Privacy & Security

Privacy Frequently Asked Questions

Find answers to common questions about how JourneyLoop protects your coaching data with enterprise-grade security and privacy controls.

Quick Navigation

Jump to your privacy questions

Session Data Security

Who Can Access My Data

AI Processing

Coach IP Protection

Client Portal Security

Data Control

Legal Compliance

Session Data Security

How are my coaching session recordings and transcripts stored?

Your coaching data is stored using Supabase, an enterprise-grade database platform with industry-leading security:

SOC 2 Type 2 Compliant
Independently audited security controls
HIPAA Compliant
Healthcare-grade security standards
AES-256 Encryption
Data encrypted at rest and in transit
Daily Backups
Point-in-Time Recovery protection

Note: We never store raw audio files - only the transcripts you choose to upload or generate.

What security measures protect my sensitive coaching conversations?

We leverage multi-layered security with both infrastructure and application-level protections:

Infrastructure Security (Supabase)

Regular penetration testing
Vulnerability scanning via Vanta & Snyk
DDoS protection via Cloudflare CDN
Brute force protection with fail2ban

Application Security (JourneyLoop)

Application-level access controls
Secure session management
Data isolation between coaching relationships
Secure payment processing via Stripe (PCI Level 1)

Who Can Access My Data

Can anyone else see my client's session data?

Only you and your client can access their session data.

We follow a strict data isolation model with application-level access controls:

Coach Data Isolation
You can only see data for your own clients
Client Portal Security
Clients see only their own sessions
No Cross-Sharing
Zero data shared between relationships
Secure Authentication
Multi-factor and session management

What access do JourneyLoop administrators have?

JourneyLoop administrators have very limited access to your data, following industry best practices:

No Routine Content Access
Admins cannot read your session content without explicit permission
System Maintenance Only
Limited to infrastructure monitoring and technical support
Legal Compliance
Access only when required by law or with your written consent
All Access Logged
Any administrative access is automatically tracked and auditable

AI Processing & Data Retention

How does AI process my session data and what is retained?

Our AI analysis is designed with privacy-first principles to protect your coaching conversations:

Secure Processing
AI analysis in isolated, encrypted environments
No Third-Party Storage
Session content never stored by AI providers
Pattern Analysis
Focus on insights, not verbatim content
Your Control
Delete AI-generated content anytime

Can I control what data the AI analyzes?

Yes, you have complete control over AI processing with granular privacy settings:

Session Selection
Choose sessions to analyze individually
Insight Preferences
Set what types of insights to generate
Topic Exclusion
Exclude sensitive topics from analysis
Complete Opt-Out
Turn off AI features entirely

How long do you keep my session data?

We follow a clear, coach-friendly data retention policy:

Active Account
Session data kept as long as your account is active
30-Day Deletion
Automatic deletion 30 days after account closure
Immediate Deletion
Request deletion of specific sessions or clients anytime
Your Control
Exported data remains under your control

Coach IP & Methodology Protection

How is my coaching methodology and intellectual property protected?

We understand that your coaching methodology is your valuable intellectual property. Here's how we protect it:

Your Content, Your Rights
You retain full ownership of all coaching content
Private by Design
Your methods are never shared or analyzed across accounts
AI Isolation
AI processes your data in isolation, no cross-learning
Clear Terms
Our terms explicitly protect your IP rights

Zero Training Policy: Your coaching content and methodologies are never used to train AI models or shared with other coaches. Each coach's data remains completely isolated.

Can I securely store and share my coaching materials with clients?

Coming Soon: Secure material storage is on our development roadmap. We're designing it with your IP protection as the top priority.

While this feature is still in development, here's our planned approach to secure material storage:

Client-Specific Access
Materials shared only with intended clients
Time-Limited Access
Set expiration dates for sensitive materials
Download Controls
Control whether clients can download or view-only
Watermarking Options
Protect PDFs with client-specific watermarks

What about competitive intelligence and coach privacy?

Your coaching practice details remain completely confidential:

No Coach Directory
We don't list coaches or reveal who uses JourneyLoop
No Aggregate Analytics
We don't analyze or compare coaching methods across accounts
No Shared Insights
AI insights are never pooled or shared between coaches
No Marketplace Features
We're a private tool, not a coaching marketplace

Client Portal Security

How secure is the client portal?

Client portals use the same enterprise-grade security infrastructure as coach accounts:

Isolated Environment
Each client has a unique, isolated portal
Data Access Control
Clients access only their own data and progress
Encrypted & Logged
All portal access is encrypted and monitored
Session Management
Automatic logout after inactivity periods

What can my clients see in their portal?

Clients have controlled access to their coaching journey with complete privacy protection:

Session Summaries
Their own session data and progress tracking
Action Items & Goals
Items you've shared with them directly
Approved Insights
Content you've chosen to make available
Progress Charts
Achievement milestones and growth tracking

Note: Clients never see data from other clients or your private coach notes.

Can clients control their own data in the portal?

Yes, clients have significant control over their data and privacy settings:

Data Export
View and download their session history
Profile Management
Update profile and contact information
Notification Control
Manage communication preferences
Data Deletion
Request deletion or account closure

Data Control & Deletion

Early Development Notice: JourneyLoop is in early development. While we're committed to your data privacy, some features like automated data export are still being built.

How can I request my data or have it deleted?

We're committed to giving you full control over your data. To request data export or deletion:

Email our support team at:

support@journeyloop.ai

We'll process your request within 72 hours

What data control options are available?

While we build automated features, we manually support all privacy requests:

Data Export
Request all your data in a readable format
Client Data Removal
Remove specific client relationships
Complete Account Deletion
Permanently delete all your data
72-Hour Processing
Quick response to all data requests

Important: Data deletion is permanent and cannot be undone. We'll confirm with you before processing any deletion requests.

What's coming soon?

We're actively building features to give you more control:

Self-Service Export
Download your data directly from dashboard
Archive Options
Archive old sessions while keeping access
Granular Controls
Delete individual sessions and notes
Retention Settings
Auto-delete old data based on your preferences

Legal Compliance

How does JourneyLoop comply with GDPR and CCPA?

We are fully committed to privacy law compliance with comprehensive protections:

GDPR Compliance (European Union)

Right to Access
View all personal data we hold about you
Data Portability
Export your data in machine-readable format
Right to Correction
Update or correct inaccurate information
Right to Deletion
Request complete data removal

CCPA Compliance (California)

Know What's Collected
Transparency about data collection practices
Opt-Out Rights
Control over data sharing and processing
Non-Discrimination
No penalties for exercising privacy rights
Timely Responses
Responses within required timeframes

Additional Compliance Measures

Clear Consent
Transparent consent processes for all data use
Impact Assessments
Privacy reviews for all new features
Regular Audits
Ongoing compliance monitoring and reviews
Data Protection Officer
Dedicated privacy expert available for questions

Have privacy law questions? Contact our Data Protection Officer at privacy@journeyloop.ai

Privacy-First Platform

Ready to Transform Your Coaching Practice?

Experience enterprise-grade security with the coaching platform designed for privacy and trust.

Explore Demo Account Start Free Trial

Privacy Questions?

Contact our privacy team

privacy@journeyloop.ai

Need Support?

General support inquiries

support@journeyloop.ai

© 2025 Arcane Engineering LLC. All rights reserved.

Privacy FAQ Privacy Policy Terms of Service