CoachFile

Privacy Policy

Effective May 30, 2026. Last updated May 30, 2026.

Who we are

CoachFile is a private client memory system for life and business coaches. It turns a coach's scattered notes into organized client timelines and session histories. This Privacy Policy explains what data CoachFile collects, how we use it, and the choices and rights you have. "We," "us," and "CoachFile" refer to the operator of coachfile.app.

CoachFile is a business tool used by professional coaches. There are two kinds of people whose data is involved: the coach (our account holder) and the coach's own clients, whose details a coach records inside CoachFile. For the client information a coach enters, the coach is the data controller and CoachFile is the data processor. In plain terms: that client data belongs to the coach, not to us. We store and organize it on the coach's behalf.

The short version

  • Your data is encrypted in transit and at rest.
  • Each coach's data is isolated at the database level. One coach cannot access another coach's data.
  • We do not sell your data, we do not use it for advertising, and we do not use your client records to train AI models.
  • We use privacy-safe product analytics to improve CoachFile. It never receives your client names, notes, or content, and you can opt out anytime in Settings. We do not run ad tracking.
  • You can export all of your data at any time, and you can ask us to delete your account at any time.
  • We do not read your client notes except in two narrow, logged situations described below.

Information we collect

We collect the following:

  • Account information. Your name, email address, and sign-in events, handled through our authentication provider (Clerk).
  • Billing information. When you activate a paid plan, your payment details are collected and processed by Stripe. We do not store your full card number on our systems.
  • Content you provide about your clients. The client names, demographics, custom fields, session notes, and any documents or photos you upload or import. You decide what goes in. We store and organize it.
  • Technical and diagnostic data. Error reports (through Sentry, with personal data scrubbed before it is sent) and standard infrastructure and security logs from our hosting provider (Cloudflare).

Cookies and tracking

CoachFile uses the cookies it needs to work: a session cookie from our authentication provider (Clerk) to keep you signed in, and operational cookies from our hosting provider (Cloudflare) for security and content delivery. Our product analytics (PostHog) also sets a first-party cookie so a visit is counted as one person.

We use privacy-safe product analytics (PostHog) to understand how coaches use CoachFile so we can improve it. It records page views, clicks on buttons and links, and a masked session replay that shows layout and navigation only. Every input is masked, all on-screen text is masked, and images are blocked, so your client names, session notes, demographics, and headshots are never sent or recorded. We connect this to your account by a random user id, never by your email or name. You can turn it off anytime under Settings, Account, Product analytics.

We do not use advertising cookies or marketing pixels, and we do not track you across other websites.

How we use your information

We use your information only to provide and operate CoachFile: to sign you in, to store and organize the data you enter, to process payments, to send you account and service emails, to monitor errors and keep the service secure, and to provide support when you ask for it.

To be explicit about what we do not do:

  • We do not sell your personal information.
  • We do not share your data for advertising.
  • We do not use your client records, session notes, demographics, custom fields, or uploaded documents to train any AI model, ours or anyone else's.

AI and your data

When you use the migration tool to import existing notes, the text of those documents is sent to Anthropic's API so it can be extracted into structured client records. Here is exactly how that works today:

  • Anthropic does not use that content to train its models (this is the default on the API tier we use).
  • Anthropic retains API logs for about 30 days, for abuse monitoring only, never for content review, and then deletes them.
  • That content is not shared with any other third party.

The migration tool organizes what you give it. It does not invent client details. Extracted records are presented to you for review before anything is saved as a client.

Who we share data with

We rely on a small set of trusted service providers (subprocessors) to run CoachFile. Each has its own privacy commitments:

  • Cloudflare: hosting, content delivery, file storage.
  • Supabase: database and authentication backing.
  • Clerk: sign-in and account authentication.
  • Stripe: payment processing.
  • Anthropic: AI extraction during note migration.
  • Resend: transactional and account email.
  • Sentry: error monitoring, with personal data scrubbed.
  • PostHog: privacy-safe product analytics, with client content masked and never sent.

If we add or change a subprocessor, we will give 30 days advance notice by email, and you may end your subscription without penalty if you object.

The only other times we disclose data are when you explicitly authorize support access (for example, to recover something you deleted), and when we are legally compelled to (for example, a valid court order). Both are described in the next section.

How we protect your data

CoachFile uses a two-tier security model: strong technical controls plus strong policy commitments. It is not zero-knowledge encryption (the model used by tools like Signal or a password manager), because that model means a forgotten password permanently destroys years of a coach's records. We chose recoverable, strongly protected data instead, and we are transparent about what we can and cannot see.

What that means in practice:

  • Data is encrypted in transit using TLS 1.3 and at rest using AES-256.
  • Every coach's data is isolated at the database level through row-level security, so one coach's account cannot read another's.
  • No CoachFile staff have standing access to your client data. Access happens in only two situations: (1) when you explicitly authorize support access for a specific request, which is time-limited and logged, and (2) when we are legally compelled, where we notify you if permitted. You are told when authorized access begins and ends.
  • Every access to customer data is recorded in audit logs, which we retain for 7 years.

We are pursuing SOC 2 attestation as part of our roadmap. Our infrastructure providers (including Cloudflare, Supabase, Clerk, Stripe, and Anthropic) maintain their own SOC 2 Type 2 compliance today.

How long we keep your data

We keep your account data and the content you enter for as long as your account is active. If you delete your account, your content is permanently deleted after a 30-day grace period (see Your rights below). Operational audit logs are retained for 7 years. Data export download links expire after 7 days. The AI abuse-monitoring logs described above are retained by Anthropic for about 30 days.

Your rights and choices

You can access, export, correct, and delete your data. Specifically:

  • Export. You can download all of your data at any time, as JSON or CSV, from your data settings. No questions asked.
  • Deletion. You can delete your account yourself at any time from your account settings, or by emailing support@coachfile.app. We honor a 30-day grace period during which deletion can be reversed, then permanently delete your data.
  • Correction. You can edit your account and client data directly in the app at any time.

If you are in the EEA or UK (GDPR): For your own account data, we process it to perform our contract with you and to keep the service secure. For the client data you enter, you are the data controller and we act as your processor; a Data Processing Agreement is available on request at support@coachfile.app. If one of your clients asks to exercise their data rights, please direct that request to you as the controller, and we will support you in fulfilling it.

If you are a California resident (CCPA/CPRA): You have the right to know what we collect, to request deletion, to request correction, and to not be discriminated against for exercising these rights. We do not sell or share your personal information as those terms are defined under California law.

Where your data lives

CoachFile data is stored in the United States. EU data residency is available on the Mastermind plan on request. When you use CoachFile from outside the United States, your data is transferred to and processed in the United States by us and our subprocessors.

Children

CoachFile is a professional tool intended for adult coaches. It is not directed to, and not intended for use by, anyone under 18. We do not knowingly create accounts for minors. As a coach, you are responsible for the lawfulness of any client information you enter, including any information about minors.

Security incidents

Our policy is to notify affected customers within 24 hours of confirming a material data-exposure event, and to keep system-status information current during service incidents. No service can promise zero incidents, but we commit to handling them transparently.

Changes to this policy

We may update this Privacy Policy from time to time. For material changes, we will give 30 days advance notice by email and update the "Last updated" date at the top of this page.

Contact us

Questions about this policy, your data, or a privacy or data-rights request? Email us at support@coachfile.app. A Data Processing Agreement is available on request.

See also our Terms of Service.