Last updated: 8 June 2026 · Effective Date: 8 June 2026
This Privacy Policy applies to all websites, applications, mobile apps, subdomains, memberships, services, and products operated by Elative Solutions OÜ, including but not limited to the following brands and domains:
All of the above are collectively referred to as the "Sites" and "Apps" throughout this document. Altea is the name of the AI assistant offered within the Altitude Club service (see section 2A).
Elative Solutions OÜ is committed to protecting your privacy and ensuring the security of your personal information. By using the Sites or Apps, you acknowledge that you have read and accepted this Privacy Policy. If you do not agree, please discontinue use immediately.
Elative Solutions OÜ, a company registered in Estonia, acts as the Data Controller for personal data collected through our Sites and Apps. We are committed to compliance with GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), CPRA (California Privacy Rights Act), and PIPEDA (Personal Information Protection and Electronic Documents Act, Canada).
If you have any questions regarding your privacy, you may contact us at:
This section describes data handling specific to the Altitude Club mobile experience and the Altitude Pulse mobile app (iOS and Android).
Mobile app data is processed by Supabase (database and authentication), OneSignal (push notifications), Microsoft Clarity (anonymised session analytics), GoHighLevel (CRM enrichment), and, for the Altea assistant, the AI providers listed in section 12. The full subprocessor list is in section 12.
The Altitude Club service includes Altea, an AI business assistant. To give you advice grounded in your own business, Altea can work with business data you choose to connect or upload. This section explains exactly how that data is handled. Providing this data is always your choice, and you can withdraw it at any time.
Altea works only on your own data, to answer your own questions. Your connected and uploaded business data is isolated to your account at the database level and is never used to answer another user's questions, never pooled with other users' data, and never sold.
Neither your conversations nor your connected or uploaded business data are used to train our models or any third-party model. We engage AI providers under settings or endpoints that exclude your content from their model training (see section 12).
To generate a response, the relevant context is sent to AI model providers hosted in the United States (listed in section 12; transfer safeguards in section 15). We do not send your business data to AI endpoints hosted in China.
You are interacting with an AI assistant. Altea produces suggestions and analysis; it does not make decisions producing legal or similarly significant effects about you without human involvement. Under GDPR Article 22 you may request human review of, and object to, AI-based processing by contacting [email protected]. Altea may make mistakes, and its output does not constitute professional, financial, legal, medical, tax, or investment advice (see our Terms and Conditions).
We collect personal data including but not limited to contact information, customer transaction details, user data, technical data, and marketing preferences. We gather this data through direct interactions (such as when you sign up, purchase, or contact support), automated tracking (cookies and analytics), third-party service integrations, and publicly available sources.
Under GDPR, we process data based on contractual necessity, legitimate interest, consent, and legal obligations. Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process the following categories of personal data:
Any communication you send to us through contact forms, email, text, social media messaging, or any other channel. We process this data to respond to enquiries, maintain records, and comply with legal obligations.
Reflections, journal notes, assistant prompt responses, and other freeform content you write inside the Altitude Club service, Altea, or the Altitude Pulse app. Stored on your account. Not used for model training, not sold, and not shared. Your freeform reflections are not analysed by humans except where you explicitly request support involving that content. Business data you choose to connect or upload for the Altea assistant is analysed by the assistant on your behalf, to answer your questions, as described in section 2A.
Business metrics from accounts you connect (such as Google Analytics) and the contents of files you upload for analysis. Processed solely to provide the Altea assistant to you, as described in section 2A. Retained until you disconnect, delete, or close your account (see section 13).
Details related to purchases including your name, billing address, delivery address, email address, phone number, and payment details. We process this to supply the goods and services you have purchased and to maintain transaction records.
Data about how you use our Sites and Apps including interactions with content, session history, and engagement levels. We process this to improve user experience and platform functionality.
Where members use our platforms to manage their own coaching or consulting business, we may process data relating to their client contact records, funnel configurations, CRM settings, and automation sequences stored within the platform. This data is processed solely to provide the contracted service. Members retain full ownership of their own client data at all times.
IP addresses, login data, browser details, session lengths, device information, and analytics tracking. This helps us optimise our Sites and Apps and detect security threats.
Preferences regarding marketing communications, promotions, and advertising.
If you provide your phone number, we may use it to send SMS messages, WhatsApp messages, or AI-generated outbound communications based on your stated preferences.
We do not collect sensitive personal data including race, ethnicity, religious beliefs, biometric data, or criminal records, and you must not upload such data to the Altea assistant (see our Terms and Conditions).
