Destin X
Legal

Privacy Notice

Last updated: April 28, 2026

This Privacy Notice explains how JOA Creative Lab, trading as Designed for Destiny / D4D Method ("we", "us", "our"), collects, uses, and protects your personal data when you use our website and 7-Day Client Challenge service (the "Service"). We act as the data controller for the personal data we collect about you.

Your vision belongs to you

We know the women who use D4D Method are sharing more than business notes, you're sharing the vision God placed on your heart. We treat that with the weight it deserves. Specifically:

  • Your inputs are never used to train AI models. The prompts, answers, and "God ideas" you write are sent to our AI providers (OpenAI, Google) only to generate your coaching response. We use their zero-data-retention and no-training API endpoints, which contractually prohibit them from using your content to train their general-purpose models.
  • Your data is encrypted and access-controlled. Everything is encrypted in transit (HTTPS) and at rest in our database. Row-level security ensures one user can never see another user's coaching, vision work, or account data, not even by accident.
  • We don't sell your data. Ever. Not to advertisers, not to data brokers, not to anyone. Your vision is not a product.
  • You stay in control. You can export or delete everything you've entered at any time by emailing hello@d4dclientchallenge.com. We comply with GDPR (UK/EEA) and CCPA (California) requests within one month.

1. Personal data we collect

  • Account data, your name, email address, hashed password, and the date you created your account.
  • Coaching content, the answers you write to challenge questions, links you share, your stated business profile, and the AI coaching responses generated for you.
  • Usage and device data, pages visited, actions taken in the app, IP address, browser, and device identifiers, used to operate and improve the Service.
  • Support messages, anything you send us when you contact support.
  • Order data, your purchase status (whether you have access), received from our payment processor. We do not see or store your payment card details.

2. Why we use your data, and our legal basis

  • To provide the Service (create your account, run the AI coaching, save your progress), based on performance of our contract with you.
  • To process your purchase and grant access, based on performance of our contract with you.
  • To keep the Service secure and prevent fraud or abuse, based on our legitimate interests in operating a safe service.
  • To improve the Service by reviewing aggregated, de-identified usage patterns, based on our legitimate interests in product improvement.
  • To respond to your support requests, based on our legitimate interests and, where applicable, our contract with you.
  • For occasional product emails related to your account or important updates, based on our contract with you, and on consent for any marketing emails (which you can opt out of at any time).
  • To comply with legal obligations (e.g., tax and accounting records) - based on legal obligation.

3. Who we share your data with

We share personal data only with the categories of recipients listed below.

  • Stripe Payments Europe, Ltd., our payment processor. Stripe processes your purchase and handles billing, payment-method storage, invoices, and subscription management. See Stripe's Privacy Policy.
  • Hosting and database (Supabase / Lovable Cloud), stores your account and coaching data on our behalf.
  • AI providers (OpenAI, Google), process the prompts and answers you submit solely to generate your coaching feedback. We use zero-data-retention and no-training API endpoints; your content is contractually prohibited from being used to train their general-purpose models.
  • Email delivery providers, send transactional emails (account verification, password reset, receipts).
  • Professional advisers (legal, accounting) on a need-to-know basis.
  • Authorities where we are legally required to disclose data, or to protect our rights, users, or the public.

We do not sell your personal data.

4. International transfers

Some of our service providers are located outside your country, including in the United States. Where we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum where relevant), or on adequacy decisions where one applies.

5. How long we keep your data

We keep your account and coaching data for as long as your account is active, plus a reasonable period after closure to handle disputes, comply with legal and tax obligations, and protect our legal rights. Order records are kept for the period required by tax law (typically 7 years). When data is no longer needed, we delete or anonymise it.

6. Your rights

Depending on where you live, you may have the right to: access your personal data, rectify inaccurate data, request deletion, restrict or object to certain processing, request portability, withdraw consent, and lodge a complaint with your local data protection authority (for users in the UK/EEA). We respond to verified requests within one month.

To exercise any of these rights, email hello@d4dclientchallenge.com.

7. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit (HTTPS), encryption at rest for our database, hashed passwords, role and row-level access controls, and least-privilege access for our team. No system is perfectly secure, please use a strong, unique password and notify us of any suspected compromise.

8. Cookies and similar technologies

We use a small number of cookies and equivalent storage to keep you signed in, remember your in-app preferences (for example, your action checklist progress), and help us understand high-level usage of the Service. We do not currently use third-party advertising cookies. You can clear cookies in your browser settings; doing so will sign you out of the Service.

9. Children

The Service is intended for adults running their own businesses. It is not directed to children under 16, and we do not knowingly collect personal data from them.

10. Changes to this notice

We may update this Privacy Notice from time to time. If changes are material, we will notify you (for example, by email or by posting a notice in the app) before they take effect. The "Last updated" date above tells you when this notice was last revised.

11. Contact

Questions about this Privacy Notice or how we handle your data? Email hello@d4dclientchallenge.com.

© 2026 Destin X · D4D Method. All rights reserved. The D4D Coach app, frameworks, and content are the intellectual property of Destin X and may not be copied, redistributed, or resold.