Last updated: March 27, 2026
Everything you share with Cochi belongs to you. Your data will never be sold, shared, or used to train anything. You can delete all of it at any time with one button. This space is yours.
Account data: Email address, name, and profile type (founder, executive, athlete, creative).
Coaching conversations: All messages exchanged during intake sessions, daily check-ins, evening scorecards, sprint sessions, and ad-hoc coaching.
Voice transcripts: When you use voice input, audio is transcribed and the text is stored. We do not store raw audio files.
Scorecard data: Daily state scores, sleep hours, exercise, priming, partner connection, work metrics.
Psychological profile: Patterns, triggers, drivers, non-negotiables, and identity data gathered during intake. This data is encrypted at rest.
Business data: For founders and executives - business model, revenue, team, pipeline data shared during coaching.
Wearable data: If you connect Oura, Whoop, or Eight Sleep - sleep scores, HRV, recovery metrics. This data is encrypted at rest.
Calendar data: If you connect Google Calendar - event titles and times (not attendee details or descriptions).
Coaching delivery: Your data is used to personalize your coaching experience - pattern detection, cascade prediction, sprint planning, and daily interactions.
Anonymous product improvement (opt-out): Anonymized, de-identified data may be used to improve coaching effectiveness across all users. This never includes names or identifiable content. You can opt out via a toggle in Settings.
Anthropic (Claude API): Processes your coaching conversations. Per Anthropic's API terms, your data is not used to train their models.
Deepgram: Processes voice audio for transcription. Audio is not retained after transcription.
Stripe: Processes subscription payments. Stripe handles all payment data directly - we never see your full card number.
OneSignal: Delivers push notifications. Receives only device tokens and notification content.
Resend: Sends transactional emails (check-in reminders, account notifications).
Supabase: Hosts our database and authentication. All data encrypted at rest.
Your data is never sold. Not anonymized, not aggregated, not in any form. This is a hard commitment in our Terms of Service with no exceptions.
Access: You can view all your data within the app at any time.
Export:Download all your data as a JSON file from Settings → Export My Data.
Delete:Permanently delete all your data from Settings → Delete All Data. This removes everything - profile, conversations, scorecards, patterns, sprint history, and connected integration data.
Opt out: Disable anonymous product improvement from Settings at any time.
Your data is preserved indefinitely, even after cancellation. You can return at any time and pick up where you left off. Data is only deleted when you explicitly request it. After deletion, encrypted database backups may retain data for up to 7 days before automatic overwrite.
Wearable health data (sleep, HRV, recovery scores) is encrypted at the application level. Access to health data is audit-logged. This product is not a medical device and does not provide medical advice. Health data from connected wearables is used for coaching context only.
All data is encrypted in transit (HTTPS) and at rest. Sensitive data (psychological profiles, wearable data, OAuth tokens) is additionally encrypted at the application level using AES-256-GCM. Strict Content Security Policy headers are enforced. All sensitive operations are audit-logged.
If the coaching system detects language indicating acute distress, it will provide crisis resources (988 Lifeline, Crisis Text Line) and elevate monitoring sensitivity. Crisis event records include timestamps and that resources were provided. Trigger content is restricted from standard data access and is audit-logged when reviewed.
We may update this policy from time to time. Material changes will be communicated via email at least 30 days before they take effect.
Questions about your privacy? Reach us at privacy@cochi.coach