Privacy Policy
Draft dated July 13, 2026 — not yet in force.
Thirty Straight is a small operation. One coach, a short list of tools, and no interest in your data beyond what it takes to run the service. This policy tells you exactly what we collect, what we do with it, and what we will never do with it. "We," "us," and "Thirty Straight" mean [Your Legal LLC Name] LLC, the company behind thirtystraight.com.
1. What this service is (and is not)
Thirty Straight provides personal coaching and mentorship: video sessions and a direct message line for advice, strategy, and accountability. Thirty Straight is not therapy, counseling, psychotherapy, or medical or mental-health care, and James is not a licensed therapist, counselor, or medical provider. That distinction matters for privacy, and Section 6 explains why in plain terms.
Thirty Straight is also not a crisis service. The direct line is answered within a few hours, 9am–9pm ET, 7 days a week — not around the clock. If you are in crisis or thinking about harming yourself, call or text 988 (the Suicide & Crisis Lifeline — free, confidential, 24/7) or call 911.
2. What we collect
- Interest form. Your name and email address, plus anything you choose to write in the form.
- Payment information. Payments run through Stripe. Your card number goes directly to Stripe and stays there — Thirty Straight never sees or stores full card numbers. Stripe shares with us only what we need to manage your membership: your name, email, and subscription status.
- Session notes. James keeps brief notes on your sessions — goals, commitments, what you're working on — so he doesn't make you repeat yourself every month.
- Scheduling details. Booking times and the information you enter when you schedule a session.
- Direct-line messages. The direct line runs on WhatsApp. Message content lives on WhatsApp/Meta's systems under their own terms and privacy policy, which we do not control. See Section 5.
- Analytics. We use Plausible, a privacy-respecting analytics tool: no cookies, no cross-site tracking, no personal profiles. We see aggregate numbers (visits, pages, referrers), not you.
3. How we use it
We use your information to run the service and nothing else: scheduling and holding sessions, replying on the direct line, keeping continuity between sessions through notes, billing you, sending the emails the service requires (like your signup confirmation, which restates your price, renewal terms, and how to cancel), and meeting our legal obligations.
We never sell your data. We never rent it, trade it, or hand it to advertisers. There is no version of this business where your information is the product.
4. Who we share it with
Only the service providers who process data so the service can function: Stripe (payments and billing), our website hosting provider, our scheduling provider, and our email provider. Each handles your data on our instructions to do its job — nothing more.
Beyond that, we would disclose information only if the law requires it (for example, a valid subpoena or court order), or if the business were ever sold or reorganized, in which case member data would transfer with it under commitments at least as protective as these.
[ATTORNEY REVIEW: Confirm the final processor list (Stripe, hosting, scheduling, email) once vendors are locked, and whether data-processing agreements are in place with each.]
5. A straight word about WhatsApp
WhatsApp encrypts message content end-to-end in transit, but your account information and message metadata are handled by WhatsApp/Meta under their privacy policy. We chose it because it works and members already use it, but we can't make promises on Meta's behalf. If that trade-off doesn't sit right with you, raise it with us before you rely on the direct line.
6. Confidential — but not privileged
What you say in sessions and on the direct line stays between you and James. That is our firm policy. But you should know the legal reality: coaching carries no professional-client privilege. Unlike conversations with a lawyer or a licensed medical provider, records of your sessions and messages could be compelled in a legal proceeding, and we would have to comply with a valid court order. Confidential as a matter of policy is real and we mean it — but it is not the same thing as privileged by law, and we won't pretend otherwise.
7. How long we keep it
- Session notes and messages we hold: kept while you're a member, then deleted within 12 months after your membership ends, unless you ask us to delete them sooner.
- Billing records: kept as long as tax and accounting law requires.
- Interest-form submissions: deleted on request, or after 24 months of inactivity.
[ATTORNEY REVIEW: Confirm the proposed retention periods above, and whether the policy should add NY SHIELD Act data-security and breach-notification language.]
8. Your rights
Ask and you'll get a straight answer. Email hello@thirtystraight.com to:
- See a copy of the personal information we hold about you;
- Correct anything that's wrong;
- Have your information deleted, except records we're legally required to keep (like billing records).
We aim to respond within 30 days. No forms, no runaround.
[ATTORNEY REVIEW: Decide whether state-specific rights sections (e.g., California CPRA) or EU/UK visitor language are needed. Given the service's size and NY focus, the applicable thresholds likely aren't met, but please confirm.]
9. Security, honestly
Here's the honest version, not the boilerplate one. This is a one-person operation, and only James has access to member information. Accounts that hold your data (Stripe, email, scheduling, hosting) are protected with strong unique passwords and two-factor authentication. The site is served over HTTPS. Card numbers never touch our systems — Stripe holds those. Session notes are kept in a private, access-controlled account, not on paper left around. No system is unbreakable, and we won't claim ours is. If a breach ever affected your data, we would tell you promptly and plainly, as the law requires.
10. Children
Thirty Straight is for adults. The service is not directed at anyone under 18, and membership requires that you're at least 18. We don't knowingly collect information from minors; if we learn we have, we'll delete it.
11. Changes to this policy
If we change this policy, we'll post the updated version here with a new date. If a change materially affects members, we'll email you 5–30 days before it takes effect — the same advance-notice standard we apply to any change in your membership terms.
12. Governing law
This policy, and any dispute about privacy or data connected to Thirty Straight, is governed by the laws of the State of New York.
13. Contact
Questions, requests, or complaints about privacy: email hello@thirtystraight.com, or write to [Your Legal LLC Name] LLC, [Address].