We built Continuum with privacy as a product principle. This policy explains what data we collect, why we collect it, and how we keep it secure.
Last Updated:
Continuum ("we," "us," or "our") is a comprehensive business platform that provides done-for-you website design services and an integrated scheduling platform for coaches, consultants, and other professional service providers. This Privacy Policy describes how we collect, use, share, and protect personal information in connection with our services.
This Privacy Policy applies to all services provided by Continuum, including but not limited to:
Note: Our scheduling platform integration is optional. Clients who engage us for website design services only (without scheduling integration) will have this policy apply solely to the website design and delivery process, and not to ongoing scheduling-related data collection.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this policy and, where appropriate, provide additional notice (such as via email or a prominent notice on our platform). Your continued use of our services after such updates constitutes acceptance of the revised policy.
When you create an account as a coach, consultant, or client, we collect your name, email address, password (stored in encrypted form), and account type. We may also collect phone numbers if you choose to provide them for account recovery or communication purposes.
Coaches and consultants may provide additional information including business name, professional bio, profile photos, business address, services offered, pricing information, availability schedules, session preferences, booking policies, cancellation policies, and custom branding assets (logos, colors, images). For done-for-you website services, we collect detailed business requirements, content, imagery, and design preferences.
Payment data is processed by our payment processor, Stripe. We do not store full credit card numbers or bank account details on our servers. We retain only metadata such as payment status, transaction IDs, last four digits of payment methods, billing addresses, and transaction histories. Coaches using Stripe Connect to receive payments provide information directly to Stripe, including tax identification numbers, banking details, and identity verification documents.
When clients book sessions, we collect booking details including session type, date and time preferences, session notes or intake forms (if required by the coach), special requests, and any information shared through our messaging features. We also track session status (scheduled, completed, cancelled, rescheduled) and session history.
We collect the content of messages you send through our platform, including support requests, feedback, coach-client communications, and any other correspondence with us or between users. We send transactional emails (booking confirmations, reminders, notifications, password resets) via our email service provider, Resend, and retain minimal logs for delivery troubleshooting and compliance purposes.
For clients engaging our done-for-you website services, we collect all content, media, branding materials, design preferences, business information, and other materials you provide for website creation. This may include proprietary business information, marketing copy, client testimonials, portfolio items, and any other content you wish to display on your custom website.
We automatically collect information about how you interact with our services, including pages viewed, features used, actions taken, time spent on pages, navigation paths, search queries, booking flow interactions, and error messages encountered. This helps us understand user behavior, improve our platform, and troubleshoot technical issues.
We use cookies, web beacons, local storage, and similar tracking technologies to recognize you, remember your preferences, maintain your session, prevent fraud, and analyze platform usage. See Section 10 for detailed information about our use of cookies and how to manage your cookie preferences.
We collect technical information about the devices and software you use to access our services, including IP address, browser type and version, operating system, device type (mobile, tablet, desktop), screen resolution, language preferences, referring URLs, and access times. This information helps us optimize our platform for different devices and browsers.
We may derive approximate location information from your IP address to provide location-appropriate content, suggest time zones for scheduling, detect fraudulent activity, and comply with legal requirements. We do not collect precise GPS location data unless you explicitly grant permission through your device settings.
If you choose to sign up or log in using a third-party authentication provider (such as Google or other OAuth providers), we receive basic profile information from that provider as permitted by your privacy settings with them, which may include your name, email address, and profile picture.
We receive transaction status updates, payment confirmation data, and fraud signals from Stripe and other payment processors we integrate with. This information helps us confirm successful payments, handle refunds, and prevent fraudulent transactions.
If you connect external calendar services (such as Google Calendar, Outlook, or others), we receive availability information, event details relevant to scheduling, and calendar metadata necessary to prevent double-bookings and synchronize appointments. We only access calendar data necessary to provide our scheduling services.
