Privacy Policy – FitBot

Last updated: December 11, 2025

This Privacy Policy explains how FitBot ("we", "us", or "our") collects, uses, and protects your personal data when you use our services, including our web application and any integrations with third-party platforms such as Strava.

By using FitBot, you agree to the practices described in this Policy.

1. Data we collect

We may collect and process the following types of data:

1.1. Account Information

  • Name or nickname
  • Email address
  • Login information (e.g., OAuth tokens from third-party services)

1.2. Activity and Training Data

  • Workouts and activities (distance, time, pace, power, heart rate, etc.)
  • Training load, performance metrics, and related statistics
  • Device or platform information (e.g., activity recorded via Strava, Garmin, etc.)

1.3. Usage Data

  • Interactions with the app (features used, session duration, basic analytics)
  • Technical information such as browser type, IP address, and device information (for security and performance monitoring)

We only collect the data necessary to provide and improve our coaching and analytics features.

2. How we use your data

We use your data for the following purposes:

  • To provide personalized training plans and coaching recommendations
  • To analyze your performance and show you insights and progress over time
  • To synchronize your activities from third-party platforms (such as Strava)
  • To maintain and improve the stability, security, and performance of the service
  • To communicate with you about updates, support, or important changes related to FitBot

We do not sell your personal data or activity data to third parties.

3. Strava integration and activity data

If you choose to connect your Strava account to FitBot:

  • We access your Strava activity data (for example: workouts, distance, duration, pace, power, heart rate, training load) in order to:
    • Import your activities into FitBot
    • Analyze your training and generate coaching recommendations
    • Keep your training history synchronized
  • We do not use data obtained via the Strava API to train our own AI/ML models or any third-party models, in accordance with Strava's API Terms of Service.
  • You can disconnect FitBot from your Strava account at any time via:
    • Your Strava settings (revoking access for FitBot), and/or
    • Your FitBot account settings, where available.

Once disconnected, we will no longer receive new data from Strava. You may also request deletion of previously imported Strava data (see section "Your rights and data deletion").

4. Legal basis for processing (GDPR)

Where the General Data Protection Regulation (GDPR) applies (for example, for users in the EU/EEA), we rely on the following legal bases to process your data:

  • Performance of a contract – to provide you with the FitBot service you requested
  • Legitimate interest – to improve and secure our services
  • Consent – when you explicitly connect third-party accounts (e.g., Strava) or opt in to specific features

You can withdraw your consent at any time by disconnecting third-party integrations or contacting us.

5. Data sharing and third parties

We may share your data only with:

  • Service providers who help us host, operate, and maintain FitBot (e.g., cloud hosting, database, analytics). These providers only process your data on our behalf and under contractual confidentiality obligations.
  • Third-party platforms you connect (such as Strava), according to the permissions you grant and their own privacy policies.

We do not sell or rent your personal data to third parties.

6. Data retention

We keep your data only for as long as necessary to provide the service and for legitimate business or legal purposes. When you delete your account or request deletion, we will:

  • Remove or anonymize personal identifiers where legally and technically possible
  • Delete or anonymize training and activity records associated with your identity, subject to any legal obligations we may have to retain certain information (e.g., for security or fraud prevention)

7. Your rights

Depending on your location and applicable law (e.g., GDPR), you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data ("right to be forgotten")
  • Restrict or object to certain types of processing
  • Request a copy of your data in a portable format

To exercise these rights, please contact us at: [email protected]

We may need to verify your identity before fulfilling your request.

8. Data security

We take reasonable technical and organizational measures to protect your data against unauthorized access, loss, misuse, or alteration, including:

  • Encrypted connections (HTTPS/TLS)
  • Restricted access to databases
  • Periodic reviews of security practices

However, no online service can guarantee absolute security.

9. Children's privacy

FitBot is not intended for use by children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us and we will take steps to delete such information.

10. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. In case of material changes, we may also notify you via email or in-app notifications.

Your continued use of FitBot after changes have been published means you accept those updates.

11. Contact us

If you have any questions about this Privacy Policy or how we handle your data, you can contact us at:

FitBot

Email: [email protected]

Website: https://fit-bot.app

For the Spanish version of this policy, visit /privacy