AIPEIA CONSULTING
Artemis Evangelidis trading as Aipeia Consulting
Privacy Policy
How Aipeia Consulting collects, uses and protects your personal information
Effective / Last updated: 26 May 2026
1. Introduction
Aipeia Consulting respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how Artemis Evangelidi trading as Aipeia Consulting (ABN 72610242420) (Aipeia, we, us or our) collects, uses, discloses, stores and protects personal information when you visit www.aipeia.com (the Site), purchase products, book or participate in our services, programs, retreats or events, download our resources, or otherwise interact with us.
We handle personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Because we serve clients worldwide, this Policy also addresses our obligations to individuals in the European Economic Area (EEA) and United Kingdom under the General Data Protection Regulation (GDPR) and UK GDPR, and to California residents under the California Consumer Privacy Act (CCPA/CPRA). Where these laws apply to you, the relevant sections below set out additional rights.
By using the Site and our services you acknowledge this Privacy Policy. If you do not agree, please do not use the Site or provide us with your personal information.
2. Who is responsible for your information
Aipeia Consulting is the data controller responsible for the personal information described in this Policy. For privacy enquiries, requests or complaints, contact us using the details in clause 16.
3. The personal information we collect
Depending on how you interact with us, we may collect the following categories of personal information:
- Identity and contact details: name, email address, telephone number, postal or billing address, employer or organisation, role or job title.
- Transaction and order information: products, services, programs or retreats purchased, order history, amounts paid, and billing details. Card payments are processed by our payment providers; we do not store full payment card numbers.
- Booking and scheduling information: appointment times, session preferences and details you provide when booking via our scheduling tools.
- Coaching, program and retreat information: information you choose to share in coaching, advisory, training or retreat contexts, which may include goals, professional circumstances, dietary requirements and, where you volunteer it, health or wellbeing information. We treat health information as sensitive information and only collect it with your consent and where reasonably necessary.
- Diagnostic and assessment information: responses and results from tools such as the Leadership Archetype Diagnostic Tool, where you choose to use them.
- Communications and marketing data: your enquiries, correspondence, feedback, testimonials, survey and form responses, and your marketing preferences and consents.
- Technical and usage data: IP address, device and browser type, operating system, referring pages, pages visited, and interactions with the Site, collected through cookies and analytics (see clause 5).
You do not have to provide personal information to us, but if you do not we may be unable to provide the Site, products or services you request. Where lawful and practicable, you may deal with us anonymously or using a pseudonym for general enquiries.
4. How we collect personal information
We collect personal information:
- directly from you — when you contact us, make an enquiry, book a session, purchase a product or service, register for a program or retreat, complete a form, download a resource (such as our free workbook), subscribe to communications, or participate in our services;
- automatically — through cookies, analytics and server logs when you use the Site; and
- from third parties — such as our website, booking, payment, email and analytics service providers, referrals, publicly available sources and social media platforms where you interact with us.
5. Cookies and analytics
The Site is hosted on Squarespace and uses cookies and similar technologies to operate the Site, remember your preferences, maintain your shopping cart and session, and understand how the Site is used. We may use analytics tools to collect aggregated and individual usage information.
You can control or disable cookies through your browser settings, although some features of the Site may not function properly without them. Where required by law (for example, in the EEA and UK), we will seek your consent for non-essential cookies through a cookie banner or similar mechanism.
6. How and why we use your personal information
We use personal information to:
- provide, manage and deliver the Site, products, services, programs, retreats and events you request, and process your orders, bookings and payments;
- communicate with you, respond to enquiries, and provide customer and client support;
- personalise and improve our services, content and the Site, and conduct research and analysis;
- send you marketing communications, newsletters and information about our services where you have subscribed or where otherwise permitted by law (you can opt out at any time);
- administer our business, including accounting, record-keeping, security, and managing risk;
- comply with our legal, regulatory, tax and professional obligations, and to establish, exercise or defend legal claims; and
- with your consent, for any other purpose notified to you at the time of collection.
7. Legal bases for processing (EEA / UK)
If you are in the EEA or UK, we rely on the following legal bases under the GDPR / UK GDPR:
- Performance of a contract — to provide the products and services you request and manage our relationship with you;
- Legitimate interests — to operate, improve, secure and market our business, where not overridden by your rights;
- Consent — for certain marketing, non-essential cookies, and the collection of sensitive information (such as health information). You may withdraw consent at any time; and
- Legal obligation — to comply with applicable laws, including tax, accounting and regulatory requirements.
8. Marketing communications
Where you have subscribed or where otherwise permitted, we may send you marketing communications about our services, programs, retreats, events and resources. In accordance with the Australian Spam Act 2003 and equivalent laws, every marketing email includes an unsubscribe facility, and you can opt out at any time by using that facility or by contacting us. We will action opt-out requests promptly. Opting out of marketing does not affect service-related communications (such as booking confirmations and transactional messages).