We may receive information from advertising partners, analytics providers, and referral sources about how you discovered our platform, including referral source, campaign identifiers, and aggregated demographic or interest data that helps us understand our user base and improve our marketing efforts.
We use your information to provide, maintain, and improve our services, including:
We analyze usage patterns and feedback to understand how our platform is used, identify areas for improvement, develop new features, test new functionality, personalize your experience, and optimize our user interface and workflows. This helps us create a better product for all users.
We use your contact information to send important service updates, policy changes, feature announcements, and (with your consent) marketing communications about our services. You can opt out of marketing emails at any time using the unsubscribe link in any email or by adjusting your notification preferences in your account settings.
We use information to detect, investigate, and prevent fraudulent transactions, unauthorized access, abuse of our platform, violations of our Terms of Service, and other harmful or illegal activity. This includes monitoring for suspicious patterns, verifying user identities when necessary, and cooperating with law enforcement when required.
We use and retain information as necessary to comply with legal obligations, respond to legal requests and court orders, enforce our Terms of Service and other agreements, protect our rights and property, and protect the rights, safety, and security of our users and the public.
We use aggregated and de-identified data for business analytics, reporting, research, and to understand trends in the coaching and professional services industry. This data cannot be used to identify individual users and helps us make informed business decisions.
Important: We do not sell your personal data to third parties. We share data only as described in this section.
We share information with trusted third-party service providers who perform services on our behalf. These providers are contractually obligated to use your information only to provide services to us and to protect your information. Our current service providers include:
We may add additional service providers as we expand our platform capabilities. We will update this policy to reflect any material changes to our service provider relationships.
When you book a session with a coach, we share relevant booking information (your name, contact details, booking preferences, session notes, and payment status) with that coach so they can provide services to you. Similarly, coaches' profile information, availability, and service details are visible to potential clients browsing their booking pages.
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets, your information may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our platform before your information is transferred and becomes subject to a different privacy policy.
We may disclose your information if required by law, court order, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to: (a) comply with legal obligations; (b) protect our rights, property, or safety or that of our users or the public; (c) detect, prevent, or address fraud, security, or technical issues; or (d) enforce our Terms of Service or other agreements.
We may share your information with third parties when you explicitly consent to such sharing, such as when you authorize an integration with a third-party service or when you direct us to share information with a specific party.
We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you with partners, researchers, or other third parties for analytics, industry research, or other legitimate business purposes.
Continuum acts as a data controller for information collected about our users' use of the platform, account information, website design project data, payment processing, and platform analytics. As a controller, we determine the purposes and means of processing this data and are responsible for its protection and compliant use.
When coaches use our platform to manage their client relationships and bookings, we act as a data processor on behalf of the coach (who is the data controller). In these cases, we process client data according to the coach's instructions and applicable data protection laws. Coaches are responsible for ensuring they have appropriate legal bases to collect and process their clients' personal information.
Coaches using our platform are responsible for: (a) obtaining appropriate consent or legal basis for collecting client information; (b) providing clients with their own privacy notice if required; (c) honoring client data rights requests; (d) maintaining accurate information; and (e) complying with applicable data protection laws in their jurisdiction. We provide tools to help coaches fulfill these obligations but cannot guarantee coaches' compliance.
For coaches who require a formal Data Processing Agreement (DPA) to comply with regulations like GDPR, we offer standard DPAs that outline our respective responsibilities. Please contact us at the email address in Section 14 to request a DPA.
You have the right to access your personal information and, in certain circumstances, receive a copy of your data in a structured, commonly used, machine-readable format. You can view and download most of your data through your account settings. For comprehensive data exports, contact us at the email address in Section 14.
You can update most of your personal information directly through your account settings. If you believe any information we hold about you is inaccurate or incomplete, you can correct it in your account or contact us for assistance.
You have the right to request deletion of your personal information and closure of your account. You can delete your account through account settings or by contacting us. Upon deletion, we will remove your personal data from active systems within 30 days and from backup systems within 90 days, subject to legal retention obligations. Some information may be retained in de-identified form for analytics or as required for legal, tax, or accounting purposes.
