Privacy Policy

Last updated: June 11, 2026

Privacy isn't a feature of Athlr — it's the foundation. This policy explains what data the app handles, where it lives, and the choices you control. The short version: your activities are private by default, stored on your device, and never sold.

1. Data Stored On Your Device

When you record an activity, the following is stored locally in the app's database on your phone — not on our servers:

• GPS route points (location, altitude, speed, accuracy);
• Activity statistics (distance, time, pace, elevation, splits);
• Workouts imported from Apple Health or Google Health Connect, including heart rate and calories where available.

This data never leaves your device unless you explicitly share an activity.

2. Data We Process In The Cloud

If you create an account and choose to share an activity to the community feed, we store the following with our cloud provider (Google Firebase):

• Your display name and email address (for authentication);
• Summary statistics of shared activities (distance, duration, pace, elevation, splits) and a static route thumbnail image;
• Kudos you give or receive.

Raw GPS point data is never uploaded — shared activities include only summary stats and a low-resolution map preview.

3. Health Data

With your permission, Athlr reads workouts from Apple Health (iOS) or Google Health Connect (Android) so you can import sessions recorded by your watch or other apps. Health data is read into the on-device database only. We never upload health data to our servers, and we never write to your health store without your action.

4. What We Don't Do

• We don't sell or rent your personal data. Ever.
• We don't show ads or use advertising trackers.
• We don't access your location when you're not recording.
• We don't share data with third parties except the infrastructure providers listed below.

5. Service Providers

We rely on a small set of infrastructure providers to run the community features:

• Google Firebase — authentication and the community feed database;
• Google Maps Static API — generating route thumbnail images for shared activities;
• Vercel — hosting this website.

6. Your Choices & Rights

• Visibility: every activity defaults to “Only me” and can be changed or reverted at any time;
• Export: download any activity as a GPX file, free;
• Deletion: delete activities locally at any time; deleting your account removes all cloud data associated with it;
• Permissions: location and health access can be revoked at any time in your phone's system settings.

7. Data Retention

On-device data persists until you delete it or uninstall the app. Cloud data for shared activities persists until you make the activity private, delete it, or delete your account.

8. Children

Athlr is not directed at children under 13, and we do not knowingly collect personal information from them.

9. Changes To This Policy

If we make material changes to this policy, we'll notify you in the app before they take effect.

10. Contact

Privacy questions? Email privacy@athlr.app.