RunifitRunifit

Privacy Policy

Last updated: March 26, 2026

1. Introduction

Runifit ("we," "our," or "us") operates the Runifit mobile application and website (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Runifit, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, phone number, profile photo, and role (coach or client).
  • Client fitness data: height, weight, date of birth, gender, body measurements (chest, waist, hip, arm, thigh circumference, body fat percentage, muscle mass), workout logs, and exercise performance.
  • Training content: workout programs, exercise libraries, and training schedules created by coaches.
  • Communications: messages exchanged between coaches and clients within the app.

2.2 Information from Wearable Devices

Runifit supports integration with wearable devices such as Garmin watches. If you choose to connect a wearable device, we may collect:

  • Heart rate and heart rate variability data
  • Activity and step count data
  • Sleep data
  • Workout session data (duration, distance, pace, calories)
  • Stress and recovery metrics

This data is only collected when you explicitly authorize the connection through OAuth. You can disconnect your wearable at any time from your account settings or from the wearable manufacturer's app.

3. How We Use Your Information

  • To provide and maintain the Service, including enabling coach-client relationships, workout programming, and progress tracking.
  • To sync and display data from connected wearable devices within the coaching context.
  • To send you relevant notifications about workouts, messages, and account activity.
  • To improve and optimize the Service.
  • To respond to your support requests and communicate with you.

4. Data Sharing

We do not sell your personal or health data. We share information only in the following circumstances:

  • Coach-client relationship: When a coach creates a client account, that coach (and other authorized coaches within the same organization) can view the client's fitness profile, workout results, body measurements, wearable activity data, and messages. Clients can only see their own data and messages from their coaches.
  • Service providers: We use third-party services for hosting and authentication (Supabase, Railway). These providers only access data as needed to perform their services.
  • Wearable providers: When you connect a wearable device, we exchange data with the device manufacturer (e.g., Garmin) through their official APIs as authorized by you.
  • Legal requirements: We may disclose data if required by law or in response to valid legal process.

5. Wearable Data (Garmin & Third-Party Integrations)

When you connect a wearable device:

  • We access your data through official APIs (e.g., Garmin Health API) using OAuth authorization.
  • We only request the permissions necessary for the features you use.
  • Wearable data is stored securely and used solely to provide coaching insights within the app.
  • Wearable data is visible to your assigned coach(es) as part of the coaching relationship.
  • We do not share wearable data with third parties beyond what is described in Section 4.
  • You may revoke access at any time through your Runifit account settings or the wearable manufacturer's app.

6. Account Creation & Deletion

Coach accounts are created directly by the user. Client accounts are created by coaches and linked to the client via an email invitation.

You may request deletion of your account at any time. Upon account deletion:

  • Your personal data (profile information, contact details) will be permanently deleted.
  • Workout results and training history may be anonymized (rather than deleted) so coaches retain their programming records without identifying information.
  • Connected wearable devices will be disconnected and authorization tokens revoked.
  • Account deletion is permanent and cannot be undone after the processing period.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

8. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS). However, no method of electronic storage is 100% secure. We encourage you to use a strong, unique password for your account.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and personal data.
  • Withdraw consent for wearable data collection.

To exercise any of these rights, contact us at support@runifit.com.

10. Children's Privacy

Runifit is not intended for users under the age of 16. We do not knowingly collect data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by email. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@runifit.com.