Privacy Policy
Effective date: April 2026
1. Introduction
Coach Veos places great importance on the confidentiality and protection of your personal data. This Privacy Policy explains the information we collect about you when you use our website and applications (together, the "Services"), how we use it, how we share it with third parties, and your rights regarding this information.
This policy should be read alongside our Terms of Service.
For any questions, contact us at: contact@coachveos.com
This policy may be updated from time to time. Your continued use of the Services after an update constitutes acceptance. The date of the last update is shown at the top of this page.
Important
When you use Coach Veos, your data is submitted to and processed by Coach Veos. Partner platforms (Strava, Garmin) are not responsible for the collection, use, or processing of your data by Coach Veos. To learn how these platforms handle your data, please refer to:
2. Data Collected and Purposes
| Data Categories | Processing Purposes | Legal Basis |
|---|---|---|
| Identity: first name, last name, profile picture (via Strava/Garmin) | Account management, coaching personalization | Contract performance |
| Authentication identifiers: email and unique identifier provided by Sign in with Apple or Google Sign-In | Account creation and access | Contract performance |
| Sports data: running activities (distance, duration, pace, heart rate, cadence) imported from Strava and/or Garmin Connect | Performance analysis, personalized training plan generation, progress tracking | Contract performance |
| Location data (GPS): GPS tracks from your activities, only if you connect Strava or Garmin | Route analysis (elevation, pace per segment). This data is NOT permanently stored — it is fetched on-demand via partner APIs | Consent (voluntary account connection) |
| Onboarding data: training goal (marathon, half-marathon, 10K, Hyrox), target race date, preferred sessions per week, voice profile information | Creation of your personalized training plan | Contract performance |
| Voice coaching data: microphone audio (PCM 16kHz) streamed in real time to Google Gemini Live API during coaching sessions | Real-time voice coaching. Audio is NOT stored — only the text transcription is persisted for conversation history | Contract performance |
| Coach-generated data: activity analyses, training programs, conversation history, post-workout feedback | Delivery of coaching service, continuous improvement of advice quality | Contract performance |
| Authentication tokens: OAuth tokens for Strava and/or Garmin (encrypted with AES-256-CBC) | Secure access to your sports data | Contract performance |
| Usage and diagnostic data: in-app events (screen views, taps), error logs, session timings, crash reports | Product analytics, debugging, service quality improvement | Legitimate interest |
Important note about Strava and Garmin data
We do NOT permanently store your raw activity data. Activities are fetched on-demand via the Strava and Garmin APIs when needed for coaching analysis, in compliance with these platforms’ terms of service.
What we DO store:
- AI coach-generated analyses
- Your planned programs and workouts
- Your feedback and sensations after workouts
- Your conversation history with the coach
3. Location Data
Coach Veos does not collect location data by default. GPS data is only accessible if you voluntarily connect your Strava or Garmin Connect account, which constitutes your explicit consent.
- Are never permanently stored on our servers
- Are fetched on-demand via partner APIs for route analysis
- Are used solely for elevation calculation, pace per segment, and terrain analysis
You can revoke access to this data at any time by disconnecting your Strava or Garmin account from the app.
4. How Long Do We Keep Your Data?
| Data Type | Retention Period |
|---|---|
| Raw Strava/Garmin data | Not stored (on-demand API access) |
| Voice coaching audio | Not stored (streamed in real time, discarded after each chunk) |
| Coach analyses | Until account deletion |
| Training programs | Until account deletion |
| Conversation history | Until account deletion |
| OAuth tokens | Until disconnection or account deletion |
| Error logs (Sentry) | 90 days |
| Analytics events (PostHog) | 12 months (anonymized beyond) |
| LLM traces (Langfuse) | 90 days |
We retain your coach-generated data only for as long as necessary to provide the Services. This data helps improve coaching quality over time.
You can request deletion of your data at any time (see section 6).
5. Who Is Your Data Shared With?
We never sell, rent, or transfer (directly or indirectly) your personal data to third parties.
| Third-Party Category | Why? |
|---|---|
| Apple (Sign in with Apple) | Authentication for iOS users (Apple Privacy Policy) |
| Google (Google Sign-In) | Authentication for all users (Google Privacy Policy) |
| Strava API | Access your sports activity data (Strava Privacy Policy) |
| Garmin Connect API | Access your sports activity data (Garmin Privacy Policy) |
| Google (Gemini Live API) | Real-time voice coaching AI processing (speech recognition, language model, speech synthesis) (Gemini API Terms) |
| Anthropic (Claude) | Language model for text chat and analysis generation (via OpenRouter) (Anthropic Privacy Policy) |
| OpenRouter | Routing requests to AI models on the backend (OpenRouter Privacy Policy) |
| ElevenLabs | Voice synthesis used during voice onboarding |
| Supabase | Database hosting and file storage (secure EU servers) |
| Vercel | Hosting the Coach Veos backend application |
| Fly.io | Hosting the WebSocket relay for voice coaching |
| Apple Push Notification service (APNs) | Delivering push notifications on iOS |
| Firebase Cloud Messaging (FCM) | Delivering push notifications on Android |
| PostHog | Product analytics (anonymized usage events, no conversation content) |
| Langfuse | AI trace observability for debugging and coaching quality improvement |
| Sentry | Crash and error monitoring |
| Resend | Transactional emails (account deletion confirmation) |
These providers only have access to data strictly necessary for their services and are not authorized to use it for other purposes.
6. Deleting Your Data
You can delete your data and revoke Coach Veos’ access at any time:
From Coach Veos (Recommended)
- Tap your avatar in the top-right corner of the app
- Select "Disconnect Strava" or "Disconnect Garmin"
- Confirm the deletion
This immediately:
- Revokes Coach Veos’ access to your account
- Deletes ALL your data from our servers
- Logs you out of the service
From Strava
Strava Settings > My Apps > Revoke access to Coach Veos. Your data will be deleted within 30 days.
From Garmin Connect
Garmin Connect Settings > Third-Party Apps > Revoke Coach Veos. Your data will be deleted within 30 days.
7. How Is Your Information Protected?
- Token encryption: all Strava and Garmin OAuth tokens are encrypted with AES-256-CBC
- Database: hosted on Supabase with Row Level Security enabled
- Communications: all transmissions use HTTPS
- Restricted access: access to personal data is strictly limited to authorized personnel
In the event of a high-risk data breach, Coach Veos will notify the relevant authorities within 72 hours of detection and, if necessary, will also notify affected users.
8. Your Rights (GDPR)
If you are in the European Union, you have the following rights:
- Right of access : receive a copy of the data we hold about you
- Right to rectification : correct any incomplete or inaccurate information
- Right to erasure : ("right to be forgotten") request deletion of your data
- Right to restriction of processing : temporarily suspend processing in certain circumstances
- Right to data portability : receive your data in a structured, machine-readable format
- Right to object : object to processing based on our legitimate interest
- Right to withdraw consent : withdraw your consent at any time
To exercise any of these rights: contact@coachveos.com
9. Policy Regarding Minors
Our Services are not intended for persons under 16 years of age. If we discover that a minor has provided us with personal data, we will delete that information and close the associated account.
10. Contact
For any questions about this Privacy Policy: contact@coachveos.com