♝ ChessCoach

Privacy Policy

Last updated: May 16, 2026

1. What We Collect

  • Account: Username, email, and a hashed password.
  • Profile: Bio, timezone, languages, coaching prices, and (for coaches) a verified chess.com username.
  • Payments: Card data is handled by Stripe. We only store a non-reversible card fingerprint and the last 4 digits for fraud prevention.
  • IP address: Captured at signup and key actions for rate-limiting and abuse detection.
  • Usage: Lesson requests, reviews, transactions, and activity timestamps required to operate the Platform.

2. How We Use It

  • Service: Match students with coaches, process payments, manage bookings and reviews.
  • Abuse prevention: Detect duplicate accounts, card sharing, spam, and no-shows.
  • Rate limiting: Protect signup, login, password reset, deposits, and booking endpoints.
  • Communication: Send email verification, password reset, and dispute-related emails to the address on your account.
  • Improvement: Aggregate, anonymized analytics only.

3. Sharing

  • Other users: Your username, profile, coaching status, activity, and reviews are public. Your email and IP are not.
  • Stripe: Payment data is shared with Stripe. See Stripe's Privacy Policy.
  • Chess.com: We query the public chess.com API to verify coach accounts and fetch ratings. We do not share your data with chess.com.
  • Google (optional): If you sign in with Google, your browser is redirected to Google's sign-in page (which sets its own cookies on google.com) and Google returns your name and email address to us. See Google's Privacy Policy.
  • Law enforcement: We may disclose information if required by law.
  • We do not sell personal data.

4. Retention

  • Account data is retained while your account is active.
  • Transaction and lesson history is retained for financial record-keeping and dispute resolution.
  • Rate-limit records are automatically purged once expired.
  • On request, we delete personal data within 30 days, except records required by legal or financial obligations.

5. Security

We use HTTPS/TLS, hashed passwords (bcrypt), CSRF protection, and secure HTTP headers. Card processing is delegated to Stripe (PCI-DSS Level 1). No system is 100% secure; we make no guarantees of absolute security.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and personal data.
  • Object to or restrict certain processing.
  • Export your data in a portable format.

To exercise these rights, email chesscoach.training@gmail.com.

7. Cookies

We use essential cookies only — a session cookie for authentication and CSRF protection. No tracking, advertising, or third-party analytics cookies.

8. Children

The Platform is not intended for children under 13. If you believe a child under 13 has created an account, contact us and we will remove it.

9. Changes

We may update this Policy from time to time. The "Last updated" date above will be revised. Continued use of the Platform constitutes acceptance.

10. Contact

Privacy questions? Email chesscoach.training@gmail.com.

How a Lesson Works

  1. 1

    Request a Lesson

    Visit a coach's profile and send a lesson request with the desired duration.

  2. 2

    Coach Accepts

    The coach reviews and accepts or declines. If declined, reserved funds are released.

  3. 3

    Both Confirm Start

    Contact each other via Chess.com and both confirm the lesson has started.

  4. 4

    Have the Lesson

    The lesson is in progress. Teach, learn, and enjoy!

  5. 5

    Lesson Auto-Completes

    24 hours after the scheduled end, payment transfers to the coach automatically. If the lesson was unsatisfactory, the student can Report Issue during that window for admin review.

  6. 6

    Leave Reviews

    Rate each other 1–5 stars to help the community.