European coaches work under GDPR - the General Data Protection Regulation - which sets strict rules on how client data is collected, stored, and processed. Most coaching platforms were built in the United States, where different data rules apply. That creates a real risk for European coaches who store sensitive client information on those platforms. Here is what to look for in a GDPR-compliant coaching platform, and how to evaluate your options.
Why GDPR matters for coaches
As a coach, you handle personal and sometimes sensitive information about your clients: their goals, challenges, work situations, and personal struggles. Under GDPR, you are considered a data controller. That means you are responsible for ensuring that the tools you use to store and process that data comply with European law.
If your coaching software stores data on US servers without proper safeguards, or if you cannot produce a data processing agreement with the platform provider, you may be in violation of GDPR - even if you did not realize it.
What makes a coaching platform GDPR-compliant?
Data stored in the EU or EEA. The safest option is a platform that stores data on servers located within the European Union or European Economic Area. If data is stored outside the EU, the provider must have appropriate transfer mechanisms in place.
A data processing agreement (DPA). Any platform that processes personal data on your behalf must offer a DPA. This is a legal agreement that defines how the processor handles the data and what safeguards are in place. If a platform cannot provide one, that is a red flag.
Clear privacy policy and data handling documentation. You should be able to tell your clients exactly where their data is stored and how it is protected. A GDPR-compliant platform makes this easy to explain.
Encryption of client data. Sensitive client information should be encrypted both in transit and at rest. This applies especially to session notes, goals, and any personal details stored in the platform.
Client rights support. GDPR gives clients the right to access, correct, and delete their personal data. A compliant platform should make it straightforward for you to fulfill these requests.
The challenge with US-based platforms
Many popular coaching tools - including some well-known names - are US-based and primarily designed for the US market. They may not offer a DPA, may store data on US servers, and may not have undergone a GDPR compliance review. Using these tools without additional safeguards puts you at risk, especially if you work with clients in EU member states.
How FocusCoachee approaches GDPR
FocusCoachee is a Dutch company, built specifically for the European market. Client data is encrypted, data handling follows Dutch and European standards, and the platform is designed with privacy as a core principle rather than an afterthought. European coaches can use FocusCoachee with confidence that their client data is handled according to the same laws that govern their own practice.
