SessionBrief
ProductHow it worksPricingResources
Sign inTry it with one real session

Privacy Policy

Privacy Policy

Effective date: 2026-05-08

SessionBrief is a post-session workflow tool for coaches and professional service providers. This Privacy Policy explains how SessionBrief collects, uses, stores, and shares personal information when you use our website, application, and related services.

For the purposes of this Privacy Policy, “SessionBrief,” “we,” “us,” and “our” refers to Xandaverse LTD, registered in England and Wales, with registered address at 71 - 75 Shelton Street, Covent Garden, London, WC2H 9JQ.

If you do not agree with this Privacy Policy, you should not use SessionBrief.

1. What SessionBrief does

SessionBrief helps coaches turn user-submitted session notes, files, or audio into structured drafts such as session summaries, follow-up drafts, action items, and client context for coach review.

SessionBrief is not an AI coach. It does not replace professional judgement. Coaches remain responsible for reviewing, editing, approving, and deciding how to use any generated output.

2. Information we collect

We may collect the following categories of information.

Account information

When you create an account, we may collect:

  • Name
  • Email address
  • Authentication details
  • Profile image, if provided through a sign-in provider
  • Account settings and preferences
  • Subscription or plan information

Google sign-in information

If you choose to sign in with Google, SessionBrief may receive basic Google account information such as your name, email address, profile image, and Google account identifier, depending on the permissions granted by Google.

SessionBrief uses this information to create and manage your account, authenticate your access, and personalize your in-app experience.

SessionBrief does not sell Google user data.

SessionBrief does not use Google user data for advertising.

SessionBrief does not use Google user data to train AI models.

SessionBrief does not request access to Google Drive, Gmail, Google Calendar, or other sensitive Google services unless this is clearly introduced as a separate feature in the future and you grant the required permissions.

SessionBrief does not transfer Google user data to third parties except where necessary to provide the service, comply with law, prevent abuse, or operate trusted infrastructure providers under appropriate confidentiality and security obligations.

Session and workflow content

When you use SessionBrief, you may submit:

  • Coaching notes
  • Session summaries
  • Uploaded files
  • Audio notes or voice notes, where available
  • Client names or identifiers
  • Follow-up drafts
  • Action items
  • Coach observations
  • Client context and timeline information

You are responsible for ensuring that you have the right and authority to submit any information to SessionBrief.

Usage and technical information

We may collect:

  • Log data
  • Device and browser information
  • IP address
  • Pages viewed
  • Feature usage
  • Error logs
  • Performance and diagnostic information
  • Approximate location derived from technical data
  • Cookie and similar tracking information, where applicable

Billing information

If you purchase a paid plan, payment and billing information may be processed by our payment provider. SessionBrief may receive limited billing information such as plan status, subscription status, customer identifier, payment status, and invoice metadata.

We do not intentionally store full payment card numbers on our own servers.

3. How we use information

We use information to:

  • Create and manage user accounts
  • Authenticate access to SessionBrief
  • Provide the SessionBrief workflow
  • Generate structured session outputs for coach review
  • Save session history and workflow state
  • Manage subscriptions, usage limits, and billing status
  • Improve product reliability and usability
  • Detect, prevent, and investigate abuse or security issues
  • Provide support
  • Send service-related communications
  • Comply with legal obligations

We may also use aggregated or de-identified information to understand product usage and improve SessionBrief.

We do not carry out automated decision-making that produces legal or similarly significant effects about you.

4. AI processing

SessionBrief uses AI systems and infrastructure providers to help generate session summaries, follow-up drafts, action items, and related workflow outputs.

Session content is processed to generate the requested outputs for coach review. Generated outputs are intended as drafts and must be reviewed by the coach before use.

We do not represent SessionBrief as a replacement for coaching judgement, clinical judgement, legal advice, medical advice, or professional supervision.

5. Legal bases for processing

Where UK GDPR or similar privacy laws apply, we rely on one or more lawful bases, including:

  • Contract: to provide SessionBrief and manage your account.
  • Legitimate interests: to operate, secure, improve, and support the service.
  • Consent: where required, such as for optional communications or certain cookies.
  • Legal obligation: where we must process information to comply with applicable law.

6. How we share information

We may share information with:

  • Cloud hosting and infrastructure providers
  • Authentication providers
  • AI processing providers
  • Database and storage providers
  • Email and communication providers
  • Payment and subscription providers
  • Analytics and error-monitoring providers
  • Professional advisers, where necessary
  • Authorities or regulators, where required by law

We only share information as needed to operate, secure, support, and improve SessionBrief, or where legally required.

We do not sell personal information.

7. Client and coaching data

SessionBrief may process information about your clients if you include that information in session notes, files, audio, or workflow content.

You are responsible for:

  • Informing your clients where required
  • Obtaining any necessary permissions
  • Avoiding unnecessary sensitive information
  • Ensuring your use of SessionBrief is appropriate for your professional obligations

SessionBrief is designed for confidentiality-conscious post-session workflows, but it is not a substitute for your own professional, legal, ethical, or data-protection responsibilities.

8. Retention

We keep personal information for as long as reasonably necessary to provide SessionBrief, maintain account records, support the service, comply with legal obligations, resolve disputes, and enforce agreements.

If we do not have a fixed retention period for a category of information, we use criteria such as:

  • Whether your account remains active
  • Whether the information is needed to provide the service
  • Whether we need the information for billing, security, audit, or legal reasons
  • Whether deletion has been requested and can lawfully be completed

9. Security

We use technical and organisational measures designed to protect personal information. These may include authentication-protected access, server-side access controls, audit logging where implemented, error monitoring with payload scrubbing where configured, and role-aware controls where applicable.

No online service can guarantee absolute security. You should use strong passwords, protect your login credentials, and only submit information you are authorised to process.

10. International transfers

SessionBrief and its providers may process information in countries other than your own. Where required, we use appropriate safeguards designed to protect personal information when it is transferred internationally, such as standard contractual clauses or equivalent mechanisms.

11. Cookies and analytics

SessionBrief may use cookies or similar technologies to:

  • Keep users signed in
  • Remember preferences
  • Understand website and product usage
  • Improve reliability and performance
  • Support security and fraud prevention

Where required, we will ask for consent before using non-essential cookies.

12. Your rights

Depending on where you live, you may have rights in relation to your personal information, including the right to:

  • Access personal information we hold about you
  • Correct inaccurate information
  • Request deletion
  • Restrict processing
  • Object to certain processing, including where applicable when we rely on legitimate interests
  • Request data portability
  • Withdraw consent where processing is based on consent
  • Complain to a data protection authority

To exercise your rights, contact us using the details below. We may need to verify your identity before responding to certain requests. We will respond in line with applicable data-protection laws.

If you are based in the UK, you also have the right to complain to the Information Commissioner’s Office. Further information is available at https://ico.org.uk.

13. Children

SessionBrief is not intended for children. You must not use SessionBrief if you are under the age required to enter into a binding agreement in your jurisdiction.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may notify users through the service or by other appropriate means.

The updated version will be posted on this page with a revised effective date.

15. Contact

If you have questions about this Privacy Policy, how we handle personal information, or if you wish to exercise your rights, contact us at:

Email: hello@sessionbrief.com

Postal address:

Xandaverse LTD

71 - 75 Shelton Street

Covent Garden

London

WC2H 9JQ

United Kingdom