As a Colorado-based business, we comply with the Colorado Privacy Act (CPA). Colorado residents have additional rights, including:
    
    • Right to Correct: Request correction of inaccurate personal data
    • Opt-out of Profiling: Opt out of profiling that produces legal or significant effects
    • Universal Opt-out Signals: We recognize browser-based universal opt-out signals
    • Appeal Rights: Appeal our decisions regarding your privacy requests

    
    

14. Updates to This Policy
    We may update this policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Updates will be posted on this page with the new effective date. We recommend reviewing this policy regularly.
    
    For material changes, we will provide additional notice as appropriate, including email notification to registered users.

Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: contact@generativeleadership.co
Mail: Generative Leadership
12500 West 58th Avenue, Suite 229, Arvada, CO 80002

This Privacy Policy is effective as of September 11th, 2025, and governs the collection and use of information by Generative Leadership.