Back to login

Privacy Policy

Effective date: April 23, 2026

Last updated: April 23, 2026

This Privacy Policy explains how Mindful Guidance MR, LLC ("ClickCoach," "we," "us," or "our") collects, uses, discloses, and protects information when you use the ClickCoach website, application, and related services (collectively, the "Service") at https://clickcoach.io and https://new.clickcoach.io.

By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

Contents

  • Who We Are
  • Information We Collect
  • Google User Data
  • How We Use Information
  • How We Share Information
  • Data Controller and Processor Roles
  • Coaching Client Data
  • Data Storage and Security
  • Data Retention
  • Your Rights
  • Cookies and Analytics
  • Children's Privacy
  • International Data Transfers
  • Breach Notification
  • Changes to This Policy
  • Contact Us

1. Who We Are

ClickCoach is a coaching-practice management platform operated by Mindful Guidance MR, LLC, a Florida limited liability company.

Mindful Guidance MR, LLC (d/b/a ClickCoach)
750 N Ocean Blvd, Ste 1410
Pompano Beach, FL 33062
United States
Email: support@clickcoach.io

2. Information We Collect

2.1 Coach account information (our subscribers)

ClickCoach is a paid service used exclusively by professional coaches. When a coach creates an account, we collect:

  • Name, email address, and password (stored hashed).
  • Business details such as coaching practice name, website, and profile photo.
  • Phone number (optional).
  • Billing information processed by Stripe (we do not store full card numbers).
  • Communications you send to our support team.

2.2 Coaching client information (entered by coaches)

Coaches enter information about their coaching clients into ClickCoach. This information is entered and controlled by the coach, and ClickCoach stores it on the coach's behalf. See Section 7 for how we handle this data. Categories may include:

  • Name, email address, and phone number.
  • Session notes, journals, and coaching observations.
  • Goals, progress tracking, assessments, and homework assignments.
  • Documents and files uploaded by the coach, which may include audio recordings if the coach chooses to upload them (ClickCoach itself does not record coaching sessions).
  • Scheduled session times, Zoom meeting links, and completion status.
  • Course completion certificates.

We do not collect payment card data about coaching clients.

2.3 Information collected automatically

  • Usage data: pages visited, features used, session duration, timestamps.
  • Device and log data: IP address, browser type, operating system, referring URLs.
  • Analytics events: collected via our own in-house analytics dashboard and the third-party services listed in Section 11.

2.4 Information from third-party integrations

When a coach connects a third-party account to ClickCoach (such as Google Calendar), we receive information from that service as described in Section 3.

3. Google User Data

Limited Use Disclosure.ClickCoach's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

3.1 Google scopes we request

When a coach connects their Google account, we request one OAuth scope:

  • https://www.googleapis.com/auth/calendar.events— view and edit events on the coach's calendars.

3.2 How we use Google user data

We use data obtained through Google APIs solely to provide user-facing features of ClickCoach:

  • Display existing calendar events inside ClickCoach so the coach can see their schedule while booking a new coaching session and visually identify conflicts.
  • Create events on the coach's primary calendar when a coaching session is scheduled in ClickCoach, including session title, start/end time, description, Zoom link, and the coaching client as an attendee.
  • Update events when the coach reschedules or edits a session.
  • Delete events when the coach cancels a session.

3.3 What we do not do with Google user data

  • We do not transfer Google user data to third parties except as necessary to provide or improve user-facing features of ClickCoach, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with user notice.
  • We do not use Google user data for serving advertisements, including retargeted or personalized advertising.
  • We do not allow humans to read Google user data unless we have obtained the user's affirmative agreement for specific messages, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or for internal operations where the data has been aggregated and anonymized.
  • We do not use Google user data to develop, improve, or train generalized AI or machine learning models.
  • We do not access, create, modify, or delete calendars other than those events the coach creates or modifies through ClickCoach, and we do not store a long-term copy of the coach's calendar contents on our servers.

