Privacy Policy
Last Updated: January 8, 2026
Effective Date: January 8, 2026
1. Introduction
Welcome to The Communication Gym ("Company," "we," "us," or "our"). We operate a communication coaching and training platform that provides AI-powered coaching, human coaching services, online courses, and professional development programs (collectively, the "Services").
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at thecommunicationgym.com, use our platform, or engage with our Services.
By using our Services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with this policy, please do not use our Services.
2. Information We Collect
2.1 Information You Provide Directly
We collect information you voluntarily provide when you:
Account Registration
- First name and last name
- Email address
- Password (stored in encrypted/hashed form)
- Display name
- Organization name (if applicable)
- Phone number (optional)
- Preferred name
- Timezone and locale preferences
Coaching Intake Forms
When you enroll in our coaching programs, we collect detailed information to personalize your experience:
- Job title and role
- Industry
- Areas you want to improve (communication challenges)
- Current challenges you're facing
- Upcoming events or presentations
- Success metrics and goals (6-month objectives)
- Key stakeholders you communicate with
- Long-term career and communication goals
Note: Coaching intake information may contain sensitive personal details about your professional challenges and goals. We treat this information with heightened confidentiality.
Payment Information
- Billing name and address
- Payment card details (processed and tokenized by Stripe; we do not store full card numbers)
Contact and Inquiry Forms
- Name and email address
- Subject and message content
- Training inquiry details (team size, preferred delivery mode)
Assessment Data
- DISC assessment results (conducted through our third-party partner, TTI Success Insights)
- Links to assessment reports and analysis
2.2 Information Collected Automatically
When you access our Services, we automatically collect:
Device and Browser Information
- IP address
- Browser type and version
- Operating system
- Device type and identifiers
- Screen resolution
Usage and Analytics Data
- Pages viewed and URLs visited
- Click events (what elements you interact with)
- Scroll depth (how far you scroll on pages)
- Form interactions (which fields you complete)
- Course progress and completion status
- Session duration and timestamps
- Referring website URLs
Session Tracking
We create a session identifier using a hash of your IP address and browser user agent to group your activity within a browsing session. This helps us understand user journeys without creating persistent individual profiles.
2.3 Information from Third Parties
- Payment Processor (Stripe): Transaction status, payment confirmations, and billing details
- AI Coaching Platform (Yoodli): Coaching session data and progress metrics
- Assessment Provider (TTI Success Insights): DISC assessment results
2.4 Consent Records
We maintain records of your consent for various purposes, including:
- Terms of Service acceptance
- Privacy Policy acceptance
- Marketing communications opt-in/opt-out
- Consent to review AI coaching recordings
- Rescheduling policy acknowledgment
These records include the consent type, your response, version number, timestamp, and IP address for verification purposes.
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 Providing and Improving Our Services
- Creating and managing your account
- Delivering personalized coaching and training experiences
- Processing your enrollments and managing course access
- Matching you with appropriate coaches and programs
- Tracking your progress through coaching journeys
- Improving and developing new features and services
3.2 Processing Payments
- Processing subscription and one-time payments
- Managing billing cycles and renewals
- Sending payment confirmations and receipts
- Handling refund requests
3.3 Communications
- Sending transactional emails (account confirmations, password resets, payment receipts)
- Providing coaching-related notifications and updates
- Responding to your inquiries and support requests
- Sending marketing communications (with your consent)
3.4 Analytics and Research
- Understanding how users interact with our platform
- Analyzing usage patterns to improve user experience
- Conducting research to enhance our coaching methodologies
- Generating aggregated, anonymized reports
3.5 Security and Compliance
- Detecting and preventing fraud, abuse, and security incidents
- Verifying your identity when necessary
- Complying with legal obligations
- Enforcing our terms and policies
4. Legal Bases for Processing (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom (UK), we process your personal data based on the following legal grounds:
- Performance of Contract: Processing necessary to provide the Services you've purchased or requested (e.g., delivering coaching, managing your subscription)
- Consent: Processing based on your explicit consent (e.g., marketing communications, reviewing coaching recordings)
- Legitimate Interests: Processing necessary for our legitimate business interests, provided these do not override your rights (e.g., analytics, fraud prevention, improving our Services)
- Legal Obligation: Processing necessary to comply with applicable laws and regulations
6. Third-Party Services
Our Services integrate with the following third-party platforms. Each has its own privacy policy governing their use of your data:
| Service | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Billing details, transaction data |
| Yoodli | AI speech coaching | Name, email, coaching session recordings |
