top of page

Last Updated: March 1, 2026

1. WHO WE ARE

This Privacy Policy explains how personal data is collected, used, and protected by:

CoExecute OÜ
Operating under the brand AndExecute

Registered in the Republic of Estonia
Commercial Register Code: [Insert Code]

Registered Address: [Insert Address – Estonia]

Email: support@andexecute.com

CoExecute OÜ operates the AndExecute brand and provides consulting services, diagnostics, workshops, digital tools, and related resources through www.andexecute.com.

For purposes of applicable privacy laws:

• Under the EU General Data Protection Regulation (GDPR), CoExecute OÜ acts as the data controller.
• Under the California Consumer Privacy Act (CCPA/CPRA), CoExecute OÜ may act as a “business” where statutory thresholds apply.

We operate internationally and this Policy applies subject to mandatory laws in your jurisdiction.

2. WHOSE PERSONAL DATA WE COLLECT

We may collect personal data from:

• Website visitors
• Clients and prospective clients
• Users of the Business Diagnostics platform
• Workshop and program participants
• Newsletter and resource subscribers
• Job applicants
• Contractors and vendors
• Business partners

3. WHAT PERSONAL DATA WE COLLECT

Depending on your interaction with our services, we may collect the following categories of personal data.

3.1 Identity and Contact Data

• Full name
• Company name
• Email address
• Phone number
• Billing address
• Country or region

3.2 Professional and Business Information

• Job title or role
• Industry
• Company size or stage

• Job tenure

• Strategic or operational information voluntarily submitted through diagnostics, surveys, or communications

3.3 Account and Usage Data

• login credentials (where applicable)
• subscription status
• diagnostic participation
• IP address
• browser type
• device identifiers
• interaction data such as page views and usage patterns

3.4 Financial Data

Payment transactions may be processed through secure third-party providers.

CoExecute OÜ does not store full payment card numbers.

3.5 Communications Data

• emails and correspondence
• contact form submissions
• survey responses
• diagnostic inputs
• testimonials voluntarily submitted

3.6 Sensitive Data

We do not intentionally collect sensitive personal data.

If such data is voluntarily submitted, it will be processed only where necessary and in accordance with applicable law.

 

4. HOW WE COLLECT DATA

We collect personal data:

• directly from you when submitting forms, registering for diagnostics, or contacting us
• automatically via cookies and analytics technologies
• through integrations with service providers supporting our operations
• from publicly available professional sources where permitted by law

 

5. LEGAL BASES FOR PROCESSING (GDPR)

If you are located in the European Economic Area or United Kingdom, we rely on the following legal bases:

Contractual necessity
To deliver diagnostics, workshops, consulting services, and resources you request.

Legitimate interests
To operate our business, improve services, and maintain security.

Consent
For marketing communications or optional cookies where required.

Legal obligations
To comply with applicable laws and regulatory requirements.

 

6. HOW WE USE PERSONAL DATA

We use personal data to:

• provide consulting services and diagnostics
• generate reports and insights
• process transactions
• communicate with you
• improve website and service performance
• send relevant communications and updates where permitted
• maintain platform security
• comply with legal obligations

We do not sell personal data.

7. DATA SHARING

We may share personal data with trusted service providers including:

• cloud hosting providers
• CRM and email platforms
• analytics providers
• payment processors
• legal and accounting advisors

Personal data may also be disclosed where required by law, regulation, or lawful authority.

All service providers are contractually required to protect personal data.

8. INTERNATIONAL DATA TRANSFERS

Because we operate internationally, personal data may be transferred outside your country.

Where required under GDPR, transfers outside the EU/EEA are safeguarded using:

• Standard Contractual Clauses (SCCs)
• European Commission adequacy decisions
• other legally approved mechanisms

9. DATA RETENTION

Personal data is retained only as long as necessary for:

• providing services
• fulfilling contractual obligations
• complying with legal requirements
• resolving disputes
• enforcing agreements

Retention periods vary depending on data type and applicable laws.

10. YOUR RIGHTS

Depending on your jurisdiction, you may have the right to:

• access personal data
• correct inaccurate data
• request deletion
• restrict processing
• object to processing
• request data portability
• withdraw consent where processing relies on consent
• lodge a complaint with a supervisory authority

Requests may be submitted to:

support@andexecute.com

We may verify identity before responding.

11. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

Where applicable, California residents may have rights to:

• know what personal information is collected
• request deletion of personal information
• request correction of inaccurate information
• opt out of sharing for cross-context advertising
• receive equal service without discrimination

We do not sell personal information.

Requests may be submitted to:

support@andexecute.com

12. AUTOMATED ANALYSIS AND DIAGNOSTIC PROCESSING

Certain tools provided by CoExecute OÜ operating as AndExecute, including:

• Business Diagnostics™
• Cultural Assessments
• Pulse Sentiment Surveys

may analyze submitted responses to generate insights regarding organizational operations, culture, alignment, or execution performance.

These tools process aggregated responses to identify patterns and trends.

This analysis is used solely to:

• generate organizational insights
• produce summary reports for leadership teams
• improve diagnostic methodologies and services

 

No automated decisions producing legal or similarly significant effects on individuals are made using these tools.

Where assessments are conducted within an organization, responses are typically aggregated and anonymized before being presented to leadership.

Individual responses are not attributed to specific employees unless explicitly disclosed and agreed in advance.

Participants should avoid submitting confidential personal data in open-text responses.

13. DATA SECURITY

We implement appropriate technical and organizational safeguards designed to protect personal data.

However, no system can guarantee absolute security.

Information transmitted over the internet is at the user’s own risk.

14. CHILDREN'S PRIVACY

Our services are intended for adults and business professionals.

We do not knowingly collect personal data from individuals under the age of 16.

15. BUSINESS TRANSFERS

If CoExecute OÜ undergoes restructuring, merger, acquisition, or asset sale, personal data may be transferred in connection with that transaction subject to applicable law.

16. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time.

Updates will be posted with a revised Last Updated date.

17. CONTACT

CoExecute OÜ
[Registered Address – Estonia]

legal@andexecute.com

EU residents may contact their local Data Protection Authority.

COOKIE POLICY

Last Updated: March 1, 2026

This Cookie Policy explains how CoExecute OÜ operating as AndExecute uses cookies and similar technologies.

1. WHAT ARE COOKIES

Cookies are small text files stored on your device when you visit a website.

They help websites function properly and improve user experience.

Similar technologies such as pixels, tags, and local storage may also be used.

2. TYPES OF COOKIES WE USE

Strictly Necessary Cookies

Required for website functionality and cannot be disabled.

Examples include:

• session management
• authentication security
• load balancing

Analytics Cookies

Used to understand how users interact with the website.

Examples include:

• page views
• visitor traffic sources
• performance metrics

Functional Cookies

Used to remember preferences and improve user experience.

Marketing Cookies

Used to measure campaign effectiveness and deliver relevant advertising.

For EU users these cookies are deployed only with consent.

3. LEGAL BASIS FOR COOKIES (EU USERS)

Strictly necessary cookies operate under legitimate interest.

Analytics and marketing cookies require user consent.

Consent may be withdrawn at any time through cookie settings.

4. MANAGING COOKIES

Users may manage cookies through:

• browser settings
• cookie consent tools on the website
• deleting stored cookies

Disabling cookies may affect website functionality.

5. THIRD-PARTY COOKIES

Some cookies may be set by third-party providers including:

• analytics platforms
• marketing automation platforms
• payment processors

These providers operate under their own privacy policies.

6. POLICY UPDATES

This Cookie Policy may be updated periodically.

Updates will be posted with a revised Last Updated date.

DMCA

PRIVACY POLICY

Helping The Bold Scale Beyond Borders

Win First New Market

Scale to Unicorn

Make Capital Perform

Fractional Transformation

Our Scaling Approach

About Us

How can we help you scale?

Tell us what you’re trying to solve. We’ll help you think it through.

andExecute Logo

Terms Of Service

Privacy Policy

Disclosure

DMCA Policy

FOLLOW US:

Greg Profile
Linkedin
instagram

Results shared by &Execute and Greg Tennant are illustrative and not guaranteed. Outcomes depend on your business, decisions, and execution. We operate in Portugal, Estonia, and across EU and global markets, providing strategic and operational support. Nothing on this site constitutes investment, financial, or legal advice. Examples are for informational purposes only. All content and frameworks are the intellectual property of &Execute and Coexecute OÜ. Unauthorized use or reproduction is prohibited.

Copyright © 2026 CoExecute OÜ. All rights reserved.​​​​​​

bottom of page