← PAI Coaching

Privacy Policy

Last updated: April 5, 2026

PAI Coaching takes your privacy seriously. This policy explains what data we collect, why, where it goes, and what control you have over it. We've written this in plain English because you deserve to actually understand it.

What We Collect

Information You Provide

  • Account information: Your email address (used for login and account recovery)
  • Coaching check-ins: Your responses during coaching conversations (wins, challenges, intentions)
  • Self-reported wellness data: Weight, blood pressure, mood, sleep, exercise logs — only what you choose to enter
  • Captured thoughts: Reflections, quotes, learning notes, connections
  • Goals and commitments: What you're working toward and tracking

Information We Generate

  • Coaching session notes: Structured summaries created by the AI after each coaching conversation. You review these before they are saved.

Information Collected Automatically

  • Device and browser type: For compatibility and debugging
  • Access times: When you use the app
  • Feature usage: Which features you use (aggregated, not granular tracking)

What We Do NOT Collect or Store

  • Raw conversation transcripts: We never store the full text of your coaching conversations. Only the structured session notes (which you review) are saved.
  • Biometric identifiers: We do not collect fingerprints, facial geometry, iris scans, or voiceprints. Passkey authentication uses your device's built-in biometrics (like Face ID or fingerprint) — that biometric data stays on your device and is never transmitted to us.
  • Location data: We do not track your location.
  • Contacts or phone data: We do not access your contacts, photos, or other device data.

How Your Data Is Used

  • To provide coaching: Your data is used to personalize your coaching experience — tracking your goals, recognizing patterns, and providing relevant support
  • To generate AI responses: When you have a coaching conversation, your messages are sent to our AI provider for processing (see "AI Processing" below)
  • To improve the service: Aggregated, de-identified usage patterns help us improve features. We do not sell or share your individual data for this purpose.

AI Processing — How Conversations Work

When you have a coaching conversation, your messages are sent to Anthropic's Claude API for processing. Here's what you should know:

  • Anthropic processes your messages to generate coaching responses
  • Anthropic does not use your conversations to train their AI models (per their API data processing terms)
  • We store only the structured session notes that result from conversations — the notes you review and approve
  • Raw conversation text is not retained by us after your session ends
  • Anthropic's handling of data during processing is governed by their privacy policy and our data processing agreement with them

Where Your Data Is Stored

Your data is stored on Cloudflare's global edge network using Cloudflare D1 (SQLite) databases. Data is:

  • Encrypted in transit (TLS/HTTPS)
  • Encrypted at rest by Cloudflare's infrastructure
  • Stored across Cloudflare's global network for performance and reliability

Who We Share Data With

We do not sell your data. Period.

We share data only with:

  • Anthropic (Claude API): Your conversation messages during active coaching sessions, as described above
  • Cloudflare: As our infrastructure provider, Cloudflare hosts your data
  • Stripe: If you are on a paid tier, Stripe processes your payment. We do not see or store your full card number.

We will disclose data if required by law (e.g., a valid court order), but we will notify you if legally permitted to do so.

HIPAA — Why It Doesn't Apply Here

PAI Coaching is not a healthcare provider, health plan, or healthcare clearinghouse. We are not a "covered entity" under HIPAA, and the HIPAA Privacy Rule does not apply to information you provide through this service.

The health-related information you choose to share (such as weight, blood pressure, sleep, or exercise) is personal wellness data that you voluntarily enter. It is not protected health information (PHI) as defined under HIPAA.

That said, we treat your wellness data with the same care and security standards we apply to all your data.

Biometric Data (BIPA Compliance)

PAI Coaching does not collect, store, or process biometric identifiers or biometric information as defined under the Illinois Biometric Information Privacy Act (BIPA) or similar state laws.

Passkey authentication relies on your device's built-in biometric sensors. Your fingerprint, face, or other biometric data is processed entirely on your device by your operating system. It is never transmitted to our servers.

Your Rights (Including GDPR and CCPA)

Regardless of where you live, you have these rights:

  • Access: Request a copy of all data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and all associated data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to specific processing of your data

For users in the European Economic Area or United Kingdom (GDPR)

Health and wellness data you provide may be considered "special category data" under GDPR Article 9. We process this data based on your explicit consent, which you provide by voluntarily entering it into the service. You may withdraw consent at any time by deleting the data or your account.

We will respond to any data rights request within 30 days.

For users in California (CCPA/CPRA)

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. You have the right to know what data we collect, to delete it, and to not be discriminated against for exercising your rights.

To exercise any of these rights, contact us at privacy@paicoach.com.

Data Retention and Deletion

We retain your data for as long as your account is active. When you request deletion:

  • Your account and all associated data will be deleted within 30 days
  • Some data may persist in encrypted backups for up to 90 days before being permanently removed
  • Aggregated, de-identified data that cannot be traced back to you may be retained for service improvement

Children's Privacy

PAI Coaching is not intended for anyone under 18. We do not knowingly collect data from minors. If we learn that we have collected data from someone under 18, we will delete it promptly.

Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date above and, for material changes, notify you via the app or email.

Contact

Questions about this privacy policy? Contact us at privacy@paicoach.com.