Privacy Policy
Last updated: 25 April 2026
RiseCoach ("we", "our", or "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our coaching platform at risecoach.app. It applies to all users — coaches and coachees — regardless of where you are located.
1. Who We Are
RiseCoach is a coaching management platform. Our contact address for all privacy matters is hello@risecoach.app.
2. What Data We Collect
We collect the following categories of personal data:
Account data: Full name and email address, provided when you register or are invited to the platform.
Profile data: Organisation name, logo, and brand colour (coaches only).
Session data: Coaching session titles, dates, times, notes, and meeting links created within the platform.
Calendar data: If you connect Google Calendar, we store an OAuth access token and refresh token to create, update, and delete calendar events on your behalf. We do not read your existing calendar events.
Payment data: Subscription and billing information is handled by Stripe. We do not store your card details. We receive confirmation of payment status from Stripe.
Usage data: Log data, IP address, browser type, and pages visited, collected automatically when you use the platform.
Referral data: If you share a referral link, we record which new users signed up through your link.
3. How We Use Your Data
We use your personal data to:
- Provide, maintain, and improve the RiseCoach platform
- Create and manage your account
- Schedule coaching sessions and send calendar invites
- Process payments and manage subscriptions via Stripe
- Send transactional emails (session confirmations, magic login links)
- Track referrals and apply referral credits
- Respond to your support requests
- Comply with legal obligations
We do not use your data for advertising, and we do not sell your data to third parties.
4. Third-Party Services
We share data with the following trusted third-party providers who process data on our behalf:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database & authentication | EU / USA |
| Vercel | Hosting & infrastructure | USA |
| Calendar integration & Meet links | USA | |
| Stripe | Payment processing | USA |
| Resend | Transactional email delivery | USA |
| Cloudflare R2 | File & asset storage | Global |
All providers are subject to data processing agreements and comply with applicable data protection laws including GDPR where applicable.
5. Data Retention
We retain your data for as long as your account is active or as needed to provide services. Specifically:
- Account data is retained until you request deletion
- Session notes and records are retained for the duration of the coaching relationship
- Google Calendar tokens are deleted immediately when you disconnect Google Calendar
- Payment records are retained for 7 years for legal and tax compliance
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you
- Correction — request that inaccurate data be corrected
- Deletion — request that your data be deleted ("right to be forgotten")
- Portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
- Withdraw consent — withdraw consent at any time (e.g. disconnect Google Calendar)
To exercise any of these rights, email us at hello@risecoach.app. We will respond within 30 days.
7. Data Security
We implement appropriate technical and organisational measures to protect your data, including encryption in transit (TLS), row-level security policies on our database, and access controls. No system is 100% secure; if you discover a security issue, please report it to hello@risecoach.app.
8. International Transfers
RiseCoach operates globally. Your data may be transferred to and processed in countries outside your own, including the United States. Where we transfer data from the EEA, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) in accordance with GDPR requirements.
9. Children's Privacy
RiseCoach is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on the platform. The "Last updated" date at the top of this page indicates when the policy was last revised.
11. Contact Us
For any privacy-related questions or to exercise your rights, please contact us at: hello@risecoach.app