1. THE INFORMATION WE COLLECT, AND HOW WE USE IT
All of the information we collect in Coaching Loft is in one of three varieties.
1.1 USER ACCOUNT INFORMATION
This is the stuff of "who's who" in the system: coaches who sign up, the clients they add to the system, and the other coaches that are added to any given Team Edition account.
The information collected is, at minimum, name, username, email address, and a password.
(Well actually we only store a garbled up version of passwords through the groovy mathematical trick of one-way hashing--we have no idea what your real password is, but when you log in, we sure can compute whether or not you do!)
Additional user account information that CAN be optionally entered and store includes:
- Telephone number(s)
- Time zone
- Avatar image
1.2 HOW WE USE ACCOUNT INFORMATION
All user information is used exclusively for delivery the Coaching Loft application user experience. Specifically, this includes:
- Proper identification and authentication to access the system based on login credentials (username and password).
- In-app display of user activity (e.g. a name & head shot of who posted a comment).
- Sending emails (including system-generated notifications, messages to and from system users, and messages from CA staff to system users).
- Sending system-generated text messages to users with North American cell phone numbers.
- Conversion of times (e.g. "Sent on:" dates) to a user's time zone.
- Generation of gender specific language (e.g. using "his" or "her" rather than "their").
- CA staff to identify users when assisting with support requests.
- Management and processing of subscription payments for the Coaching Loft service.
And that's it. It's just for Coaching Loft to communicate with users and the delivery of the Coaching Loft application itself.
1.3 USAGE DATA
This is automatically collected log information, including AND limited to:
- Records of log in activity (who logged in, when, which browser, and from what IP address)
- Records of in-app activity (who issued what request to the server in the course of using the application, when, and the CPU run time of processing the request)
- Records of visits to the public facing marketing website and blog.
1.4 HOW WE USE USAGE DATA
This information is used exclusively by CA staff and exclusively for the purposes of aiding in support, troubleshooting, debugging, and performance tuning. When someone reports an issue it's super nice not to have to ask which browser they were using. This record is also handy to figure out when we can drop support for the next oldest version of IE without making anyone mad. :)
1.5 COACHING DATA
This is the real meat of why anyone would use Coaching Loft. "Coaching Data" encompasses anything that coach (or in many cases coachee) can set up in the course of using CA to support, document, or communicate within a coaching relationship, including but not limited to:
- Action items
- Metrics and data
- Session Notes
- Journal Entries
- File uploads, links and embedded media
- Appointments and calendar data feeds
- Other in-app settings
1.6 HOW WE USE COACHING DATA
We don't. Ever. That's your business, not ours.
Technically, though, there is something we do do with it, and it is exactly what you'd expect. We capture and store coaching data, as entered by coaches and the people they coach, for the purpose of making it accessible to authorized users, including but not limited to:
- Data that can be accessed in app by the user who entered it.
- Data that can be accessed in app by other users who should see it (e.g. Action items set up by coach for a client, or Session Notes for a client that were NOT marked private).
- Data delivered by email to other parties as initiated by user action (e.g. a progress report set to send weekly to a designated email recipient).
- Appointment data privately made available for calendar system interchange.
2. YOUR RIGHTS
You have the right to be forgotten by Coaching Loft. This applies to both coach and clients. A coach is able to delete any and all client data within the system at any time. Upon request Coaching Loft will be happy to delete coach accounts, provided the request comes from a suitably authorized party and the request doesn't clash with the rights of others.
You have the right to correct your data stored within Coaching Loft. From the "My Account" page a user is free to update whatever account information. Coach and client are jointly empowered to rectify any coaching data.
The only exception is retroactive modification of the record of appointments. This is for the sake of having a largely immutable record, to benefit both parties with regard to common coaching engagement terms. These can be modified by CA staff upon request.
You have the right of portability of your data stored by Coaching Loft. If you want to get your data out of Coaching Loft, you have options. HTML Client Export Files, numerous downloadable reports, and the raw dump of all account data in JSON each allow you to get your data out.
These rights are mandated by the GDPR for citizens of the European Union, but Coaching Loft is proud to extend these rights to EVERYONE, and is proud to have had these rights be in full effect since day one of our business. We feel these things are just the right thing to do, and we don't (and never did) require any given jurisdiction to twist our arm to make them available to all.
