Legal

Privacy Policy

Effective June 21, 2026

This Privacy Policy explains how TKCoaching LLC ("we", "us", "our") collects, uses, and protects information when you use the Self-Coaching Course and related tools (the "Service"). We try to keep this simple and honest.

1. Who is responsible for your data

TKCoaching LLC
30 N Gould St, Ste N
Sheridan, WY 82801, USA
Contact: tarek@tarekelkhayat.com

2. What we collect

When you join the waitlist or buy the course

Your name
Your email address
The date you signed up

When you buy the course

Payment is processed by Stripe. We do not see or store your card details. We receive a payment confirmation, the email you used at checkout, and a transaction ID.

When you log into the members area

Your email address
Your display name (if you sign in with Google)
A secure session token, stored in your browser, that proves you are logged in
Basic timestamps of when you signed in

When you use the tools (meal planner, workout builder, calculators)

The numbers and choices you enter into the tools are stored locally in your browser. We do not send your meal plans, workout plans, or personal macros to our servers unless you explicitly ask us to.

When you watch course videos

Course videos are hosted on Cloudflare Stream. When you watch a video, Cloudflare may collect basic playback information (load times, bandwidth, errors) to deliver the video reliably. This information is not linked to your name or email in our records.

When you visit the site

We use Cloudflare Analytics, which collects aggregate, anonymous information about page views and basic browser/device categories. It does not use cookies and does not identify individual visitors.

3. Why we collect it

To deliver the course: give you access to the content and tools you bought.
To process payments: via Stripe, our payment processor.
To communicate with you: send course updates, weekly call links if you qualify, and respond to your questions.
To improve the Service: understand which content is most useful via anonymous analytics.
To comply with the law: tax records, fraud prevention, etc.

4. Who we share it with

We do not sell your personal information. We share data only with the service providers we need to run the business:

Stripe (payment processing) - stripe.com/privacy
Resend (transactional and broadcast emails) - resend.com/legal/privacy-policy
Google (Google Sheets for record-keeping, optional Google Sign-In) - policies.google.com/privacy
Cloudflare (site hosting, anonymous analytics, and video hosting via Cloudflare Stream for course lessons) - cloudflare.com/privacypolicy
Railway (backend hosting) - railway.com/legal/privacy

We may disclose information if required by law, by a valid court order, or if we believe in good faith that disclosure is necessary to prevent harm or fraud.

5. How long we keep it

Waitlist data: kept until the course launches, then archived. You can ask us to delete it at any time.
Member accounts: kept for as long as you have access to the course, plus a reasonable period afterward for tax and record-keeping.
Email logs: kept for up to 12 months for troubleshooting and abuse prevention.
Payment records: kept as long as required by US tax and accounting law (typically 7 years).

6. Your rights

Regardless of where you live, you can:

Ask what data we have about you
Ask us to correct inaccurate data
Ask us to delete your data (subject to legal records we are required to keep)
Ask us to stop sending you marketing emails (just reply to any email and tell us, or email us directly)
Export the data you have given us

If you are in the EU, UK, or another region with comprehensive privacy laws (such as California), you have additional statutory rights including the right to object to processing and to lodge a complaint with your local data protection authority.

To make any of these requests, email tarek@tarekelkhayat.com. We will respond within 30 days.

7. International data transfers

TKCoaching LLC is based in the United States. Our service providers (Stripe, Resend, Google, Cloudflare, Railway) operate globally and may process data in the United States or in other countries. By using the Service, you understand and agree that your data may be transferred to and processed in these locations. We rely on our providers' standard contractual clauses and certifications to protect data transferred internationally.

8. Security

We take reasonable measures to protect your data, including:

HTTPS for all data in transit
Secure storage on reputable service providers
Access controls on internal systems (only Tarek has admin access)
Authentication tokens that are HMAC-signed to prevent forgery

No system is 100% secure. If we ever experience a data breach that affects you, we will notify you as required by law.

9. Children

The Service is intended for users aged 16 and older. We do not knowingly collect data from anyone under 16. If you believe a child has provided us with information, please email us and we will delete it.

10. Cookies

We do not use tracking cookies. We use browser local storage to:

Keep you logged in to the members area
Save your meal plans, workout plans, and tool inputs on your device

You can clear browser local storage at any time through your browser's settings. Doing so will sign you out and erase locally stored plans.

11. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service. The "Effective" date at the top of this page will be updated.

12. Contact

For any privacy questions or requests, email tarek@tarekelkhayat.com.