Where we process your data based on legitimate interests, you have the right to object to such processing. You may also request restriction of processing in certain circumstances, such as while we verify the accuracy of your data or assess your objection. Note that exercising these rights may limit our ability to provide certain services.
You can opt out of marketing emails at any time by clicking the "unsubscribe" link in any marketing email or by adjusting your notification preferences in account settings. Note that even if you opt out of marketing communications, we will still send transactional emails necessary to provide our services (booking confirmations, payment receipts, important service updates, etc.).
You can control cookies through your browser settings and through our cookie preference center. See Section 10 for detailed information about cookies and how to manage them. Note that disabling certain cookies may affect platform functionality.
To exercise any of these rights, contact us at the email address in Section 14. We will respond to your request within the timeframe required by applicable law (typically 30 days). We may need to verify your identity before processing your request. You also have the right to file a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and equivalent laws:
We process your personal data based on the following legal grounds:
Your data may be transferred to and processed in countries outside the EEA. When we transfer data internationally, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other legally compliant transfer mechanisms.
You may contact our Data Protection Officer with questions about our data processing practices at the email address provided in Section 14.
You have the right to lodge a complaint with your local supervisory authority if you believe we have violated your data protection rights.
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
You have the right to request disclosure of: (a) categories of personal information collected; (b) categories of sources; (c) business or commercial purpose for collection; (d) categories of third parties with whom we share information; and (e) specific pieces of personal information we hold about you.
You have the right to request deletion of personal information we have collected from you, subject to certain exceptions (such as completing transactions, detecting security incidents, complying with legal obligations, etc.).
You have the right to request correction of inaccurate personal information we maintain about you.
You have the right to opt out of the "sale" or "sharing" of personal information (as defined by CCPA) and to limit the use and disclosure of sensitive personal information. Note: We do not sell personal information in the traditional sense and do not share information for cross-context behavioral advertising.
You have the right not to receive discriminatory treatment for exercising your CCPA/CPRA rights. We will not deny services, charge different prices, or provide different quality of services because you exercise your privacy rights.
You may designate an authorized agent to make requests on your behalf. We will require verification of both your identity and the agent's authority to act on your behalf.
In the past 12 months, we have collected the following categories of personal information:
Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have similar rights to those described above, including rights to access, delete, correct, and opt out of certain data processing activities. Contact us at the email in Section 14 to exercise these rights.
If you are located in a jurisdiction with specific data protection laws not mentioned above, you may have additional rights under local law. Contact us to learn about rights available in your jurisdiction.
We implement industry-standard technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include:
In the event of a data breach that affects your personal information, we will notify you and applicable regulatory authorities as required by law. Notification will be provided without undue delay and will include information about the nature of the breach, the data affected, steps we are taking to address the breach, and recommendations for protecting yourself. Notifications will be sent via email to the address on your account and/or posted prominently on our platform.
While we implement strong security measures, security is a shared responsibility. You can help protect your account by: (a) using a strong, unique password; (b) not sharing your login credentials; (c) logging out when using shared devices; (d) keeping your contact information current; (e) enabling two-factor authentication if available; and (f) promptly reporting any suspicious activity on your account.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. If you have reason to believe your interaction with us is no longer secure, please contact us immediately.
We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Retention periods vary based on data type:
When you delete your account or request deletion of your data, we will: (a) remove personal data from active systems within 30 days; (b) remove data from backup systems within 90 days; and (c) de-identify or aggregate any data retained for analytics or legal purposes. Some information may be retained in de-identified form that cannot reasonably be used to identify you.
We may retain certain information longer than standard retention periods when required by law, necessary for legal proceedings, to enforce our agreements, to prevent fraud and abuse, to resolve disputes, or for other legitimate business purposes. When legal holds or preservation obligations apply, data subject to those obligations will not be deleted until the obligation ends.
