Coaching Loft Privacy Policy


The act of coaching is deeply personal.  It commonly involves sharing intimate details of what people are dealing with, what their ambitions are, what problems arise, and much more.  We know full well that the expectation of privacy in a coaching relationship is essential.  It is vital to the foundation of trust between coach and client that is so often necessary to do meaningful work in a coaching relationship.  AS SUCH we recognize that, for Coaching Loft to serve as the hub for communication and documentation of the coaching process, we need to have the utmost respect for the privacy of coaches and the people they coach and treat all data with care according to rigorous standards of confidentiality and security. This Privacy Policy outlines what information we collect, how we use it, your rights, and our practices around that information.



All of the information we collect in Coaching Loft is in one of three varieties.



This is the stuff of "who's who" in the system: coaches who sign up, the clients they add to the system, and the other coaches that are added to any given Team Edition account.

The information collected is, at minimum, name, username, email address, and password.

(Well actually we only store a garbled-up version of passwords through the groovy mathematical trick of one-way hashing--we have no idea what your real password is, but when you log in, we sure can compute whether or not you do!)

Additional user account information that CAN be optionally entered and stored includes:

  • Address
  • Telephone number(s)
  • Time zone
  • Avatar image
  • Gender



All user information is used exclusively for the delivery of the Coaching Loft application user experience.  Specifically, this includes:

  • Proper identification and authentication to access the system based on login credentials (username and password).
  • In-app display of user activity (e.g. a name & headshot of who posted a comment).
  • Sending emails (including system-generated notifications, messages to and from system users, and messages from CL staff to system users).
  • Sending system-generated text messages to users with North American cell phone numbers.
  • Conversion of times (e.g. "Sent on:" dates) to a user's time zone.
  • Generation of gender-specific language (e.g. using "his" or "her" rather than "their").
  • CL staff to identify users when assisting with support requests.
  • Management and processing of subscription payments for the Coaching Loft service.

And that's it.  It's just for Coaching Loft to communicate with users and the delivery of the Coaching Loft application itself.



This is automatically collected log information, including AND limited to:

  • Records of login activity (who logged in, when, which browser, and from what IP address)
  • Records of in-app activity (who issued what request to the server in the course of using the application, when, and the CPU run time of processing the request)
  • Records of visits to the public-facing marketing website and blog.



This information is used exclusively by CL staff and exclusively for the purposes of aiding in support, troubleshooting, debugging, and performance tuning.  When someone reports an issue it's super nice not to have to ask which browser they were using.  This record is also handy to figure out when we can drop support for the next oldest version of IE without making anyone mad. :)



This is the real meat of why anyone would use Coaching Loft.  "Coaching Data" encompasses anything that the coach (or in many cases coachee) can set up in the course of using CL to support, document, or communicate within a coaching relationship, including but not limited to:

  • Action items
  • Metrics and data
  • Worksheets
  • Session Notes
  • Journal Entries
  • File uploads, links, and embedded media
  • Whiteboards
  • Appointments and calendar data feeds
  • Templates
  • Courses
  • Other in-app settings



We don't.  Ever.  That's your business, not ours.

Technically, though, there is something we do with it, and it is exactly what you'd expect.  We capture and store coaching data, as entered by coaches and the people they coach, for the purpose of making it accessible to authorized users, including but not limited to:

  • Data that can be accessed in-app by the user who entered it.
  • Data that can be accessed in-app by other users who should see it (e.g. Action items set up by a coach for a client, or Session Notes for a client that were NOT marked private).
  • Data delivered by email to other parties as initiated by user action (e.g. a progress report set to send weekly to a designated email recipient).
  • Appointment data privately made available for calendar system interchange.



Coaching Loft, like any other web application uses cookies. The cookies we set:

  • Site preferences cookies

    In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences we need to set cookies so that this information can be called whenever you interact with a page that is affected by your preferences.

To know more details on how we use cookies, read our Cookie Policy.



You have the right to be forgotten by Coaching Loft.  This applies to both coaches and clients.  A coach is able to delete any and all client data within the system at any time.  Upon request Coaching Loft will be happy to delete coach accounts, provided the request comes from a suitably authorized party and the request doesn't clash with the rights of others.

You have the right to correct your data stored within Coaching Loft.  From the "My Account" page a user is free to update whatever account information.  Coach and client are jointly empowered to rectify any coaching data.

The only exception is a retroactive modification of the record of appointments.  This is for the sake of having a largely immutable record, to benefit both parties with regard to common coaching engagement terms.  These can be modified by CL staff upon request.

You have the right to know what data is processed about you by Coaching Loft.  Reading this very privacy policy grants you this right.

You have the right of portability of your data stored by Coaching Loft.  If you want to get your data out of Coaching Loft, you have options.  HTML Client Export Files, numerous downloadable reports, and the raw dump of all account data in JSON each allow you to get your data out.