3.4 Revoking Google access

A coach can revoke ClickCoach's access to their Google account at any time by:

When access is revoked, we delete the stored OAuth tokens within 30 days. Calendar events previously created by ClickCoach remain on the coach's calendar unless deleted through ClickCoach or manually by the coach.

4. How We Use Information

  • To provide, maintain, and improve the Service.
  • To authenticate coaches and keep accounts secure.
  • To synchronize coaching sessions between ClickCoach and connected calendars.
  • To deliver transactional emails to coaches and their coaching clients, including session reminders, confirmations, homework, assignments, and course completion certificates.
  • To process subscription payments and manage billing.
  • To respond to support requests and communicate service updates.
  • To detect, prevent, and address fraud, abuse, or technical issues.
  • To comply with legal obligations.

We do not sell personal information, and we do not use personal information for marketing or advertising purposes. ClickCoach does not send marketing emails.

5. How We Share Information

We share information only with service providers that help us operate the Service, and only to the extent necessary for them to perform their functions. Each provider is contractually obligated to handle data confidentially and in compliance with applicable law.

ProviderPurposeData involved
VercelApplication hostingAll data processed by the Service (in transit)
DigitalOceanManaged PostgreSQL databaseAccount data, coaching client records, session data
StripePayment processing for coach subscriptionsCoach billing details; payment card data handled directly by Stripe
PostmarkTransactional email deliveryCoach and coaching client email addresses, email contents (reminders, confirmations, homework, assignments, certificates)
Google (Google Calendar API)Calendar synchronizationCoaching session event details (see Section 3)
Google AnalyticsWebsite and product analyticsUsage data, pseudonymous device identifiers
Vercel AnalyticsProduct analytics (planned)Usage data, pseudonymous device identifiers

We may also disclose information:

  • To comply with law: when required by subpoena, court order, or other legal process, or to protect the rights, property, or safety of ClickCoach, our users, or others.
  • In business transfers: in connection with a merger, acquisition, or sale of assets, with prior notice to affected users.
  • With your consent: for any other purpose disclosed at the time of collection.

6. Data Controller and Processor Roles

ClickCoach's role depends on whose data is involved:

  • For coach account data (information about the coach subscriber), ClickCoach acts as the data controller. We determine how this information is collected and used.
  • For coaching client data (information the coach enters about their clients), ClickCoach acts as the data processor. The coach is the data controller of their clients' information and is responsible for establishing a lawful basis for collecting it, providing notice to their clients, and obtaining any consents required by applicable law.

ClickCoach processes coaching client data only on the documented instructions of the coach, except where required to do otherwise by law. Coaches who require a Data Processing Addendum (DPA) for compliance with GDPR, UK GDPR, or similar regulations may request one by emailing support@clickcoach.io.

7. Coaching Client Data

Coaching clients do not create ClickCoach accounts and do not log into the Service. They may, however, receive emails from ClickCoach (sent on behalf of their coach via Postmark) that include session reminders, confirmations, homework, assignments, and course completion certificates.

7.1 How we protect coaching client data

  • Coaching client records are stored in the coach's tenant within the ClickCoach database and are accessible only to that coach and to authorized ClickCoach personnel performing system maintenance, security investigations, or responding to support requests.
  • Session notes, journals, documents, and uploaded files are treated as sensitive and are not used for any purpose other than providing the Service to the coach.
  • ClickCoach does not sell coaching client data and does not use it for advertising, profiling, or training AI or machine learning models.

7.2 Rights of coaching clients

If you are a coaching client and want to access, correct, or delete information about you held in ClickCoach, you can:

  • Contact your coach directly — they have primary control over your record, and
  • Contact ClickCoach at support@clickcoach.io. We will handle the request directly and coordinate with your coach as needed. We will respond within 30 days.

8. Data Storage and Security

ClickCoach is hosted on Vercel, and user data is stored in a DigitalOcean Managed PostgreSQL database located in the United States. Data is encrypted in transit using TLS 1.2 or higher and at rest using industry-standard encryption (AES-256 or equivalent).

