Privacy policy.

paulatorraco.com

Last updated: March 2026

Who I am

This site is operated by Paula Torraco, trading as To Be Honest. The domain tobehonest.eu redirects to paulatorraco.com and is covered by this same policy.

To Be Honest is registered with the Dutch Chamber of Commerce (KvK: 82321485, BTW-id: NL003671079B17).

Contact: hello@paulatorraco.com


What this policy covers

This policy explains what personal data I collect, why, how it's stored, and what rights you have. It applies to paulatorraco.com and to any service agreement between you and To Be Honest.

This policy adheres to the General Data Protection Regulation (GDPR). Your rights under the GDPR include the right to access, correct, or delete your personal data, and to withdraw consent at any time.

What data I collect and why

When you visit the site

Squarespace (the platform this site runs on) and Google Analytics collect anonymous usage data — pages visited, traffic sources, device type, general location. This helps me understand how people use the site so I can improve it. No personally identifiable information is collected through analytics.

This site uses Google Fonts (Manrope and Fraunces), loaded from Google's servers. When a page loads, your IP address is transmitted to Google to retrieve these fonts. Google's privacy policy applies to this data.

For more detail on cookies, see the Cookie Policy.

When you download a free resource

This site offers free downloadable resources, including an ebook ("Lead Your Own Way with Human Design") and guided meditations. To access these, you enter your name and email address through a form on the site. This data is collected and stored by Squarespace and you are added to my mailing list.

You can unsubscribe at any time using the link in any email.

When you generate your free Human Design chart

This site includes an embedded tool from Bodygraph (bodygraph.com) that lets you create your Human Design chart by entering your birth details (name, date of birth, time of birth, and place of birth). This data is processed and stored by Bodygraph according to their own privacy policy (bodygraph.com/legal-page/privacy). I do not store your birth details.

When you use this tool, your contact details (name and email) are added to my mailing list so I can stay in touch with you. You can unsubscribe at any time using the link in any email.

When you sign up for my newsletter

If you enter your name and email address through a signup form on this site, that data is collected and stored by Squarespace. I use this only to send you my newsletter — no spam, no selling your email to anyone.

You can unsubscribe at any time using the link in any email. Once you unsubscribe, your data is removed from the mailing list.

When you use the contact form

If you get in touch through the contact form on this site, your message and contact details are sent to me securely. I treat all contact form submissions as confidential and only use your information to respond to your enquiry.

When you make a purchase

If you purchase a course, a session, or The Book of You, the transaction is processed through Stripe (via Squarespace Commerce). Stripe handles your payment information securely. I don't store your payment details — Stripe does, under their own security standards and privacy policy.

I receive your name, email, and what you purchased so I can deliver what you've bought.

When we work together

If you book a coaching session, join Portal, or engage me for corporate work, I'll ask for your name, address, phone number, and email address. This is necessary to deliver the service and to send invoices.

I use Moneybird for invoicing. I have a Data Processing Agreement with Moneybird that ensures your data is handled in accordance with the GDPR.


Third-party services

This site uses the following third-party services that may process your data:

  • Squarespace — website hosting, email collection, built-in analytics, payment processing (via Stripe)

  • Google Analytics 4 — website analytics (anonymised)

  • Google Fonts — web fonts (Manrope, Fraunces), loaded from Google's servers

  • Stripe — payment processing (through Squarespace Commerce)

  • Moneybird — invoicing

  • Bodygraph — embedded Human Design chart tool

Each of these services has its own privacy policy and processes data in compliance with applicable data protection regulations.

How long I keep your data

  • Newsletter subscribers and free resource downloads: your name and email are stored for as long as you remain subscribed. When you unsubscribe, your data is removed.

  • Customers and clients: your data is stored for as long as needed to deliver the service and to meet legal and tax obligations (Dutch tax law requires financial records to be kept for 7 years).

  • Contact form submissions: kept for as long as necessary to handle your enquiry, then deleted.

  • Birth details entered via the Bodygraph chart tool: processed and stored by Bodygraph, not by me. Their retention policy applies.

Your rights

Under the GDPR, you have the right to:

  • Access the personal data I hold about you

  • Request correction of inaccurate data

  • Request deletion of your data

  • Withdraw your consent at any time

  • Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe your data is being mishandled

To exercise any of these rights, email me at hello@paulatorraco.com.

Changes to this policy

I may update this policy from time to time. When I do, the "last updated" date at the top will change. I won't reduce your rights under this policy without letting you know.