mysaas>_coachBack

    Legal

    Privacy Policy

    Last updated : March 20, 2026

    Contents

    Who we areData we collectLegal basis and purposesSharing with third partiesRetention periodYour GDPR rightsCookies and analyticsSecurityChangesContact

    Who we are

    mysaas.coach is operated by Amorem SAS, a simplified joint-stock company incorporated in France, with its registered office at 50 Rue Saint André des Arts, 75006 Paris.

    Amorem SAS acts as the data controller under Regulation (EU) 2016/679 (GDPR) for all personal data collected through the mysaas.coach platform.

    Data we collect

    We collect the following data depending on how you use the platform.

    Account and authentication

    Email address (required), magic link login token (temporary, expires after 15 minutes), and session data (IP address, browser user-agent).

    Product context

    Your SaaS product URL, product name, objectives, problems encountered, ideal customer profile (ICP), and manually entered coaching context.

    AI-generated data

    Action checklists, strategic briefs, coaching memos, and chat messages with the AI coach — all generated from your product context.

    Competitor data

    URLs of competitor products you identify, and analysis data generated by crawling those URLs.

    Wellness and tracking

    Mood and energy data (optional), entered by you as part of coaching tracking.

    Revenue metrics

    MRR, churn, and other SaaS metrics retrieved via the OAuth integration with MRR Calendar (optional).

    Accountability Partner

    Only your first name is shared with your accountability buddy. No product data is transmitted.

    Legal basis and purposes

    Performance of a contract (Art. 6(1)(b) GDPR)

    Managing your account, magic link authentication, providing the AI coaching service, generating checklists and briefs, processing payments, analyzing your product and competitors.

    Consent (Art. 6(1)(a) GDPR)

    OAuth connection to MRR Calendar to retrieve your revenue metrics. You may revoke this consent at any time from your settings.

    Legitimate interest (Art. 6(1)(f) GDPR)

    Audience measurement via Plausible (anonymous, cookieless), security and fraud prevention, and platform improvement.

    Sharing with third parties

    We do not sell or rent your data. We rely on technical processors to operate the platform.

    UseSend

    Transactional email provider

    Email address — for sending your login magic link and notifications.

    Stripe

    Payment processing

    Email address, payment details (credit card). Stripe acts as an independent data controller for payment data.

    OpenRouter

    AI model provider

    Product context (URL, objectives, problems, ICP, competitor data) sent for analysis and coaching recommendation generation.

    Firecrawl / Cloudflare Browser Rendering

    Product crawling and analysis

    Your SaaS product URL and competitor URLs for content and positioning analysis, depending on the crawl provider enabled in the admin settings.

    MRR Calendar

    SaaS revenue metrics

    Revenue data (MRR, churn, etc.) retrieved via an OAuth connection that you authorize.

    Plausible

    Privacy-friendly analytics

    Aggregated and anonymous visit data. Plausible does not set any cookies and does not collect any personal data.

    Your data may also be disclosed where required by law or to protect our legal rights.

    Retention period

    Your data is kept for as long as your account remains active. When you delete your account, all of your data (profile, products, coaching, checklists, memos, chat, competitors) is deleted immediately and permanently.

    Magic link tokens automatically expire after 15 minutes and are invalidated after use. A data export is available from /dashboard/settings before any deletion.

    Your GDPR rights

    Under the GDPR, you have the following rights regarding your personal data.

    Right of access — Obtain a copy of the data we hold about you.
    Right to rectification — Correct inaccurate or incomplete data.
    Right to erasure — Request deletion of your data. You can also do this directly from your account.
    Right to portability — Receive your data in a structured, machine-readable format. An export is available from /dashboard/settings.
    Right to object — Object to processing based on our legitimate interest.
    Right to restriction — Request a temporary restriction on the processing of your data.

    To exercise these rights, contact us at legal@mysaas.coach. You also have the right to lodge a complaint with the French data protection authority, the CNIL (cnil.fr).

    Cookies and analytics

    mysaas.coach takes a minimalist approach to cookies and tracking:

    ›

    No third-party tracking cookies

    ›

    Plausible Analytics: server-side analytics, cookieless, no personal data

    ›

    Session cookie only to keep you signed in

    ›

    No tracking pixels or fingerprinting

    The only cookie set is a session cookie strictly necessary for the service to operate (keeping you signed in). Plausible Analytics works without cookies and without personal data, in compliance with the GDPR without the need for a consent banner.

    Security

    We implement appropriate technical measures to protect your data: encrypted communications (HTTPS), single-use magic link authentication tokens with limited lifetime, and restricted database access. No password is ever stored — authentication is handled exclusively through magic links.

    Changes

    We may update this policy at any time. The date of the latest update appears at the top of this page. If we make a material change, we will notify you by email. Continued use of the platform after notice constitutes acceptance of the updated policy.

    Contact

    For any question about this policy or to exercise your rights:

    Amorem SAS

    50 Rue Saint André des Arts, 75006 Paris

    legal@mysaas.coach