We collect data in the following ways:
Our Sites use cookies and other tracking technologies to enhance functionality, improve user experience, and support marketing and analytics. When you first visit, a cookie consent banner allows you to accept or reject non-essential cookies. You can also manage cookie preferences through your browser settings.
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, enhance your browsing experience, and improve functionality. Cookies may be first-party (set by our Sites) or third-party (set by advertising or analytics providers).
Some cookies on our Sites are placed by third-party service providers including Google Analytics, Facebook Pixel, and payment providers. These third parties may use cookies in accordance with their own privacy policies, which we recommend reviewing.
You may adjust your browser settings to block or delete cookies, opt out of third-party tracking through https://optout.aboutads.info, or use our cookie consent banner to manage non-essential cookie preferences. If you disable certain cookies, some parts of our Sites may not function correctly.
We use Microsoft Clarity to record anonymised session interactions across our websites and mobile apps. Clarity captures taps, scrolls, screen views, page paths, and similar interaction signals, and produces session replays and heatmaps that help us identify confusing flows and broken interface elements.
Clarity does not capture the content of sensitive form fields such as passwords or payment information. We do not use Clarity to identify individual users by name, email, or other direct identifier.
For more information, see the Microsoft Privacy Statement.
We use OneSignal to deliver push notifications to the Altitude Club and Altitude Pulse mobile apps. When you allow notifications, OneSignal stores a device-level push token issued by Apple Push Notification service or Firebase Cloud Messaging. That token is linked to your account so we can deliver the right notification to the right device, and is removed when you uninstall the app or revoke notification permission in your device settings.
Push tokens are treated as personal identifiers under GDPR and Apple App Privacy guidance. For more information, see the OneSignal Privacy Policy.
Anonymous crash logs and app performance metrics are collected by iOS and Android system services to help us diagnose stability issues and prioritise performance work. This data includes information such as the type of device, operating system version, app version, and the technical context of a crash.
This crash and performance data is not linked to your identity and is treated as Diagnostic Data under Apple App Privacy disclosures.
We only send marketing communications with your explicit consent. We use double opt-in for email subscriptions. You may opt out at any time by clicking the unsubscribe link in any email or contacting us at [email protected].
SMS Opt-In: by opting in, you agree to receive text messages from us. You may unsubscribe at any time by replying STOP. Opting out of marketing communications will not affect essential service-related communications.
We use third-party advertising services including Meta (Facebook and Instagram Ads) and Google Ads to promote our products and services. These platforms may collect and process user data through technologies such as Facebook Pixel and Google Analytics.
If you prefer not to receive personalised advertising, you may opt out through:
For California Residents: submit a CCPA Opt-Out Request to [email protected] with your full name and account email. We will process your request within 30 days.
Elative Solutions OÜ uses GoHighLevel as the underlying CRM and technical infrastructure for CoachSuite Pro and Altitude Club. GoHighLevel is a third-party software-as-a-service platform that processes certain member and contact data on our behalf as a data processor.
Data processed within GoHighLevel infrastructure may include contact records, CRM entries, automation sequences, funnel configurations, email communications, and SMS messages. GoHighLevel operates servers in the United States. Data transfers from the EU to GoHighLevel are governed by Standard Contractual Clauses (SCCs) in compliance with GDPR and Schrems II requirements.
Members who store their own client data within the platform remain the data controller for that client data. Elative Solutions OÜ processes that data solely as a data processor acting on the member's instruction. Members are responsible for ensuring they have obtained appropriate consent from their own clients before uploading or storing client data within the platform.
We engage the following third-party service providers (subprocessors) to operate our Sites and Apps. Each subprocessor is bound by a Data Processing Agreement and processes data solely on our documented instructions.
The following providers process your conversation context and, where you have connected or uploaded business data, the relevant retrieved business data, solely to generate Altea's responses to you and to index your data for retrieval. Each is engaged under terms that exclude your content from model training. None is hosted in China.
Where data is transferred outside the European Economic Area, transfers are governed by the EU-US Data Privacy Framework where the provider is certified, or by Standard Contractual Clauses with supplementary safeguards.
To keep the service safe, accurate, and improving, we operate an internal monitoring layer that reviews interactions with the Altea assistant for response quality, safety, and product improvement.
This monitoring is not shown in the product interface, but it is fully disclosed here. We do not conceal it.