| TTI Success Insights | DISC behavioral assessments | Name, email, assessment responses |
| Google Analytics 4 | Website analytics | Usage data, device info, IP address (anonymized) |
| Hotjar | User experience analytics | Session recordings, heatmaps, device info |
| Sentry | Error tracking | Error logs, device info |
8. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 3 years after deletion request |
| Coaching and intake data | Duration of coaching relationship + 3 years |
| Payment and transaction records | 7 years (tax and legal compliance) |
| Analytics data | 26 months |
| Consent records | Duration of consent + 5 years |
| Contact form submissions | 2 years |
9. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption of data in transit using TLS/SSL
- Secure password hashing
- CSRF (Cross-Site Request Forgery) protection
- Rate limiting on sensitive endpoints
- Regular security assessments
- Access controls and authentication requirements
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
10. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information (subject to legal retention requirements)
- Portability: Request a copy of your data in a portable format
- Objection: Object to certain processing of your information
- Restriction: Request restriction of processing in certain circumstances
- Withdraw Consent: Withdraw consent at any time for processing based on consent
To exercise any of these rights, please contact us at privacy@thecommunicationgym.com. We will respond to your request within 30 days.
Marketing Communications
You can opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us directly. Note that you will continue to receive transactional communications related to your account and services.
11. Additional Rights for EEA/UK Residents (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom (UK), you have additional rights under the General Data Protection Regulation (GDPR):
Your Additional Rights
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your country of residence if you believe we have violated your data protection rights
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal
- Right to Object to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing that significantly affect you
Data Controller
The Communication Gym is the data controller responsible for your personal information. For questions about how we process your data, contact our Data Protection contact at privacy@thecommunicationgym.com.
International Transfers
If we transfer your personal data outside the EEA/UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
12. Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Your California Privacy Rights
- Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, our business purpose for collecting it, and the categories of third parties with whom we share it
- Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions
- Right to Correct: You have the right to request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
- Right to Limit Use of Sensitive Personal Information: You have the right to limit the use of sensitive personal information to what is necessary to perform the services
Categories of Personal Information Collected
In the preceding 12 months, we have collected the following categories of personal information:
- Identifiers: Name, email address, IP address, account ID
- Commercial Information: Purchase history, subscription status
- Internet Activity: Browsing history on our site, interactions with our Services
- Professional Information: Job title, employer, industry
- Inferences: Preferences and characteristics derived from your activity
- Sensitive Personal Information: Account login credentials (password stored hashed)
How to Exercise Your Rights
To exercise your California privacy rights, contact us at privacy@thecommunicationgym.com or call us at the number listed in the Contact section. We will verify your identity before processing your request.
Authorized Agents
You may designate an authorized agent to submit requests on your behalf. We may require verification that you authorized the agent to act on your behalf.
"Do Not Track" Signals
Our website does not currently respond to "Do Not Track" browser signals. However, you can manage your cookie preferences through your browser settings or our cookie consent tool.
13. International Data Transfers
The Communication Gym is based in the United States. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
These countries may have data protection laws that differ from those in your country. By using our Services, you consent to the transfer of your information to these countries.
We take steps to ensure that your data receives adequate protection in accordance with this Privacy Policy and applicable law, including implementing Standard Contractual Clauses where required.
14. Children's Privacy
Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@thecommunicationgym.com, and we will take steps to delete such information.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Updating the "Last Updated" date at the top of this policy
- Sending an email notification to registered users (for significant changes)
- Displaying a prominent notice on our website
We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes indicates your acceptance of the updated policy.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
The Communication GymEmail: privacy@thecommunicationgym.com
General Inquiries: info@thecommunicationgym.com
Website: thecommunicationgym.com
For GDPR-related inquiries from EEA/UK residents, please include "GDPR Request" in your email subject line.
For CCPA-related inquiries from California residents, please include "CCPA Request" in your email subject line.