9. Disclosure of personal information
We do not sell your personal information. We may disclose personal information to:
- Service providers and processors who help us operate our business, including our website host (Squarespace), scheduling and form tools (Microsoft Bookings and Microsoft Forms), payment processors, email and marketing platforms, video hosting providers, cloud storage and analytics providers, who are authorised to use it only to provide services to us;
- Professional advisers such as accountants, insurers and lawyers, where reasonably necessary;
- Authorities and third parties where required or authorised by law, to enforce our terms, or to protect the rights, safety or property of any person; and
- A successor entity in connection with a sale, restructure or transfer of our business, subject to appropriate confidentiality protections.
10. International data transfers
We are based in Australia, and our service providers may store or process personal information in Australia, the United States, the European Union and other countries. This means your personal information may be transferred to, and handled in, jurisdictions with different data protection laws to your own.
Where we transfer personal information out of the EEA or UK, we put in place an appropriate transfer mechanism such as the European Commission’s Standard Contractual Clauses (and the UK Addendum), or rely on another lawful basis. In accordance with Australian Privacy Principle 8, we take reasonable steps to ensure overseas recipients handle your information consistently with the APPs. You may contact us for more information about these safeguards.
11. Data security
We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure, including through our choice of reputable platforms, access controls and secure transmission where appropriate. However, no method of transmission or storage over the internet is completely secure, and we cannot guarantee absolute security. You are responsible for keeping any account credentials confidential.
12. Data retention
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including to provide our services, maintain business and financial records, and meet legal, tax, accounting and regulatory obligations (which may require retention for a number of years), and to establish, exercise or defend legal claims. When information is no longer required, we take reasonable steps to destroy or de-identify it.
13. Your privacy rights — Australia
Under the Australian Privacy Principles, you may request access to the personal information we hold about you and ask us to correct it if it is inaccurate, out of date, incomplete, irrelevant or misleading. We will respond within a reasonable period and may need to verify your identity. We will generally provide access except where an exception under the Privacy Act applies, and we will tell you if a fee applies for access.
14. Your privacy rights — EEA / UK (GDPR)
If you are in the EEA or UK, you have the following rights in relation to your personal information, subject to conditions and exemptions under the GDPR / UK GDPR:
- the right to access your personal information and obtain a copy;
- the right to rectification of inaccurate or incomplete information;
- the right to erasure (“right to be forgotten”) in certain circumstances;
- the right to restrict or object to processing, including direct marketing;
- the right to data portability;
- the right to withdraw consent at any time, without affecting prior lawful processing; and
- the right to lodge a complaint with your local supervisory authority (in the UK, the Information Commissioner’s Office).
To exercise these rights, contact us using the details in clause 16. We will respond within the timeframes required by law.
15. Your privacy rights — California (CCPA/CPRA)
If you are a California resident, you have the right to know what personal information we collect, use and disclose; to request access to and deletion of your personal information; to correct inaccurate personal information; and to be free from discrimination for exercising your rights. We do not sell or share your personal information for cross-context behavioural advertising in exchange for money, and we honour valid opt-out signals where applicable. You may exercise these rights, including through an authorised agent, by contacting us using the details in clause 16; we will verify your request before responding.
16. How to contact us and make a complaint
To make a privacy enquiry, exercise your rights, or make a complaint about how we have handled your personal information, contact us at:
Aipeia Consulting — Artemis Evangelidis trading as Aipeia Consulting
Email: aevangelidi@aipeia.com | Telephone: +61 483 892 155 | Melbourne, Victoria, Australia
We will acknowledge your complaint and aim to respond within a reasonable period (and within any period required by law). If you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au. Individuals in the EEA or UK may complain to their local data protection supervisory authority.
17. Notifiable data breaches
If a data breach occurs that is likely to result in serious harm to affected individuals, we will assess the breach and notify affected individuals and the relevant regulator (such as the OAIC, and supervisory authorities under the GDPR / UK GDPR) where required by law, and take steps to contain and remediate the breach.
18. Children’s privacy
Our Site and services are intended for adults and are not directed at children under 18 (or under 16 in the EEA/UK for the purposes of consent). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.
19. Third-party links
The Site may contain links to third-party websites, platforms and social media (including Facebook, LinkedIn and Instagram). We are not responsible for the privacy practices or content of those third parties, and we encourage you to review their privacy policies.
20. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology or the law. The current version is indicated by the “Last updated” date at the top. Material changes will be posted on the Site and, where appropriate, notified to you. Your continued use of the Site after changes are posted constitutes acceptance of the updated Policy.