Privacy Policy

CTM Consulting & Media Limited  ·  Trading as The Path of Becoming™  ·  Last updated 9th April 2026

1. Introduction

This Privacy Policy explains how CTM Consulting & Media Limited, trading as The Path of Becoming™ ("we", "us", "our"), collects, uses, and protects personal data when you visit our website, enquire about our services, enrol in our programmes, interact with our content, or subscribe to communications.

Websites covered

• https://www.cibellemichepud.com
• https://login.cibellemichepud.com/login

By using our website or services, you acknowledge this Privacy Policy.

2. Data Controller

CTM Consulting & Media Limited
Registered in England and Wales (Company No. 15925265)
Trading as The Path of Becoming™
Email: [email protected]

We are responsible for deciding how and why your personal data is processed.

3. Personal Data We Collect

3.1 Personal Data You Provide

This may include:

• First and last name
• Email address
• Phone number (if provided)
• Address, city, country (if provided)
• Payment information (processed via secure third-party providers)
• Messages you send via forms, email, WhatsApp or other channels
• Programme enrolment information

We only collect data that is necessary and relevant to the services requested.

3.2 Usage Data

We may automatically collect: IP address, browser type and version, device information, pages visited, date and time of visits, time spent on pages, referral source, and diagnostic and technical data.

3.3 Cookies and Tracking Technologies

We use cookies and similar technologies to operate and secure the website, analyse usage, improve functionality, and support marketing where consent has been provided. You can manage cookie preferences through your browser settings or our cookie consent tool (where available). Disabling cookies may affect site functionality.

4. How We Use Your Data

• Provide and maintain our services
• Process programme enrolments and payments
• Deliver course materials and portal access
• Respond to enquiries
• Send service-related communications
• Improve our website and services
• Monitor performance and prevent fraud
• Comply with legal and accounting obligations
• Send marketing communications where permitted

5. Marketing Communications

If you opt in, we may send newsletters, strategic insights, programme invitations, and event announcements via email, WhatsApp, or SMS (where enabled).

You may opt out at any time by clicking the unsubscribe link in emails, replying "STOP" to SMS/WhatsApp, or emailing [email protected]. We do not sell personal data.

6. Legal Bases for Processing (UK GDPR)

• Contract — To deliver services you purchase or request.
• Consent — For marketing communications and non-essential cookies.
• Legitimate Interests — For improving services, analytics, fraud prevention, and responding to enquiries, provided those interests are not overridden by your rights.
• Legal Obligation — To comply with tax, accounting, and regulatory requirements.

You may withdraw consent at any time where consent is relied upon.

7. Sharing Your Data

We share personal data only where necessary with trusted service providers, including website hosting providers, email marketing platforms, course and portal platforms, payment processors (e.g. Stripe, PayPal), video conferencing providers (e.g. Zoom), scheduling tools, analytics providers (e.g. Google Analytics), and advertising platforms (e.g. Meta, Google Ads).

These providers act as data processors and are contractually required to safeguard personal data. We do not sell personal data.

8. International Transfers

Some service providers may process data outside the United Kingdom. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as UK adequacy regulations, standard contractual clauses, and approved transfer mechanisms.

9. Data Retention

• Enquiry data — Retained while actively corresponding and for a reasonable follow-up period.
• Marketing contacts — Until you unsubscribe or we remove inactive contacts.
• Customer records and transaction data — Retained as required by UK tax and accounting law (typically 6 years).

We may retain limited data longer where required to resolve disputes or comply with legal obligations.

10. Your Rights Under UK GDPR

You may have the right to: access your personal data, request correction of inaccurate data, request deletion ("right to be forgotten"), restrict processing, object to processing, data portability (where applicable), and withdraw consent.

To exercise these rights, contact: [email protected]

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

11. Security

We implement appropriate technical and organisational security measures to protect personal data. However, no method of online transmission or storage is completely secure. While we take reasonable precautions, we cannot guarantee absolute security.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their content, privacy practices, or security. Please review their policies separately.

13. Children

Our services are intended for professionals and are not directed at children under 18. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will delete it.

14. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be published on this page with an updated revision date. Where changes are significant, we may notify users via email or website notice.