Last updated: 1 May 2026 · Effective Date: 1 May 2026
This Privacy Policy applies to all websites, applications, mobile apps, subdomains, memberships, services, and products operated by Elative Solutions OÜ, including but not limited to the following brands and domains:
All of the above are collectively referred to as the "Sites" and "Apps" throughout this document.
Elative Solutions OÜ is committed to protecting your privacy and ensuring the security of your personal information. By using the Sites or Apps, you acknowledge that you have read and accepted this Privacy Policy. If you do not agree, please discontinue use immediately.
Elative Solutions OÜ, a company registered in Estonia, acts as the Data Controller for personal data collected through our Sites and Apps. We are committed to compliance with GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), CPRA (California Privacy Rights Act), and PIPEDA (Personal Information Protection and Electronic Documents Act, Canada).
If you have any questions regarding your privacy, you may contact us at:
This section describes data handling specific to the Altitude Pulse mobile app (iOS and Android) and the Altitude Club mobile experience.
Mobile app data is processed by Supabase (database and authentication), OneSignal (push notifications), Microsoft Clarity (anonymised session analytics), and GoHighLevel (CRM enrichment). The full subprocessor list is in section 12.
We collect personal data including but not limited to contact information, customer transaction details, user data, technical data, and marketing preferences. We gather this data through direct interactions (such as when you sign up, purchase, or contact support), automated tracking (cookies and analytics), third-party service integrations, and publicly available sources.
Under GDPR, we process data based on contractual necessity, legitimate interest, consent, and legal obligations. Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process the following categories of personal data:
Any communication you send to us through contact forms, email, text, social media messaging, or any other channel. We process this data to respond to enquiries, maintain records, and comply with legal obligations.
Reflections, journal notes, CoPilot prompt responses, and other freeform content you write inside Altitude Pulse, Altitude Club, or CoPilot. Stored on your account and accessible only to you. Not used for model training, not shared, and not analysed by humans except where you explicitly request support involving that content.
Details related to purchases including your name, billing address, delivery address, email address, phone number, and payment details. We process this to supply the goods and services you have purchased and to maintain transaction records.
Data about how you use our Sites and Apps including interactions with content, session history, and engagement levels. We process this to improve user experience and platform functionality.
Where members use our platforms to manage their own coaching or consulting business, we may process data relating to their client contact records, funnel configurations, CRM settings, and automation sequences stored within the platform. This data is processed solely to provide the contracted service. Members retain full ownership of their own client data at all times.
IP addresses, login data, browser details, session lengths, device information, and analytics tracking. This helps us optimise our Sites and Apps and detect security threats.
Preferences regarding marketing communications, promotions, and advertising.
If you provide your phone number, we may use it to send SMS messages, WhatsApp messages, or AI-generated outbound communications based on your stated preferences.
We do not collect sensitive personal data including race, ethnicity, religious beliefs, biometric data, or criminal records.
We collect data in the following ways:
Our Sites use cookies and other tracking technologies to enhance functionality, improve user experience, and support marketing and analytics. When you first visit, a cookie consent banner allows you to accept or reject non-essential cookies. You can also manage cookie preferences through your browser settings.
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, enhance your browsing experience, and improve functionality. Cookies may be first-party (set by our Sites) or third-party (set by advertising or analytics providers).
Some cookies on our Sites are placed by third-party service providers including Google Analytics, Facebook Pixel, and payment providers. These third parties may use cookies in accordance with their own privacy policies, which we recommend reviewing.
You may adjust your browser settings to block or delete cookies, opt out of third-party tracking through https://optout.aboutads.info, or use our cookie consent banner to manage non-essential cookie preferences. If you disable certain cookies, some parts of our Sites may not function correctly.
We use Microsoft Clarity to record anonymised session interactions across our websites and mobile apps. Clarity captures taps, scrolls, screen views, page paths, and similar interaction signals, and produces session replays and heatmaps that help us identify confusing flows and broken interface elements.
Clarity does not capture the content of sensitive form fields such as passwords or payment information. We do not use Clarity to identify individual users by name, email, or other direct identifier.
For more information, see the Microsoft Privacy Statement.
We use OneSignal to deliver push notifications to the Altitude Pulse and Altitude Club mobile apps. When you allow notifications, OneSignal stores a device-level push token issued by Apple Push Notification service or Firebase Cloud Messaging. That token is linked to your account so we can deliver the right notification to the right device, and is removed when you uninstall the app or revoke notification permission in your device settings.
Push tokens are treated as personal identifiers under GDPR and Apple App Privacy guidance. For more information, see the OneSignal Privacy Policy.
Anonymous crash logs and app performance metrics are collected by iOS and Android system services to help us diagnose stability issues and prioritise performance work. This data includes information such as the type of device, operating system version, app version, and the technical context of a crash.
This crash and performance data is not linked to your identity and is treated as Diagnostic Data under Apple App Privacy disclosures.
We only send marketing communications with your explicit consent. We use double opt-in for email subscriptions. You may opt out at any time by clicking the unsubscribe link in any email or contacting us at [email protected].
SMS Opt-In: by opting in, you agree to receive text messages from us. You may unsubscribe at any time by replying STOP. Opting out of marketing communications will not affect essential service-related communications.
We use third-party advertising services including Meta (Facebook and Instagram Ads) and Google Ads to promote our products and services. These platforms may collect and process user data through technologies such as Facebook Pixel and Google Analytics.