We implement industry-standard security measures including database row-level security so each user can only access their own data, encryption of sensitive data and access tokens at rest, restriction of AI processing to US-hosted endpoints under no-training terms, controlled access, audit logging of administrative access, and routine security review. We retain personal data for the following periods:
Self-service deletion. You can permanently delete your account at any time from within the app settings. Deletion is immediate and includes all profile data, conversation and assistant-memory data, connected-account tokens, uploaded files and the data derived from them, gamification state, and session history stored against your account.
CRM contact records may be retained for legal and compliance reasons up to the periods listed in section 13. If you would like the CRM record deleted in addition to the app account, email [email protected] from the address associated with your account and we will action the request within one month.
You can also request deletion of any account or data record by emailing [email protected] at any time.
We are based in the European Union and host primary infrastructure in the EU. We operate globally and your data may be transferred outside the European Economic Area (EEA) to countries including the United States, Canada, Australia, and the United Kingdom, including to the AI model providers listed in section 12. We ensure data protection through the EU-US Data Privacy Framework where the provider is certified, and otherwise through Standard Contractual Clauses (SCCs) under GDPR, with additional safeguards such as encryption, pseudonymisation, and access controls. We have Data Processing Agreements in place with key third-party service providers.
California residents have the following rights under CCPA and CPRA:
We do not sell personal data. However, third-party analytics and advertising services may collect data as defined under CCPA. To exercise your rights, email [email protected] with the subject line CCPA Opt-Out Request. We will process your request within 30 days.
Under PIPEDA, Canadian residents have the following rights:
To exercise your rights under PIPEDA, contact us at [email protected].
We may use SMS, WhatsApp, and AI-generated outbound messages to provide service notifications, reminders, marketing promotions, and platform updates. By providing your phone number and opting in, you expressly consent to receive such messages. You may opt out at any time by replying STOP, updating your account preferences, or contacting [email protected].
WhatsApp messages may be processed by Meta Platforms, Inc. Data transfers are governed by Standard Contractual Clauses under GDPR. We do not sell or share your WhatsApp number with third-party advertisers. Compliance framework: GDPR (EU and UK), CCPA (California), TCPA (United States), CASL (Canada).
We use Artificial Intelligence and automated technologies to provide and enhance our services, including:
We do not use your conversations or your connected or uploaded business data to train AI models. AI does not make decisions with significant legal or financial consequences without human involvement. AI output may contain errors and does not constitute professional, financial, legal, medical, tax, or investment advice. Under GDPR Article 22 and CCPA/CPRA, you have the right to be informed about AI-driven processing, to request human intervention, and to object to AI-based profiling. To exercise these rights, contact [email protected].
The Altitude Club service is intended for business owners aged 18 and over and is not directed at children. The Altitude Pulse mobile app is not directed at children under 13 (or under 16 in jurisdictions where the higher age applies under GDPR). We do not knowingly collect personal data from children under these ages.
If you are a parent or guardian and you believe a child has provided us with personal data, please contact [email protected] and we will delete the relevant account and associated data without undue delay.
Under global data protection laws, you have the right to:
To exercise any of these rights, contact us at [email protected]. We will respond to all legitimate requests within one month. There is no fee to exercise your rights unless a request is clearly unfounded, repetitive, or excessive. We may need to verify your identity before processing certain requests.
Right to lodge a complaint. Under GDPR Article 77, you have the right to lodge a complaint with your local data protection authority. In Estonia, the supervisory authority is the Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate), https://www.aki.ee/en. EU residents can also use the European Data Protection Board portal at https://edpb.europa.eu.
Our Sites and Apps may contain links to third-party websites, plug-ins, or applications. These third parties may collect personal data independently. We are not responsible for their data handling practices and encourage you to read their respective privacy policies.
We share personal data with trusted third-party service providers for payment processing, analytics, push notifications, AI generation, and marketing. The full subprocessor list is in section 12. We have Data Processing Agreements with these providers to ensure compliance with GDPR, CCPA, and PIPEDA. We do not sell personal data to third parties for advertising purposes.
We reserve the right to modify this Privacy Policy at any time. Updates will be reflected in the Effective Date at the top of this document. Continued use of our Sites or Apps after such modifications constitutes acceptance of the revised terms. We will make reasonable efforts to notify users of material changes via email or a notice on the relevant Site or App.
If you have any questions about this Privacy Policy or wish to make a complaint, contact us at:
Elative Solutions OÜ
Ahtri tn 12, Kesklinna linnaosa
Harju maakond, 10151 Tallinn
Estonia, EU
Email: [email protected]