We maintain backup copies of data for disaster recovery and business continuity purposes. Deleted data may remain in backup systems for up to 90 days after deletion from active systems. Backup data is securely stored and not used for operational purposes.
Cookies are small text files stored on your device when you visit our platform. We use cookies and similar technologies (web beacons, pixels, local storage) to recognize you, remember your preferences, keep you logged in, understand how you use our platform, and improve your experience.
These cookies are necessary for the platform to function and cannot be disabled. They enable core functionality such as user authentication, session management, security features, and load balancing. Without these cookies, our services cannot be provided.
These cookies enable enhanced functionality and personalization, such as remembering your preferences (language, timezone, display settings), storing your booking drafts, and personalizing your experience based on your account type.
These cookies help us understand how visitors interact with our platform by collecting information about pages visited, time spent, errors encountered, and usage patterns. This information is aggregated and anonymized, and helps us improve platform performance and user experience.
With your consent, we may use cookies to deliver relevant advertisements, track ad campaign effectiveness, and measure marketing ROI. These cookies may track your browsing activity across different websites. You can opt out of these cookies through our cookie preference center or your browser settings.
Some cookies are placed by third-party services we use, such as payment processors (Stripe), analytics providers, and content delivery networks. These third parties may use cookies to provide their services and may have their own privacy policies governing their use of your information.
You can control cookies in several ways:
In addition to cookies, we may use browser local storage and session storage to store preferences, cache data for performance, and maintain application state. This data is stored locally on your device and can be cleared through your browser settings.
Continuum is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are under 16, please do not use our services or provide any information to us.
If we learn that we have collected personal information from a child under 16 without parental consent, we will delete that information as quickly as possible. If you believe we have collected information from a child under 16, please contact us immediately at the email address in Section 14.
If a coach provides services to minors (such as youth sports coaching or tutoring), the coach is responsible for obtaining appropriate parental consent and complying with applicable laws regarding minors' data. Continuum provides the platform but is not responsible for coaches' compliance with laws regarding services to minors.
Our platform integrates with and relies on third-party services including Stripe (payment processing), Resend (email delivery), Supabase (database and authentication), and others. When you use features that involve these services, your information may be transmitted to and processed by these third parties in accordance with their privacy policies. We encourage you to review the privacy policies of these services.
Our platform may contain links to third-party websites, including coaches' own websites (if they have custom sites we've built), social media profiles, and other external resources. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party sites you visit.
When we build custom websites for coaches, those websites may integrate with our scheduling platform or operate independently. If a coach's custom website includes our scheduling integration, this Privacy Policy applies to data collected through that integration. For data collected through other parts of the coach's website, the coach's own privacy policy applies (if they have one). Coaches are responsible for implementing appropriate privacy notices on their custom websites.
We may add integrations with additional third-party services in the future (such as video conferencing platforms, accounting software, CRM systems, etc.). When we add new integrations, we will update this Privacy Policy to reflect those changes and will seek your consent where required by law.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.
For material changes that significantly affect your rights or how we use your information, we will provide prominent notice before the changes take effect. This may include email notification, a banner on our platform, or other appropriate communication methods. We encourage you to review this policy periodically.
Your continued use of our services after we post changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree to the updated policy, you should discontinue use of our services and contact us to close your account.
If you would like to review a previous version of this Privacy Policy, please contact us at the email address in Section 14.
If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle your personal information, please contact us at:
Email: book.with.continuum@gmail.com
Subject Line: Privacy Request - [Your Name]
For GDPR-related inquiries or to contact our Data Protection Officer, please use the same email address above with the subject line "DPO - [Your Query]".
We will respond to privacy requests and inquiries within the timeframe required by applicable law, typically within 30 days of receiving your request. We may need to verify your identity before processing certain requests to protect your privacy and security.
You have the right to file a complaint with your local data protection authority if you believe we have not adequately addressed your privacy concerns. However, we encourage you to contact us first so we can try to resolve your concerns directly.
This Privacy Policy was last updated on