3. DATA STORAGE AND SECURITY
Coaching Loft owns the code, databases, and all rights to the Coaching Loft application. You retain all rights to your data. We use third party vendors to provide hosting, necessary hardware, software, financial processing, networking, storage, and related technology.
To protect the security of personal information submitted to us, Coaching Loft follows generally accepted industry standards both during transmission and after the information is received. All information you provide to us is stored on secure servers. All exchanges between you and the application via the internet are encrypted using TLS encryption.
Where you have chosen a password that enables you to access your account within the application you are responsible for keeping this password confidential. If you choose to share your password, i.e. with a virtual assistant, you do so at your own risk. You may change your password at any time by going to your My Account page.
No method of transmission over the Internet, or method of electronic storage, is 100% secure. We strive to use rigorously secure means to protect your personal information. However, we cannot guarantee its absolute security. Coaching Loft has no liability for disclosure of your information, whether due to errors, unauthorized and improper acts, or otherwise.
If a security breach causes an unauthorized intrusion into our system that materially affects you or your clients, then we will notify you as soon as possible and later report the action we took in response.
4. DATA SHARING WITH SERVICE PROVIDERS
While we are the primary custodian and caretaker for your data as entered in to Coaching Loft, there are a few companies who will be handling certain parts of your data as a matter of course for us to provide the service. These companies are authorized to use your personal information only as necessary to provide these services to us, to which these services may include:
- Providing our hosting server infrastructure
- Payment processing
- Providing customer service
- Providing website visitor analytics
- Sending email & SMS communications
These third party companies are subject to strict data processing terms and are prohibited from using you data for any purpose other than as they have been specifically contracted for.
5. THINGS WE PROUDLY DON'T DO
We are proud to charge for our product: actual real money by which we can run our business. As such, it's the Coaching Loft application that is the real product we traffic in: you (and your data) are NOT the product.
As such, to put your mind to rest, here are some things we DON'T do:
- We don't sell your data
- We don't sell/rent/give your email to other parties for the purpose of marketing to you (or for anything else)
- We don't use your data to serve you ads
- We don't use your data for research, machine learning, underhanded social engineering experiments, etc.
- We don't use your data to undermine democracy, or for any other terrible application.
6. DISCLOSURE UNDER LEGAL NECESSITY
The information we collect is not shared with, rented or sold to others except under the following circumstances:
In order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Coaching Loft's Terms of Service, or as otherwise required by law.
To comply with a governmental entity request or with any legal proceeding or process, or if we believe in good faith that such release is necessary in order to protect the rights, property or safety of Coaching Loft, our users or other third parties.
The Site and the Services are not directed to children under the age of 14, and Coaching Loft does not knowingly collect or use any information from children under the age of 14.
If you know of or have reason to believe anyone under the age of 14 has provided us with any personal data, please contact us. If we learn that Coaching Loft has collected information from a child under the age of 14 we will delete that information as quickly as possible.
8. PRIVACY COMPLIANCE
Our servers and offices are located in the United Arab Emirates, so your usage of Coaching Loft means your information will be transferred to and stored there. Because we serve clients all around the world, Coaching Loft proudly is continuously working to comply with EU as well as U.S. Privacy Frameworks.
With respect to personal data received or transferred pursuant to the Privacy Laws and Frameworks of the United Arab Emirates, Coaching Loft is subject to the regulatory enforcement powers of the United Arab Emirates.
We are responsible for the processing of Personal Information we receive under each Privacy Shield Framework and subsequent transfers to service provider third parties. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
9. ADDRESSING CONCERNS AND COMPLAINTS
In compliance with the our Privacy Compliance Principles, (and in compliance with being just plain decent human beings) Coaching Loft commits to resolve complaints about our collection or use of your personal information. If you have inquiries or complaints regarding our Privacy Shield policy or handling of your data in general, please first contact us directly:
Wassim Karkabi, Owner and Founder, w.karkabi@CoachingLoft.com.
We'll do what we can to get the matter sorted promptly.
10. CHANGES TO THIS POLICY
Coaching Loft reserves the right to modify or update this Policy at any time. If we make significant changes to this Policy, we will notify you via the News tab within the Coaching Loft application, prominently displayed on the Coaching Loft website and/or via email, at least 30 days prior to the implementation of the changes.
11. CONTACT US