How We Protect Your Data

Zero Point Coach handles sensitive personal information. We take that seriously. Here is exactly what we do to keep your data safe.

Your data is yours

Every piece of data you share with Zero Point Coach belongs to you. You can export all of it or delete your account at any time. We do not sell, share, or monetize your personal information.

Isolation by design

Your coaching conversations, intake profile, and Pattern Map are visible only to you through the user-facing application. Other users cannot access your data. Admins do not have user-content access through the application interface.

Encrypted in transit and at rest

All communication between your browser and our servers uses HTTPS/TLS encryption. Your data is stored in a secure, managed database with encryption at rest.

Real deletion

When you delete your account, we remove your data from the application database and remove your authentication record. This is not a soft delete. Your data is permanently removed when deletion completes.

Technical Details

For those who want to know the specifics.

1Authentication

  • Email and password authentication powered by Supabase Auth
  • Server-side JWT validation on every API request
  • Session tokens are short-lived and automatically refreshed
  • Admin access requires a verified role stored in the database, not just a token claim

2Data Isolation

  • Row Level Security (RLS) enforced on database tables that store user data
  • Each user can only read, write, and delete their own data
  • Database-level ownership checks help prevent cross-user data injection
  • Admin tools are protected by server-verified role checks at both the API and UI layer

3Infrastructure

  • Hosted on Vercel with automatic HTTPS, DDoS protection, and edge network
  • Database hosted on Supabase with managed PostgreSQL and encryption at rest
  • We do not intentionally store coaching content or profile data in browser local storage
  • Authentication is handled through session mechanisms required for sign-in
  • API keys and secrets are stored as server-side environment variables, never exposed to the browser

4AI and Coaching Data

  • Coaching conversations are sent to OpenAI's API to generate responses. By default, data sent through the OpenAI API is not used to train or improve OpenAI's models unless the customer explicitly opts in to share that data. We have not opted in to any such sharing beyond what is required to generate your coaching response.
  • Your intake profile and Pattern Map are used only to personalize your coaching sessions.
  • Application logs are configured to exclude coaching message content and personal profile details.

What We Do Not Do

We do not sell your data to third parties.
We do not use your coaching conversations for advertising.
We do not share your personal information with other users.
We do not store passwords in plain text.
We do not log your coaching messages or personal details in our application logs.
We do not retain your data after you delete your account.
We do not require you to provide your real name to use the service.

Your Controls

You are always in control of your data.

Export your data

Download a complete copy of everything we store about you, your profile, conversations, coaching history, Pattern Map, and session summaries, as a single JSON file.

Settings > Export My Data

Delete your account

Permanently remove your data from our system. This deletes your conversations, messages, intake profile, Pattern Map, session history, feedback, and authentication record. This action cannot be undone.

Settings > Delete Account

Dark mode and accessibility

Customize your experience with dark mode, font size options, and reduced motion settings.

Settings > Appearance

About AI Processing

Zero Point Coach uses OpenAI's language models to generate coaching responses. When you send a message, it is transmitted to OpenAI's API for processing.

By default, data sent through the OpenAI API is not used to train or improve OpenAI's models unless the customer explicitly opts in. We have not opted in to any data sharing beyond what is necessary to generate your coaching response.

Your coaching messages are stored in our database so you can continue conversations and review past sessions. They are protected by the same access controls and data-isolation rules used for the rest of your account data.

Questions?

If you have questions about how your data is handled, or if you want to request data deletion outside of the in-app controls, please reach out.

Contact Us

Learn More About Zero Point

What Is Zero Point?

Understand the core framework.

How It Works

See the pattern mapping process.

Try the Demo

Walk through the system without signing up.