Privacy Policy

Effective Date: December 1, 2024

1. Controller and Scope

This Privacy Notice describes how Coachway ApS ("Coachway"), located in Denmark, processes personal data in our capacity as data controller in connection with the operation, maintenance and administration of the Coachway platform (the "Platform").

This Notice applies to all individuals whose personal data Coachway process as data controller, including:

Coaches who create accounts on the Coachway Platform
Individuals who contact us, visit our website or otherwise interact with us
Job applicants and Coachway employees (HR-related data)

Contact for all privacy matters: hello@coachway.io

2. Categories of Personal Data Processed

Coachway processes the following categories of personal data as independent data controller:

Coaches (Platform users)

Name, email address, password hash, profile settings, billing address, subscription status, invoice history, and other payment metadata.
Payment card information is processed exclusively by Stripe Payments Europe Ltd.; Coachway does not store payment card numbers.
Technical and security data such as IP addresses, device and browser information, session logs, authentication timestamps, error logs and security-related events.
Information provided in support requests or other communications with Coachway. Cookie data depending on the user's consent.

Website visitors and other external contacts

IP address, browser data, device information, usage logs and interactions with cookies or tracking technologies.
Information voluntarily submitted via contact forms, email or other communication channels.

Job applicants

Name, contact details, CV, cover letter, references, interview notes and assessment results.
Where relevant and lawful, background checks.

Employees (HR data)

Identification and contact information, employment agreement, salary and payroll information, tax data, absence and leave records, performance documentation, IT and login activity for security purposes, and any information required by employment, tax or bookkeeping law.

3. How Personal Data Is Collected

Coachway processes personal data when:

Account creation and use of the Platform
Technical logs generated by devices accessing the Platform or website
Subscription payments processed via Stripe
Support enquiries and business correspondence
Job applications submitted to Coachway
HR administration for employees
Cookies and tracking tools activated only after consent (where required)

4. Purposes of Processing

Coachway processes personal data for the following purposes:

Operating, maintaining and securing the Platform
Managing user accounts, subscriptions and billing
Providing support and handling enquiries
Administering customer relationships with coaches
Operating the website and consent-based analytics
Managing recruitment processes
Fulfilling employer obligations and HR administration
Complying with legal obligations, including bookkeeping and employment law

5. Legal Bases (GDPR)

Processing is based on the following lawful bases:

Explicit Consent (Art. 6(1)(a)) for analytics, marketing cookies and similar technologies
Contract (Art. 6(1)(b)) — for account creation, Platform access and subscription management
Legal Obligation (Art. 6(1)(c)) — Bookkeeping and compliance with applicable law.
Legitimate Interest (Art. 6(1)(f)) — for security, fraud prevention and platform improvement
Personal Data (Art. 9(2)(b)/Art. 9(2)(h)) — where relevant for HR obligations

Consent may be withdrawn at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

7. International Transfers

Some subprocessors may be located or have infrastructure outside the EEA. Where this results in a transfer of personal data, it is based on valid transfer mechanisms under GDPR, including the European Commission's Standard Contractual Clauses or an adequacy decision. Transfers are made only in accordance with Chapter V GDPR.

8. Retention

Personal data is retained only as long as necessary for the purposes described in section 4:

Account and subscription data is retained for the duration of the User relationship
Billing data is retained as required by accounting rules.
Technical logs and security data are stored for limited periods
Backup copies are retained only temporarily and are automatically purged.
Data no longer needed is deleted or irreversibly anonymised.

9. Data Subject Rights

Individuals whose data are processed by Coachway have a number of rights under the GDPR:

Access their personal data
Request rectification
Request erasure
Request restriction of processing
Object to processing
Request data portability
Withdraw consent
Lodge a complaint with a supervisory authority (e.g. the Danish Data Protection Agency)

Requests may be submitted to hello@coachway.io

10. Security Measures

Coachway applies appropriate technical and organisational measures, including encryption, access control, secure credential storage, logging, monitoring and regular security assessments. Security standards are applied consistently across all systems used to operate the Platform.

11. Cookies and Analytics

Essential cookies required for platform functionality are always active. Analytics or marketing cookies are used only after explicit consent, which may be withdrawn at any time. A separate cookie policy may apply.

12. Changes to This Policy

Coachway may update this Policy due to legal, technical or operational changes. Material changes will be communicated appropriately. Continued use of the Platform constitutes acceptance of the updated Policy.

13. Contact

Contact: hello@coachway.io