Overview
Alpha Coach Analysis (“we”, “us”, “our”) provides tools to analyse coaching sessions using AI and manual notes (the “Service”). This Privacy Policy explains what information we collect, how we use it, and the choices you have.
Information we collect
- Account information: when you sign in with Google, we receive your name, email address, profile photo, and a Google user identifier.
- Google OAuth tokens: if you authorize Google Drive access, we receive access tokens and may receive a refresh token so you can reconnect without re-consenting.
- Content you provide: recordings, transcripts, notes, and any other materials you upload or import into the Service.
- Usage and device data: basic logs needed to operate and secure the Service (e.g., request metadata, timestamps, error logs).
Google Drive access
If you choose to connect Google Drive, we request read-only access so the Service can import files referenced in workflows such as direct link import and admin ingestion automation. We do not request permission to create, edit, or delete files in your Drive.
- Scope: we request
https://www.googleapis.com/auth/drive.readonly. - What we access: files and metadata (for example, file IDs, names, and MIME types) required to import the Google Drive content that you submit to the Service.
- What we do not do: we do not browse your Drive for unrelated purposes, and we do not modify or delete Drive content.
Data protection mechanisms
- Authenticated access controls: app APIs require an authenticated session. Administrative operations (including admin Google Sheet ingestion settings and job controls) are restricted to admin-authorized requests.
- Session integrity: session cookies are signed on the server, set as HTTP-only, and validated on each protected request.
- OAuth token handling: Google OAuth tokens are stored server-side and refreshed server-side for ongoing authorized operations.
- Credential redaction in logs: server logging redacts token, authorization, secret, and password fields before output.
- Encrypted transport: communication with Google APIs and other external APIs used by the Service occurs over HTTPS.
How we use information
- To provide, maintain, and improve the Service.
- To authenticate you and keep your account secure.
- To process uploaded/imported content to generate analysis outputs you request.
- To troubleshoot issues and prevent abuse.
Sharing
We do not sell Google user data. We may share information with service providers that help us operate the Service (for example, hosting and database providers). They are permitted to process data only to provide services to us and not for their own purposes.
Retention
We retain information for as long as needed to provide the Service. You can delete uploaded/imported items in the Service. You can also revoke app access from your Google Account permissions at any time.
Your choices
- Revoke Google Drive access: you can revoke access via your Google Account security settings.
- Delete content: you can delete imported/uploaded items in the Service.
- Contact us: you can request account deletion or ask privacy questions using the contact details below.