Quick Summary

• What we collect: Your account information, learning progress, voice recordings (if you use voice chat), and website usage data to provide and improve our services.

• How we use it: To run our AI coach (Goldi), track your learning, improve our services, and process payments.

• How we protect it: We encrypt all data, require multi-factor authentication, and carefully review our service providers.

• Your rights: You can access, correct, or delete your data by contacting us.

• Voice chat: Voice recordings are kept for 90 days to improve Goldi's coaching abilities.

• Cookies & tracking: We use cookies and analytics to improve your experience.

• Data retention: Most data is kept for 90 days to 12 months, depending on the type.

• Questions?: Contact us at privacy@climbtogether.co.
   

Your Consent
By using Climb Together services, you agree to this Privacy Policy. If you disagree, please don't use our services. When you sign up, we'll ask you to explicitly consent to this policy by checking a box that says "I have read and agree to the Privacy Policy." You can withdraw your consent at any time by deleting your account, though this won't affect our previous use of your information.
Introduction
At Climb Together, we believe in being transparent about how we collect and use your data. This policy explains what information we collect, how we use it, and the choices you have regarding your data. We've written this in plain language to make it easier to understand.
What Information We Collect
We collect several types of information when you use our services:

Account Information

• Your name and email address

• Login information (password is encrypted)

• Profile information you provide

Learning Data

• Your course progress and completion

• Assessment results

• Interactions with learning materials

AI Coaching Data

• Text conversations with Goldi (our AI coach)

• Voice recordings and transcripts (if you use voice chat)

• Feedback you provide on AI responses

Usage Data

• How you use our platform

• Device information (browser type, operating system)

• IP address and general location

• Time spent on different features

Payment Information

• We use Stripe to process payments and don't store your complete credit card information

How We Use Your Information
We use your information to:

• Provide and personalize our services

• Improve Goldi's AI coaching

• Track your learning progress

• Keep our platform secure

• Send important updates about our services

• Process payments

• Comply with legal requirements
   

How We Protect Your Information
Your security is important to us. We protect your data by:

• Encrypting all data at rest using AES-256 encryption

• Encrypting all data in transit using TLS 1.2 or higher

• Requiring multi-factor authentication for our staff

• Limiting access to only those who need it

• Regularly testing our security systems

• Working only with trusted service providers who meet strict security standards
   

Who We Share Your Information With
We share your information with:

• Clerk: For secure login and authentication

• TalentLMS: To host learning content and track your progress

• Langfuse: To monitor and improve AI performance

• PostHog: For anonymous usage analytics

• HumeAI: To process voice interactions for Goldi

• Stripe: To process payments

• Vercel: To host our platform

 
We only share what's necessary for these services to work properly. We never sell your data to third parties. All our service providers must comply with security standards including SOC 2, ISO 27001, GDPR, and CCPA where applicable.

About Voice Recordings
If you use voice chat with Goldi:

• Your voice is processed in real-time to generate responses

• Recordings are stored for up to 90 days

• Recordings help us improve Goldi's understanding and responses

• You can choose to use text-only chat instead

• Voice data is never sold or shared beyond HumeAI, which processes it solely for AI response generation and system improvements
   

Your Rights and Choices
You have the right to:

• Access your personal information

• Correct inaccurate data

• Delete your data (except where we're legally required to keep it)

• Object to certain types of processing

• Download a copy of your data

 
To exercise these rights, contact us at privacy@climbtogether.co. We'll respond within 30 days.

Children's Privacy
Our services are not designed for children under 13. We do not knowingly collect information from children under 13. If we learn we have collected information from a child under 13, we will delete that information right away. Parents or guardians who believe their child has submitted personal data may contact privacy@climbtogether.co for assistance.
Cookies and Tracking

We use cookies and similar technologies to:
 

• Keep you logged in

• Remember your preferences

• Understand how you use our platform

• Improve our services

 
You can control cookies through your browser settings, but some features may not work properly if you disable them.
 
Note: The provided documents do not explicitly mention the specific types of cookies used or whether Climb Together responds to Do Not Track signals. This information should be added.
Session Management
Goldi (via Clerk) and TalentLMS automatically log you out after 30 minutes of inactivity for security. Failed login attempts trigger security alerts, and repeated failures may result in account lockout.
Data Retention
We keep your information for different periods depending on what it is:
 

• Authentication logs: 90 days

• AI conversation logs: 90 days

• Voice recordings: 90 days

• User analytics data: 12 months

• Course progress data: 12 months or until you request deletion
   

Data Exports and Access Controls
To protect your information:

• Only authorized administrators can export data from our systems

• Goldi doesn't allow users to download personal conversation data

• Data extraction requests require approval and are logged
   

Data Breach Notification
If a data breach occurs, we will:

• Investigate and contain the breach immediately

• Notify affected users within 72 hours of confirmation

• Provide guidance on protective actions you can take

 
For security concerns, contact security@climbtogether.co.

International Data Transfers
Your information may be stored and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country.
 
Note: The provided documents do not explicitly mention specific data transfer mechanisms used for international transfers (such as Standard Contractual Clauses). This information should be added if applicable.

Legal Disclosures
We may disclose your information if required by law, court order, or to protect users' safety. This includes compliance with legal obligations, fraud prevention, and responding to government requests.

Changes to This Policy
We may update this policy from time to time. If we make significant changes, we'll notify you by email or by posting a notice on our website. The latest version will always be available at climbtogether.co/privacy.
Business Continuity and Disaster Recovery

We maintain a Business Continuity and Disaster Recovery plan, which includes:
 

• Regular data backups to ensure recovery in case of data loss

• Defined emergency response roles and contacts

• Coordination with third-party vendors
   

Contact Us
If you have questions about this policy or want to exercise your rights:

• Email: privacy@climbtogether.co

• Security concerns: security@climbtogether.co

• General questions: contact@climbtogether.co

 
 
 
 
By using Climb Together, you acknowledge you have read and understand this Privacy Policy.