Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information and training data.

Last updated: January 2025

Introduction

Welcome to Triathlify ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our triathlon training platform and services.

By using Triathlify, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

Information We Collect

1. Account Information

Email address and password (encrypted)
First and last name
Date of birth and gender
Profile picture (if provided)
Authentication tokens from third-party providers (Google OAuth)

2. Training Assessment Data

To provide personalized training plans, we collect:

Personal Information: Age, weight, height, body fat percentage, experience level
Performance Metrics: Swim times (200m, 400m, CSS), cycling FTP (Functional Threshold Power), running times (5K, 10K, half marathon, marathon), VDOT scores
Training History: Years of experience, average weekly training hours, consistency ratings, race history
Physiological Data: Resting heart rate, maximum heart rate, VO2 max, lactate threshold heart rate
Lifestyle Factors: Sleep quality, stress levels, injury history, available training hours per week
Goals and Preferences: Target race distance, training preferences, equipment availability

3. Training Data

Training plans and workout schedules
Workout completion status and notes
Progress tracking and performance analytics
Training logs and session details

4. Third-Party Integration Data

When you connect external services, we may collect:

Strava: Activity summaries, workout metrics (distance, duration, pace, heart rate, power), training load indicators
Garmin: Daily activity data, sleep and recovery trends, workout files, device-recorded metrics (heart rate, cadence, power, GPS data)

5. Payment Information

We use Stripe for payment processing. We do not store your credit card information. Stripe handles all payment data in accordance with PCI DSS standards. We only store:

Stripe customer ID
Subscription plan and billing interval
Payment history and subscription status

6. Usage Data

Device information (browser type, operating system)
IP address and location data (general, not precise)
Usage patterns and feature interactions
Error logs and performance metrics

How We Use Your Information

We use the collected information for the following purposes:

Service Delivery: To create and deliver personalized AI-powered training plans based on your assessment and goals
Progress Tracking: To monitor your training progress, analyze performance, and adjust plans accordingly
Account Management: To manage your account, process subscriptions, and provide customer support
Communication: To send important updates, training reminders, and respond to your inquiries
Platform Improvement: To analyze usage patterns, identify issues, and enhance our services
Integration Services: To sync data from connected services (Strava, Garmin) and provide unified training insights
Legal Compliance: To comply with legal obligations and protect our rights

Data Sharing and Disclosure

We do not sell your personal information. We may share your data only in the following circumstances:

Service Providers: With trusted third-party services that help us operate our platform (hosting, analytics, payment processing). These providers are contractually obligated to protect your data.
Third-Party Integrations: When you authorize connections (Strava, Garmin), we share necessary data to enable those integrations. You can revoke access at any time.
Legal Requirements: When required by law, court order, or government regulation
Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity
With Your Consent: When you explicitly authorize sharing for specific purposes

Data Security

We implement industry-standard security measures to protect your information:

Encryption of data in transit (HTTPS/TLS)
Encryption of sensitive data at rest
Secure authentication and password hashing
Regular security audits and vulnerability assessments
Access controls and employee training on data protection
Compliance with industry standards (PCI DSS for payments)

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Your Privacy Rights

Depending on your location, you may have the following rights:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and associated data
Portability: Export your data in a machine-readable format
Opt-Out: Unsubscribe from marketing communications (you will still receive essential service updates)
Restriction: Request limitation of data processing in certain circumstances
Objection: Object to processing of your data for specific purposes

To exercise these rights, please contact us at privacy@triathlify.com. We will respond within 30 days.

Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

Active Accounts: Data is retained while your account is active
Deleted Accounts: Most data is deleted within 30 days of account deletion, except where legal obligations require longer retention
Financial Records: Payment and subscription data may be retained for up to 7 years for tax and accounting purposes
Anonymized Data: We may retain anonymized, aggregated data for analytics and service improvement

Children's Privacy

Triathlify is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover that we have collected information from a child under 13, we will delete that information promptly.

International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence. These countries may have different data protection laws. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws, including GDPR for European users.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new policy on this page
Updating the "Last updated" date
Sending an email notification for significant changes
Displaying a notice in the application

Your continued use of Triathlify after changes become effective constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@triathlify.com

Support: support@triathlify.com

Website: triathlify.com/contact