Coachyn logo Coachyn
Start Free Trial

Security & Trust

Coaching conversations are deeply personal and confidential. We take the security and privacy of your data as seriously as you do.

Enterprise-grade security, built in

Every layer of Coachyn is designed with security as a first principle — not an afterthought.

AES-256 Encryption

All data is encrypted at rest using AES-256, the same standard used by financial institutions and government agencies.

TLS 1.3 in Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3, preventing interception or tampering.

Secure Infrastructure

Hosted on SOC 2-certified cloud infrastructure with automated backups, intrusion detection, and DDoS protection.

Authentication Security

Multi-factor authentication, secure session management, and role-based access control protect every account.

Regular Audits

Ongoing security testing, vulnerability assessments, and code reviews ensure our platform stays secure as it evolves.

Incident Response

Documented incident response plans with transparent notification policies. If something happens, you'll know immediately.

Payment security

Payments secured by Stripe

We never store credit card numbers or sensitive payment data on our servers. All payment processing is handled by Stripe — the world's most trusted payment infrastructure.

PCI DSS Level 1 certified (the highest level)
Tokenized card storage — we never see card numbers
3D Secure authentication support
Fraud detection and prevention built in

PCI Level 1

Tokenized

135+ Currencies

3D Secure

AI data handling

How we handle AI and your data

We know that AI and data privacy can raise questions. Here's exactly how we handle your coaching data in relation to our AI features.

Your data is never used for AI training

Your session notes, client data, and engagement metrics are never used to train, fine-tune, or improve our AI models. Full stop.

AI processing is ephemeral

When our AI analyzes your session data to generate insights, the processing context is discarded immediately. Only the output is stored in your account.

Human-in-the-loop always

Every AI-generated insight is a suggestion. No automated actions are taken on your behalf without explicit confirmation.

Complete data ownership

You own 100% of your data. Export everything at any time. Delete your account and all data is permanently removed within 30 days.

Our data commitments

Zero training on client data
No third-party data sharing
Ephemeral AI processing
Full data export capability
Right to deletion honored
Transparent AI decision logging
Annual security audits
SOC 2 Type II compliance

Compliance & certifications

SOC 2

Type II Compliant

GDPR

Fully Compliant

PCI

Level 1 (via Stripe)

AES-256

Encryption Standard

Questions about security?

We're happy to discuss our security practices in detail. Reach out to our team.

Contact Us Privacy Policy