Privacy Policy

1. Introduction

Coachful, operated by Influencee Agency OÜ ("we", "our", or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Personal Information

When you create an account, we collect:

• Name and email address
• Profile picture (optional)
• Phone number (optional, used for WhatsApp communications)
• Account authentication data via Firebase Authentication

Usage Information

We automatically collect:

• Goals, habits, and progress data you enter
• Check-in responses and reflections
• Device information and browser type
• Usage patterns and feature interactions

Payment Information

Payment processing is handled by Stripe. We do not store your complete credit card information. We only receive limited information such as the last four digits of your card for reference purposes.

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Personalize your experience and recommendations
• Process transactions and send related information
• Send you notifications, updates, and support messages
• Analyze usage to improve our Service
• Facilitate community features like Squad interactions
• Send WhatsApp messages for scheduling, reminders, and coaching communications
• Comply with legal obligations

4. Information Sharing

We may share your information with:

• Service Providers: Third-party services that help us operate the platform (Firebase for authentication, Stripe for payments, Stream for chat, WhatsApp Business API for messaging, Google APIs for email/calendar/drive integration)
• Squad Members: Limited profile information visible to other members in your accountability squads
• Coaches: If you have a premium plan with coach access, your coach may view your progress data
• Legal Requirements: When required by law or to protect our rights

We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. You can request deletion of your account and data at any time by contacting us.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing of your data
• Request data portability
• Withdraw consent at any time

8. Cookies and Tracking

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and analyze how you use our Service. You can control cookie settings through your browser preferences.

9. Phone Numbers & WhatsApp Communications

We may collect your phone number for the purpose of sending communications via WhatsApp or other messaging services. This includes:

• Platform notifications: Coachful may send coaches account-related updates, reminders, and support messages via WhatsApp
• Coach-to-client communications: Coaches using the Coachful platform may send scheduling reminders, program updates, and other coaching-related messages to clients via WhatsApp
• Transactional messages: Booking confirmations, session reminders, and other service-related notifications

Your phone number will not be sold to third parties or used for unsolicited marketing. You may opt out of WhatsApp communications at any time by contacting your coach or our support team. Note that opting out may affect your ability to receive important service notifications.

WhatsApp messages are processed through Meta's WhatsApp Business API. By providing your phone number, you acknowledge that your data may be processed in accordance with WhatsApp's Privacy Policy.

10. Google API Data

Coachful integrates with Google APIs to provide coaching and communication features. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Google Scopes We Request

Gmail (Email Integration)

• gmail.readonly — Read your email messages to sync coaching-related emails into your Coachful inbox. We only access emails relevant to your coaching communications.
• gmail.send — Send emails on your behalf when you compose and send messages through Coachful's email features (e.g., client outreach, email sequences, broadcast emails).
• userinfo.email — Identify your Google account email address to link your Gmail account to your Coachful profile.

Google Drive (Recording Access)

• drive.readonly — Read-only access to Google Drive to locate and retrieve video call recordings (e.g., Google Meet recordings) for use within Coachful's session review and video analysis features. We do not modify, delete, or create files in your Google Drive.

Google Calendar

• calendar.readonly — Read your calendar events to display your schedule within Coachful and check availability for coaching sessions.
• calendar.events — Create, update, and manage calendar events for coaching sessions booked through Coachful.

How We Use Google Data

• Google data is used only to provide the specific features described above within the Coachful platform.
• We do not use Google data for advertising, market research, or to build user profiles unrelated to Coachful's coaching features.
• We do not sell, rent, or share Google user data with third parties, except as required to provide the Service (e.g., securely storing OAuth tokens to maintain your connection).
• We do not allow humans to read your Google data unless you provide affirmative consent, it is necessary for security purposes, it is required by law, or the data is aggregated and anonymized for internal operations.

Data Storage & Security

• OAuth refresh tokens are stored securely in our database and are encrypted at rest. They are used solely to maintain your authorized connection.
• Email content synced from Gmail is stored in our database to provide inbox features and is accessible only to you and your authorized coaches within your organization.
• Google Drive files are accessed on-demand and are not permanently stored in our systems beyond caching for active session review.
• Calendar data is synced to display scheduling information and is stored only as needed to provide calendar integration features.

Revoking Access

You can disconnect your Google account from Coachful at any time through your account settings. You can also revoke Coachful's access directly from your Google Account permissions page. Upon disconnection, we will stop accessing your Google data and delete stored OAuth tokens.

11. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we learn we have collected such information, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the Service. Your continued use after changes indicates acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, contact us at privacy@coachful.co