If you prefer not to receive personalised advertising, you may opt out through:
For California Residents: submit a CCPA Opt-Out Request to [email protected] with your full name and account email. We will process your request within 30 days.
Elative Solutions OÜ uses GoHighLevel as the underlying CRM and technical infrastructure for CoachSuite Pro and Altitude Club. GoHighLevel is a third-party software-as-a-service platform that processes certain member and contact data on our behalf as a data processor.
Data processed within GoHighLevel infrastructure may include contact records, CRM entries, automation sequences, funnel configurations, email communications, and SMS messages. GoHighLevel operates servers in the United States. Data transfers from the EU to GoHighLevel are governed by Standard Contractual Clauses (SCCs) in compliance with GDPR and Schrems II requirements.
Members who store their own client data within the platform remain the data controller for that client data. Elative Solutions OÜ processes that data solely as a data processor acting on the member's instruction. Members are responsible for ensuring they have obtained appropriate consent from their own clients before uploading or storing client data within the platform.
We engage the following third-party service providers (subprocessors) to operate our Sites and Apps. Each subprocessor is bound by a Data Processing Agreement and processes data solely on our documented instructions.
Where data is transferred outside the European Economic Area, transfers are governed by Standard Contractual Clauses and supplementary safeguards.
We implement industry-standard security measures including data encryption, controlled access, and routine security audits. We retain personal data for the following periods:
Self-service deletion in the mobile app. You can permanently delete your account at any time from within the Altitude Pulse mobile app: Settings → Delete my account. Deletion is immediate and includes all profile data, daily reflections, gamification state, and session history stored against your account.
CRM contact records may be retained for legal and compliance reasons up to the periods listed in section 13. If you would like the CRM record deleted in addition to the app account, email [email protected] from the address associated with your account and we will action the request within one month.
You can also request deletion of any account or data record by emailing [email protected] at any time.
We operate globally and your data may be transferred outside the European Economic Area (EEA) to countries including the United States, Canada, Australia, and the United Kingdom. We ensure data protection through Standard Contractual Clauses (SCCs) under GDPR, and where applicable, additional safeguards such as encryption, pseudonymisation, and access controls. We have Data Processing Agreements in place with key third-party service providers.
California residents have the following rights under CCPA and CPRA:
We do not sell personal data. However, third-party analytics and advertising services may collect data as defined under CCPA. To exercise your rights, email [email protected] with the subject line CCPA Opt-Out Request. We will process your request within 30 days.
Under PIPEDA, Canadian residents have the following rights:
To exercise your rights under PIPEDA, contact us at [email protected].
We may use SMS, WhatsApp, and AI-generated outbound messages to provide service notifications, reminders, marketing promotions, and platform updates. By providing your phone number and opting in, you expressly consent to receive such messages. You may opt out at any time by replying STOP, updating your account preferences, or contacting [email protected].
WhatsApp messages may be processed by Meta Platforms, Inc. Data transfers are governed by Standard Contractual Clauses under GDPR. We do not sell or share your WhatsApp number with third-party advertisers. Compliance framework: GDPR (EU and UK), CCPA (California), TCPA (United States), CASL (Canada).
We use Artificial Intelligence and automated technologies to enhance our services, including:
AI does not make decisions with significant legal or financial consequences unless explicitly stated. Under GDPR Article 22 and CCPA/CPRA, you have the right to be informed about AI-driven decisions, to request human intervention, and to object to AI-based profiling. To exercise these rights, contact [email protected].
Altitude Pulse and Altitude Club are not directed at children under 13 (or under 16 in jurisdictions where the higher age applies under GDPR). We do not knowingly collect personal data from children under these ages.
If you are a parent or guardian and you believe a child has provided us with personal data, please contact [email protected] and we will delete the relevant account and associated data without undue delay.
Under global data protection laws, you have the right to:
To exercise any of these rights, contact us at [email protected]. We will respond to all legitimate requests within one month. There is no fee to exercise your rights unless a request is clearly unfounded, repetitive, or excessive. We may need to verify your identity before processing certain requests.
Right to lodge a complaint. Under GDPR Article 77, you have the right to lodge a complaint with your local data protection authority. In Estonia, the supervisory authority is the Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate), https://www.aki.ee/en. EU residents can also use the European Data Protection Board portal at https://edpb.europa.eu.
Our Sites and Apps may contain links to third-party websites, plug-ins, or applications. These third parties may collect personal data independently. We are not responsible for their data handling practices and encourage you to read their respective privacy policies.
We share personal data with trusted third-party service providers for payment processing, analytics, push notifications, and marketing. The full subprocessor list is in section 12. We have Data Processing Agreements with these providers to ensure compliance with GDPR, CCPA, and PIPEDA. We do not sell personal data to third parties for advertising purposes.
We reserve the right to modify this Privacy Policy at any time. Updates will be reflected in the Effective Date at the top of this document. Continued use of our Sites or Apps after such modifications constitutes acceptance of the revised terms. We will make reasonable efforts to notify users of material changes via email or a notice on the relevant Site or App.
If you have any questions about this Privacy Policy or wish to make a complaint, contact us at:
Elative Solutions OÜ
Ahtri tn 12, Kesklinna linnaosa
Harju maakond, 10151 Tallinn
Estonia, EU
Email: [email protected]