Muppitify Coaching Platform privacy policy
Last updated: April 14, 2026
This privacy policy describes how the Muppitify Coaching Platform ("the Platform") handles your data across all editions: Desktop (macOS, Windows), Server (Docker), Vault (Obsidian), and K8s (Kubernetes).
Overview
The Muppitify Coaching Platform is a local-first coaching management tool. The developer does not collect, store, or have access to your coaching data. All coaching sessions, client information, recordings, transcripts, and ICF certification progress are stored on your device or your own server infrastructure.
Data stored locally
Desktop Edition
Data is stored in ~/Library/Application Support/MuppitifyCoach/ on macOS or %APPDATA%\MuppitifyCoach\ on Windows and includes:
| Data type | Storage |
|---|---|
| Coaching sessions, clients, programmes | SQLite database (coach.db) |
| Session recordings (audio, video) | sessions/ directory |
| Transcripts | sessions/ directory alongside recordings |
| ICF documents | icf-documents/ directory |
| Backups | backups/ directory |
| App settings, licence key, API keys | settings.json |
Server Edition
Data is stored in a Docker volume with the same structure as Desktop Edition. You control the host machine and volume location.
Vault Edition
Coaching data is stored as Markdown files in your Obsidian vault folder. You choose the vault location on first launch. Integration settings (AI providers, Zoom, Google Calendar) are stored as YAML files inside the vault's Settings/ folder. App configuration and licence data are stored separately in ~/Library/Application Support/MuppitifyCoachVault/config.json.
K8s Edition
Data is stored in Kubernetes Persistent Volume Claims on your cluster infrastructure. You control the storage backend and access policies.
Data transmitted to the developer
Licence activation (direct distribution)
When you activate or launch the Platform (direct distribution), the following data is sent to the developer's licensing server (licensing.muppit.au):
| Data | Purpose |
|---|---|
| Licence key | Validate your purchase |
| Device fingerprint (hardware UUID) | Enforce the two-device limit |
| Hostname | Identify the device in your licence dashboard |
On macOS, the device fingerprint is the IOPlatformUUID. On Windows, it is the SMBIOS product UUID.
This data is transmitted over HTTPS. Network errors during startup validation are tolerated. The Platform allows offline use with an existing activation.
Licence activation (Mac App Store)
Mac App Store purchases use Apple's receipt validation. No data is sent to the developer's licensing server.
Payment processing
Purchases are processed by Stripe. During checkout, Stripe collects your email address and name. If you select a crochet buddy add-on, Stripe also collects your shipping address. The developer receives this information from Stripe to fulfil your order and send your licence key. The developer does not receive or store credit card details.
Feedback submission
When you submit feedback from within the Platform, the following data is sent to the developer's store gateway (store.muppit.au):
| Data | Purpose |
|---|---|
| Licence key | Identify your account |
| Feedback text and contact details | Create a support ticket |
| App version | Metadata for support and compatibility |
| Edition name | Metadata for support and compatibility |
| Operating system version | Metadata for support and compatibility |
A confirmation email is sent to acknowledge your submission.
What is not transmitted
The Platform does not send to the developer:
- Coaching session data, notes, or client information
- Recordings or transcripts
- ICF certification progress
- AI analysis results
- Usage analytics, telemetry, or crash reports
Optional integrations
These integrations are configured by you and are entirely optional. The developer has no access to your credentials or data flowing through these integrations.
AI providers
You provide your own API key for one or more AI providers. When you request an AI analysis, coaching data (transcripts, session notes) is sent directly from the Platform to your chosen provider. The developer does not receive, route, or store this data. Supported providers include OpenAI, Anthropic, Google Gemini, Perplexity, xAI, Mistral, Groq, Ollama, LM Studio, llama-server, and other OpenAI-compatible providers.
You are responsible for reviewing the privacy policy of your chosen AI provider.
Zoom
You connect your own Zoom account via OAuth. OAuth tokens are stored locally on your device (settings.json for Desktop/Server editions, Settings/zoom-connection.yaml inside the vault for Vault Edition). Recordings are downloaded directly from Zoom to your device. The developer does not receive your Zoom credentials or recordings.
Google Calendar
You connect your own Google account via OAuth. OAuth tokens are stored locally on your device (settings.json for Desktop/Server editions, Settings/google-calendar.yaml inside the vault for Vault Edition). Calendar data is displayed in the Platform and is not transmitted elsewhere.
No telemetry
The Platform does not collect analytics, crash reports, or usage statistics. There are no tracking pixels, no third-party analytics services, and no phone-home behaviour beyond licence validation.
Data retention
Local data
Your coaching data remains on your device or server until you:
- Delete the Platform
- Delete the data directory or Docker volume
- Use the in-app data management tools to remove specific records
Licence data
Your licence record (key, email, device fingerprints) is retained on the developer's licensing server for as long as your licence is active. If your licence is revoked, the record is deleted.
Stripe data
Payment records are retained by Stripe in accordance with Stripe's privacy policy.
Security
The Platform implements the following security measures:
- All external communication uses HTTPS encryption
- Licence keys and API credentials are stored locally on your device
- Coaching data is stored in a local SQLite database or Markdown files, not in a cloud service
- Privacy Mode masks all client names and identifying data for safe demos and screen sharing
- Data export produces ZIP files that remain on your device
GDPR and international compliance
For users in the European Union and other jurisdictions with data protection regulations:
- Legal basis: Licence activation data is processed on the basis of contractual necessity (fulfilling your software purchase). Feedback submission is based on your explicit action.
- Data minimisation: The Platform only transmits the minimum data required for licence validation and feedback processing.
- Purpose limitation: Data sent to the developer is used solely for licence management and customer support.
- No profiling: The Platform does not perform automated decision-making or profiling.
- Right to erasure: Delete the Platform to remove all local data. Contact
support@muppit.auto request deletion of your licence record.
Since all coaching data stays on your device or server, you are the data controller for all coaching-related data. You are responsible for ensuring your handling of client coaching data complies with applicable data protection regulations in your jurisdiction.
Australian privacy
For users in Australia, data handling complies with the Australian Privacy Principles under the Privacy Act 1988 (Cth). The Platform collects only the minimum personal information necessary for licence validation and customer support. All coaching data remains on your device or server and is not accessible to the developer.
Children's privacy
The Platform is not directed at children under 16. We do not knowingly collect data from children.
Changes to this policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.
Contact
For questions about this privacy policy or the Platform's data practices:
- Email: support@muppit.au
- Documentation: Muppitify Coaching Platform
Your rights
You have the right to:
- Access: All coaching data is stored locally and accessible to you at all times
- Control: Revoke AI provider keys, disconnect Zoom or Google Calendar, or deactivate your licence from Settings
- Delete: Remove all local data by deleting the Platform or its data directory
- Portability: Export all coaching data as a ZIP file containing your database, recordings, and metadata