Security measures we maintain include:

  • Role-based access controls limiting employee access to production systems.
  • Encrypted storage of OAuth tokens and credentials.
  • Regular automated backups with encryption.
  • Monitoring through an in-house error and activity dashboard.
  • Secure software development practices including code review and dependency scanning.

While we implement reasonable administrative, technical, and physical safeguards, no method of transmission or storage is 100% secure. You are responsible for keeping your account credentials confidential.

9. Data Retention

  • Coach account data: retained while the account is active and for up to 90 days after account deletion, except where longer retention is required by law.
  • Coaching client data: retained at the direction of the coach. When a coach deletes a client record, it is removed from active systems within 30 days. When a coach closes their ClickCoach account, all coaching client records in their tenant are deleted within 90 days.
  • Google OAuth tokens: deleted within 30 days after the integration is disconnected or the account is closed.
  • Transactional email logs (Postmark): retained for up to 45 days for deliverability troubleshooting, then purged.
  • Billing records: retained for up to seven (7) years as required by applicable tax and accounting laws.
  • Backups: residual copies may persist in encrypted backups for up to 180 days before being overwritten.
  • Support correspondence: retained for up to 2 years after the conversation ends.

10. Your Rights

Depending on where you live, you may have the following rights regarding your personal information:

  • Access: request a copy of the personal information we hold about you.
  • Correction: request that we correct inaccurate or incomplete information.
  • Deletion: request that we delete your personal information.
  • Portability: request a machine-readable copy of your information.
  • Objection or restriction: object to or restrict certain processing.
  • Withdraw consent: withdraw consent for processing based on consent.

To exercise these rights, email support@clickcoach.io. We respond within 30 days. You may also lodge a complaint with a data protection authority in your jurisdiction.

California residents (CCPA/CPRA)
California residents have the right to know what personal information we collect, to request deletion, to correct inaccurate information, to opt out of the "sale" or "sharing" of personal information, and to limit use of sensitive personal information. ClickCoach does not sell or share personal information as those terms are defined under California law, and we do not use sensitive personal information for purposes requiring an opt-out.

EEA, UK, and Swiss residents (GDPR / UK GDPR)
We process personal data under these legal bases: performance of a contract (to deliver the Service), legitimate interests (to secure and improve the Service), consent (for optional features), and legal obligation. For coaching client data, the coach is the data controller and establishes the legal basis for processing.

11. Cookies and Analytics

We use cookies and similar technologies for:

  • Authentication — keeping coaches signed in (essential).
  • Preferences — remembering UI settings (essential).
  • Analytics — understanding how the Service is used. We use our own in-house analytics, Google Analytics, and (planned) Vercel Analytics. These services may set cookies or similar identifiers.

We do not use cookies for cross-site advertising. You can control cookies through your browser settings, but disabling essential cookies may prevent you from using the Service.

12. Children's Privacy

The Service is intended for use by professional coaches and is not directed to children under 13 (or under 16 in the EEA and UK). We do not knowingly collect personal information from children. If a coach uses ClickCoach in connection with coaching a minor, the coach is responsible for obtaining any parental or guardian consent required by applicable law. If you believe a child has provided information to us directly, contact support@clickcoach.io and we will delete it.

13. International Data Transfers

ClickCoach operates from the United States and stores data on U.S.-based infrastructure. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

14. Breach Notification

If ClickCoach becomes aware of a personal data breach affecting your information, we will notify you and, where required, the appropriate regulatory authority without undue delay and, where feasible, within 72 hours of becoming aware, in accordance with applicable law.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify affected users by email or through an in-app notice at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the latest revision.

16. Contact Us

If you have questions about this Privacy Policy or our data practices, or if you want to exercise any of the rights described above, contact us at:

Mindful Guidance MR, LLC (d/b/a ClickCoach)
750 N Ocean Blvd, Ste 1410
Pompano Beach, FL 33062
United States
Email: support@clickcoach.io
Website: https://clickcoach.io

© 2026 Mindful Guidance MR, LLC. All rights reserved.

© 2026 ClickCoach. All rights reserved.