Last updated: June 2026
How we collect, use, and protect your information.
The data controller for the Achieveness application and website is: Achieveness di Edoardo Bianchi Strada Privata Delle Ginestre 11 Carimate, 22060 — Como (CO), Italy VAT number: 04304220132 Email: team@achieveness.com
We collect the following categories of personal data: • Account information: your name and email address when you register. • Usage and progress data: session duration, performance scores across 8 communication dimensions, rule mastery progress, and feature usage. • Voice data: audio is processed in real time during voice sessions to generate coaching feedback. Voice recordings are not permanently stored on our servers after the session ends. • Text session data: the text conversation you have with the AI Agent during text sessions, retained for scoring and debrief purposes. • Payment information: handled entirely by Stripe. We do not store or have access to your payment card details. • Device information: device type and operating system version for technical support purposes.
We process your personal data on the following legal bases under GDPR Article 6: • Contract performance (Art. 6(1)(b)): to create and manage your account, deliver the coaching service, and process your subscription. • Legitimate interests (Art. 6(1)(f)): to improve the quality of the service, track your progress over time, and ensure the security of the platform. These interests are balanced against your rights and do not override them. • Legal obligation (Art. 6(1)(c)): to comply with applicable tax and accounting requirements.
We use your personal data to: • Provide, operate, and improve the Achieveness coaching service. • Track your personal progress and generate personalised coaching content. • Process your subscription and manage billing. • Send service-related communications, including updates and support responses. • Comply with legal and regulatory obligations.
Account and progress data is stored on Supabase, hosted on EU-based servers (eu-west-1 region). We do not store voice recordings after session processing. Payment processing is handled by Stripe — we do not store payment card data. All data in transit is protected with industry-standard TLS encryption. Access to your data is restricted to authorised personnel only.
Some of our service providers are based outside the European Union. Where personal data is transferred to third countries, we ensure appropriate safeguards are in place in accordance with GDPR Chapter V: • AI language model provider (United States) — transfers are subject to Standard Contractual Clauses (SCCs). • Voice synthesis and speech-to-text provider (United States) — transfers are subject to SCCs. • Real-time voice infrastructure provider (United States) — transfers are subject to SCCs. • Payment processor (United States / European Union) — operates under EU-approved SCCs and is certified under relevant data protection frameworks.
We do not sell your personal data to third parties. We share data only with the categories of service providers necessary to operate Achieveness: • Cloud database and authentication provider • Payment processor • Real-time voice infrastructure provider • Voice synthesis and speech recognition provider • AI language model provider All providers are bound by data processing agreements and are required to process your data only for the purposes we specify.
As a data subject under the GDPR, you have the following rights: • Right of access: request a copy of the personal data we hold about you. • Right to rectification: request correction of inaccurate or incomplete data. • Right to erasure: request deletion of your personal data, subject to legal retention requirements. • Right to restriction of processing: request that we limit how we use your data in certain circumstances. • Right to data portability: receive your data in a structured, machine-readable format. • Right to object: object to processing based on legitimate interests. • Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal. To exercise any of these rights, contact us at team@achieveness.com. We will respond within 30 days. We will not charge a fee for exercising these rights unless your request is manifestly unfounded or excessive.
If you believe we have not handled your personal data in accordance with the GDPR, you have the right to lodge a complaint with the competent supervisory authority: Garante per la protezione dei dati personali Piazza Venezia 11 — 00187 Roma, Italy
Achieveness uses AI to evaluate your communication performance and generate session scores across 8 dimensions. This constitutes automated processing under GDPR Article 22. These scores are used solely to provide you with coaching feedback and personalise your learning path. They do not produce any legal or similarly significant effects. You may contact us at any time to request human review of any automated assessment.
Your account and progress data is retained for as long as your account is active. If you delete your account, your personal data is permanently removed from our systems within 30 days, except where retention is required by applicable law: • Tax and accounting records (including billing and transaction records): retained for 10 years as required by Italian Civil Code and tax law (Art. 2220 c.c. and Presidential Decree 600/1973). • Records necessary to defend against legal claims: retained for the applicable statutory limitation period. Voice session audio is not retained after processing. Text session transcripts used for scoring are deleted once scoring is complete.
The Achieveness website does not currently use tracking or analytics cookies. Only technically necessary cookies may be used to ensure the website functions correctly. We will update this policy if we introduce any analytics or marketing tools.
Achieveness is designed for users aged 18 and above. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has created an account, please contact us at team@achieveness.com and we will delete the data promptly.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority (Garante per la protezione dei dati personali) within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, as required by GDPR Article 34, describing the nature of the breach, the likely consequences, and the measures taken or proposed to address it.
This Privacy Policy forms part of our Terms of Service. By using Achieveness, you agree to both. Please review our Terms of Service at achieveness.com/terms for the full legal framework governing your use of the service.
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via email or via an in-app notification. The date of the latest revision is always shown at the top of this page. Continued use of the service after changes are posted constitutes acceptance of the updated policy.
For any privacy-related questions or requests, please contact us at: team@achieveness.com Achieveness di Edoardo Bianchi Strada Privata Delle Ginestre 11 Carimate, 22060 — Como (CO), Italy
Questions? Email us at team@achieveness.com