These rights are mandated by the GDPR for citizens of the European Union, but Coaching Loft is proud to extend these rights to EVERYONE, and is proud to have had these rights be in full effect since day one of our business.  We feel these things are just the right thing to do, and we don't (and never did) require any given jurisdiction to twist our arm to make them available to all. 

For more details regarding the GDPR compliance of the Coaching Loft platform, read our GDPR Compliance overview.



Coaching Loft owns the code, databases, and all rights to the Coaching Loft application. You retain all rights to your data. We use third-party vendors to provide hosting, necessary hardware, software, financial processing, networking, storage, and related technology.

To protect the security of personal information submitted to us, Coaching Loft follows generally accepted industry standards both during transmission and after the information is received. All information you provide to us is stored on secure servers. All exchanges between you and the application via the internet are encrypted using TLS encryption.

Where you have chosen a password that enables you to access your account within the application you are responsible for keeping this password confidential. If you choose to share your password, i.e. with a virtual assistant, you do so at your own risk. You may change your password at any time by going to your My Account page.

No method of transmission over the Internet, or method of electronic storage, is 100% secure. We strive to use rigorously secure means to protect your personal information. However, we cannot guarantee its absolute security. Coaching Loft has no liability for disclosure of your information, whether due to errors, unauthorized and improper acts, or otherwise.

If a security breach causes an unauthorized intrusion into our system that materially affects you or your clients, then we will notify you as soon as possible and later report the action we took in response.



While we are the primary custodian and caretaker for your data as entered into Coaching Loft, there are a few companies who will be handling certain parts of your data as a matter of course for us to provide the service.  These companies are authorized to use your personal information only as necessary to provide these services to us, which these services may include:

  • Providing our hosting server infrastructure
  • Payment processing
  • Providing customer service
  • Providing website visitor analytics
  • Sending email & SMS communications

These third-party companies are subject to strict data processing terms and are prohibited from using your data for any purpose other than as they have been specifically contracted for.



We are proud to charge for our product: actual real money by which we can run our business.  As such, it's the Coaching Loft application that is the real product we traffic in: you (and your data) are NOT the product.


As such, to put your mind to rest, here are some things we DON'T do:

  • We don't sell your data
  • We don't sell/rent/give your email to other parties for the purpose of marketing to you (or for anything else)
  • We don't use your data to serve you ads
  • We don't use your data for research, machine learning, underhanded social engineering experiments, etc.
  • We don't use your data to undermine democracy, or for any other terrible application.



The information we collect is not shared with, rented or sold to others except under the following circumstances:

In order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Coaching Loft's Terms of Service, or as otherwise required by law.

To comply with a governmental entity request or with any legal proceeding or process, or if we believe in good faith that such release is necessary in order to protect the rights, property or safety of Coaching Loft, our users or other third parties.

If Coaching Loft is acquired by or merged with another company. In this event, Coaching Loft will notify you via email, in-system alerts and/or with prominent notices on the Coaching Loft website before information about you is transferred and becomes subject to a different privacy policy.



The Site and the Services are not directed to children under the age of 14, and Coaching Loft does not knowingly collect or use any information from children under the age of 14.

If you know of or have reason to believe anyone under the age of 14 has provided us with any personal data, please contact us.  If we learn that Coaching Loft has collected information from a child under the age of 14 we will delete that information as quickly as possible.



Because we serve clients all around the world, Coaching Loft proudly is continuously working to comply with EU as well as U.S. Privacy Frameworks.

With respect to personal data received or transferred pursuant to the Privacy Laws and Frameworks of the United Arab Emirates, Coaching Loft is subject to the regulatory enforcement powers of the United Arab Emirates.

We are responsible for the processing of Personal Information we receive under each Privacy Shield Framework and subsequent transfers to service provider third parties. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.



In compliance with the our Privacy Compliance Principles, (and in compliance with being just plain decent human beings) Coaching Loft commits to resolve complaints about our collection or use of your personal information. If you have inquiries or complaints regarding our Privacy Shield policy or handling of your data in general, please first contact us directly:

Wassim Karkabi, Owner and Founder, [email protected].

We'll do what we can to get the matter sorted promptly.



Coaching Loft reserves the right to modify or update this Policy at any time. If we make significant changes to this Policy, we will notify you via the News tab within the Coaching Loft application, prominently displayed on the Coaching Loft website and/or via email, at least 30 days prior to the implementation of the changes.



If you have any questions, concerns, or complaints about our Privacy Policy we'd love to hear them!  Please email us at [email protected].


Owner and Data Controller

Coaching Loft – Dubai Knowledge Village, P.O.Box 500195 Dubai, UAE

Owner contact email: [email protected]