Enterprise Privacy & Data Handling
How Let's Chat Coach protects your employees' privacy while giving you the visibility you need.
The Privacy Promise
When an employee uses Let's Chat Coach, their conversations are completely private. Their employer cannot see what they discuss, what goals they set, or what challenges they're working through. Period.
This is not just a policy decision — it's enforced at the database level through row-level security. There is no admin dashboard, no manager view, and no override that exposes individual coaching conversations.
What your organization sees
Aggregated and anonymized only
- Total number of employees who signed up
- Number of active users per week/month
- Average sessions per user
- Anonymized topic distribution (e.g., “40% leadership, 25% career development”)
- Aggregate engagement trends over time
What your organization never sees
Not available to anyone but the employee
- Individual session content
- Specific topics any individual discussed
- Names tied to specific coaching themes
- Action items or goals of any specific employee
- Whether a specific employee is “struggling” or “thriving”
How Privacy Is Enforced
Row-Level Security (RLS)
Database-level enforcement ensures users can only query their own data. This is not an application-layer check that could be bypassed — it is enforced by PostgreSQL itself.
No admin override
There is no admin dashboard that bypasses RLS for session content. Even our own team cannot view individual coaching conversations.
Aggregated reporting only
Any enterprise reporting aggregates across users and never exposes individual records.
Encryption at rest and in transit
All data is stored in Supabase (PostgreSQL) with encryption at rest. All connections use TLS encryption in transit.
AI data handling
AI processing is handled by Anthropic's Claude models. Anthropic does not use API-submitted data to train their models.
Frequently Asked Questions
Q: Can our company see what employees discuss with the coach?
No. Conversations are completely private. Your company receives only aggregated, anonymized usage statistics.
Q: Can a manager or HR person request to see a specific employee's sessions?
No. We do not have the ability to provide individual session data to employers, even upon request. This is enforced at the database level, not just by policy.
Q: Where is the data stored?
User data is stored in Supabase (PostgreSQL), with encryption at rest and in transit. AI processing is handled by Anthropic's Claude models under their enterprise data handling policies.
Q: What happens if an employee leaves the company?
Their coaching data belongs to them, not the company. They can continue using their account as an individual user, or request deletion of all their data.
Q: Is the data used to train AI models?
No. Anthropic does not use API-submitted data to train their models. Your employees' conversations remain private.
Q: Do you have a Data Processing Agreement (DPA)?
Yes, we can provide a DPA for enterprise customers. Contact us to request one.