CTOCoach

Privacy Policy

Last updated: May 2026

CTO Coach ("we", "us", or "our") operates the website ctocoach.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

1. Information We Collect

Information you provide directly

  • Email address — only if you choose to submit the optional waitlist form on the assessment results page, or if you contact us directly.
  • Assessment responses — your answers to the CTO Readiness Assessment are not stored on our servers. They exist only in your browser session and are discarded when you close the page or clear browser data. If you submit your email on the results page, only your summary outputs (overall score, level band, top strength, top gap, audience self-tag) are transmitted to us — not your individual answers.
  • Contact information — any information you voluntarily provide when contacting us via email.

Information collected automatically

  • Usage data — pages visited, time spent on pages, referral source, and general browsing behaviour via Google Analytics (GA4). Only collected if you accept cookies in our consent banner; otherwise no GA4 data is sent.
  • Anonymous assessment outcomes — when you complete the assessment with cookies accepted, your overall score, level band, and five dimension scores are sent to Google Analytics as event parameters. These are aggregated across all visitors and cannot be linked back to you personally unless you also submit your email on the results page.
  • Device information — browser type, operating system, screen resolution, and language preference.
  • IP address — collected by our hosting provider and analytics tools; used in aggregate for geographic insights.

2. How We Use Your Information

  • To deliver and improve the CTO Readiness Assessment and personalised results.
  • To send you educational content, product updates, and relevant communications (only if you have opted in).
  • To analyse website usage and improve our content, features, and user experience.
  • To respond to your enquiries and provide customer support.
  • To detect, prevent, and address technical issues or abuse.

3. Cookies and Analytics

We use Google Analytics 4 (GA4) to understand how visitors interact with our website. GA4 uses first-party cookies to distinguish unique users and sessions. These cookies do not contain personally identifiable information.

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on, or by adjusting your browser's cookie settings.

4. Third-Party Services

We rely on the following third-party services to operate CTO Coach. Each has its own privacy policy governing data handling:

  • Vercel — website hosting and edge delivery.
  • Google Analytics (GA4) — website analytics and usage metrics.
  • Resend — transactional and marketing email delivery.

We do not sell, trade, or rent your personal information to any third party. We share data with the above providers only as necessary to operate our services.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law. The specifics differ by data type — CTO Coach does not operate user accounts, so retention is anchored to your subscription state and the data store that actually holds the data.

  • Assessment answers — never stored on our servers. Held only in your browser session for the duration of taking the assessment; discarded when you close the page, navigate away, or clear browser data.
  • Assessment summary outputs (overall score, level band, top strength, top gap, audience self-tag) — transmitted to us only if you submit the optional waitlist form on the results page. Stored in Resend alongside your email for the lifetime of your subscription. Deleted within 48 hours of unsubscribe or upon written request to hello@ctocoach.com.
  • Anonymous assessment outcomes in GA4 — overall score and dimension scores sent as event parameters are retained for 14 months (the GA4 default user-and-event data retention setting). These aggregates cannot be linked back to you personally and we do not request a longer retention window.
  • Email subscription record — your email address and subscription status remain in Resend until you unsubscribe (one-click link in every email) or request deletion. Removal is automatic within 48 hours of unsubscribe.
  • Analytics data (other) — page-view, referral, and device data in GA4 follow the same 14-month retention window. Server logs at our hosting provider are retained for up to 30 days for security and abuse investigation, then purged.
  • Direct correspondence — emails you send us are retained for as long as needed to resolve your enquiry plus a reasonable archival period (up to 24 months), unless you request earlier deletion.

6. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate or incomplete data.
  • Right to erasure — request deletion of your personal data ("right to be forgotten").
  • Right to restrict processing — request that we limit how we use your data.
  • Right to data portability — receive your data in a structured, commonly used, machine-readable format.
  • Right to object — object to processing of your data for certain purposes, including direct marketing.

To exercise any of these rights, email us at hello@ctocoach.com. We will respond within 30 days.

7. Your Rights Under CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

  • Right to know — request disclosure of the categories and specific pieces of personal information we have collected.
  • Right to delete — request deletion of your personal information.
  • Right to opt out — we do not sell personal information. If this changes, we will provide a clear opt-out mechanism.
  • Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights.

8. Children's Privacy

CTO Coach is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically for any changes. Continued use of our services after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, contact us at:

hello@ctocoach.com

Back to home