Privacy Policy

Last updated: March 28, 2026

1. Introduction

Stridepost ("we", "our", "us") operates the Stridepost mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. Please read this policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we may collect:

  • Email address (if you register with email/password or link an email)
  • Display name
  • Authentication tokens from third-party providers (Strava, Google, Apple)

2.2 Fitness Activity Data

When you connect Strava or import activity files, we collect:

  • Activity metadata (name, sport type, date, duration, distance)
  • Performance metrics (pace, speed, heart rate, cadence, watts, calories)
  • GPS route data (polyline coordinates)
  • Split/lap data
  • Personal records and achievements
  • Device information (e.g., "Apple Watch", "Garmin Forerunner")

2.3 User-Generated Content

  • Photos you upload as card backgrounds
  • Custom templates you create
  • Card designs and configurations

2.4 Technical Data

  • Device type, operating system version
  • App version
  • Crash reports and performance data (via Sentry)
  • Analytics data (via Firebase Analytics)

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain the App's core features (activity cards, templates, export)
  • Sync and display your fitness activities
  • Auto-fill activity data into card templates
  • Save your drafts and custom templates
  • Manage your account and subscription
  • Monitor and improve App performance
  • Diagnose technical issues and fix bugs

4. Third-Party Services

We integrate with the following third-party services:

  • Strava API — to read your activity data. We never modify or post to your Strava account. Subject to Strava's Privacy Policy.
  • Supabase — for authentication and database storage.
  • Google Sign-In / Apple Sign-In — for authentication.
  • Firebase Analytics — for anonymized usage analytics.
  • Sentry — for error tracking and crash reporting.

5. Data Storage and Security

Your data is stored securely on Supabase infrastructure with Row Level Security (RLS) policies ensuring you can only access your own data. Strava tokens are stored server-side and are never exposed to client-side code. We use industry-standard encryption for data in transit (HTTPS/TLS).

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, we soft-delete your data. You may contact us to request permanent deletion of your data.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Disconnect third-party services (Strava, Google, Apple) at any time
  • Export your data

8. Children's Privacy

Our App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at stridepostapp@gmail.com.