Legal

Privacy Policy

Last updated: April 2026

North ("we," "us," or "our"), operated by North Coach (CVR 46406087, Denmark), provides the web application at northcoach.net. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered leadership coaching platform.

1. Information We Collect

When you sign in with Google, we receive:

  • Your name and email address
  • Your Google profile picture
  • An OAuth access token (used to authenticate your identity and manage your session)

As you use North, you create coaching data including:

  • Team member profiles and roles
  • 1-on-1 meeting notes, talking points, and action items
  • Coaching journal entries
  • Team health pulse ratings
  • Coaching playbook progress
  • AI coaching conversation history
  • Dashboard preferences and settings

2. How We Store Your Data

North is designed with a security-first data model. Your coaching data is stored in our secure cloud database with industry-standard encryption at rest and in transit.

  • Cloud database: All your coaching data is stored in our secure cloud database with encryption at rest and encryption in transit. Data is hosted with industry-standard encryption.
  • Server-side: We store encrypted OAuth tokens and session identifiers on our servers. Secrets are encrypted at rest using AES-256-GCM.
  • Session cookies: We use secure, httpOnly session cookies to maintain your login state.

3. How We Use Your Data

We use your information to:

  • Provide and operate the North coaching platform
  • Personalize AI coaching responses based on your team context, 1-on-1 history, and journal entries
  • Generate weekly digests, team health insights, and coaching recommendations
  • Improve the service and develop new features
  • Communicate important updates about the platform

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. AI Processing

North uses the Google Gemini API to power AI coaching responses. When you interact with the AI coach, relevant portions of your coaching data (such as team member information, recent 1-on-1 notes, and journal entries) are sent to Google's AI service to generate personalized responses.

  • Data sent to the Gemini API is processed in accordance with Google's AI terms of service.
  • We send only the data necessary to generate contextual coaching responses.
  • AI-generated responses are not guaranteed to be accurate and should be used as guidance, not as professional advice.

5. Third-Party Services

North integrates with the following third-party services:

Service Purpose
Google OAuth 2.0 Authentication and sign-in
our secure cloud database Storing and syncing your coaching data
Google Gemini API AI-powered coaching responses

Each service is governed by its own privacy policy and terms of service.

6. Data Retention

Your coaching data is retained in our secure database for as long as your account is active. You can request deletion of your data at any time by:

Server-side session data and encrypted tokens are automatically removed when you revoke access or after a period of inactivity. Upon account deletion, all coaching data stored in our database is permanently removed.

7. Cookies & Local Storage

North uses a minimal set of cookies and browser storage:

  • Session cookie (mc_session): An httpOnly, secure cookie that maintains your login session. It is not accessible to JavaScript and is transmitted only over HTTPS.
  • localStorage: Used to store UI preferences such as sidebar state and theme selection. This data never leaves your browser.

We do not use analytics cookies, advertising cookies, or any third-party tracking cookies.

8. Your Rights

You have the right to:

  • Access your data at any time through the North application
  • Export your data by requesting a data export through the application or by contacting us
  • Delete your data by requesting deletion through the application or by revoking North's access
  • Withdraw consent by signing out and revoking OAuth access

If you are located in the European Economic Area (EEA) or other jurisdiction with data protection laws, you may have additional rights including data portability and the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

North is designed for professional use by managers and team leaders. Our service is not intended for children under the age of 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will notify you through the North application. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

11. Contact Us

If you have questions or concerns about this Privacy Policy or how your data is handled, please contact us at:

support@northcoach.net