Privacy Policy

Last updated: November 28, 2025

1. Introduction

ClearInsite (doing business as CoachingPortal) ("we," "us," or "our") operates a coaching platform that connects fitness and nutrition coaches with their clients. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our coaching platform services. If you do not agree with the terms of this privacy policy, please do not access the platform.

2. Information We Collect

2.1 Personal Information You Provide

We collect information you voluntarily provide when creating an account or using our services:

  • Account Information: Name, email address, phone number, password
  • Profile Information: Date of birth, gender, profile photo
  • Health & Fitness Data: Height, weight, body measurements, activity level, fitness goals, dietary restrictions, health conditions
  • Progress Data: Daily weight logs, macro intake, exercise performance, progress photos, check-in notes
  • Communication Data: Messages exchanged with your coach, feedback, and support inquiries

2.2 Information Collected Automatically

  • Usage Data: Pages viewed, features used, time spent on platform, interaction patterns
  • Device Information: Browser type, operating system, device identifiers
  • Authentication Data: Login times, IP addresses, authentication tokens (managed by Firebase)

2.3 Third-Party Authentication

If you sign in using Google OAuth, we receive your name, email address, and profile photo from Google. We do not have access to your Google account password.

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Facilitate coaching relationships, track progress, deliver personalized fitness and nutrition guidance
  • Communication: Send service notifications, respond to inquiries, deliver invitation emails
  • Platform Improvement: Analyze usage patterns, improve features, ensure platform security
  • Legal Compliance: Comply with legal obligations, enforce terms of service, protect rights and safety

4. How We Share Your Information

4.1 With Your Coach

Clients: Your assigned coach has access to all information you provide, including health data, progress logs, and messages. This access is essential for providing coaching services.

4.2 Service Providers

We share data with trusted third-party service providers:

  • Firebase (Google): Authentication, database hosting, file storage
  • Resend: Transactional email delivery (invitation emails, notifications)
  • Vercel: Application hosting and content delivery

4.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect rights, property, or safety.

5. Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption in transit (HTTPS/TLS) and at rest (Firebase encryption)
  • Secure authentication using Firebase Auth with token-based access
  • Role-based access controls and multi-tenant data isolation
  • Regular security audits and monitoring

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services:

  • Active Accounts: Data retained while account is active
  • Deactivated Accounts: Data may be retained for up to 90 days for recovery purposes
  • Deleted Accounts: Most data permanently deleted within 30 days of deletion request
  • Legal Requirements: Some data may be retained longer to comply with legal obligations

7. Your Rights (GDPR & Data Protection)

If you are located in the European Economic Area (EEA) or UK, you have the following data protection rights:

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Request correction of inaccurate or incomplete data

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data under certain circumstances

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Restriction of Processing

Request limitation on how we process your data

Right to Object

Object to processing of your personal data for specific purposes

Right to Withdraw Consent

Withdraw consent for data processing where consent is the legal basis

To exercise these rights, contact us at: support@coachingportal.io

We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

We ensure appropriate safeguards are in place, including using service providers that comply with GDPR and implementing Standard Contractual Clauses where necessary.

9. Health Data and HIPAA

HIPAA Does Not Apply: We are not a HIPAA-covered entity or business associate. The fitness and nutrition coaching services provided through our platform do not constitute medical treatment or healthcare services covered by HIPAA.

Health Data Protection: While HIPAA does not apply, we take the security of your health and fitness data seriously. We implement industry-standard security measures and comply with applicable state and federal privacy laws, including the FTC Health Breach Notification Rule.

Not Medical Advice: Information provided through the platform is for fitness and nutrition coaching purposes only and should not be considered medical advice. Consult with appropriate healthcare professionals for medical concerns.

10. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of discovering the breach (as required by GDPR)
  • Notify appropriate regulatory authorities as required by law
  • Provide details about what information was compromised and steps we are taking
  • Offer guidance on protective measures you can take

Notifications will be sent via email to the address associated with your account.

11. Children's Privacy

Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete the information within 30 days.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Required for authentication and platform functionality
  • Authentication Tokens: Maintain your logged-in session
  • Local Storage: Store user preferences and cached data

You can control cookies through your browser settings, but disabling essential cookies may affect platform functionality.

13. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how we use it
  • Right to delete your personal information
  • Right to opt-out of sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at support@coachingportal.io. We will respond within 45 days.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy with an updated "Last Updated" date. Continued use of the platform after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

ClearInsite (d/b/a CoachingPortal)

State of Indiana, United States

Email: support@coachingportal.io

Back to Home