Privacy Policy

Last Updated: December 19, 2024

1. Introduction

This Privacy Policy explains how Beat Last Year ("we", "our", or "the App") collects, uses, and protects your data.

2. Information We Collect

We collect:

• Basic Strava profile information (name, athlete ID)
• Running activity data from Strava
• Authentication tokens for Strava API access
• Running performance metrics

3. How We Use Your Information

We use your data to:

• Analyze your 5K running times
• Track your yearly progress
• Display your personal bests
• Maintain and improve the service

4. Data Storage and Security

• Data is stored securely using Supabase
• Authentication tokens are encrypted
• We implement industry-standard security measures
• We regularly review and update our security practices

5. Data Sharing

We do not:

• Sell your personal data
• Share your data with third parties
• Use your data for advertising
• Access more Strava data than necessary

6. Your Rights

You have the right to:

• Access your stored data
• Request data correction
• Request data deletion
• Revoke Strava access
• Export your data

7. Data Retention

• Data is stored while your account is active
• Data is deleted upon account termination
• You can request data deletion at any time
• Backup copies may be retained briefly for technical purposes

8. Third-Party Services

We use:

• Strava API for activity data
• Supabase for data storage
• Each service has its own privacy policy

9. Cookies and Tracking

• We use essential cookies for authentication
• No third-party tracking cookies
• No advertising cookies

10. Children's Privacy

The App is not intended for users under 13 years of age.

11. Changes to Privacy Policy

We will notify users of significant changes to this policy.

12. Contact Information

For privacy concerns, contact beatlastyearxyz@gmail.com