OpenAthlete helps coaches and athletes collaborate. We use artificial intelligence to analyze training data, surface insights that help prevent injuries, and assist in planning and modifying training plans. This Privacy Policy explains what data we collect, how we use it, and your rights.
Data We Collect
- Account information (name, email, password hash).
- Profile information (sport preferences, roles, timezone, language).
- Training and activity data (planned sessions, completed activities, metrics, notes).
- Device and connector data from integrated providers such as Garmin or Strava (activity files, GPS, heart rate, power, cadence, sleep, steps, body composition, wellness metrics), when you connect those services.
- Health-related data that you choose to share (e.g., heart rate, HRV, VO₂max, injuries), which we treat as sensitive information.
- Coach–athlete collaboration data (comments, annotations, assignments).
- AI interaction data (questions, prompts, model outputs) to provide and improve AI-assisted features.
- Usage, diagnostics, and device information (logs, browser, IP, app performance) to maintain security and reliability.
How We Use Your Data
- Provide the core service, including planning, tracking, and collaboration between coaches and athletes.
- Analyze and help modify training plans using AI, including insights to help reduce injury risk and optimize performance.
- Sync with connected providers (e.g., Garmin) to import activities and export workouts with your authorization.
- Communicate with you (service messages, notifications) and provide support.
- Maintain security, prevent abuse, and debug issues.
- Research and product improvement using aggregated or de-identified data whenever possible.
Legal Bases for Processing
- Consent: for connecting third-party providers, processing sensitive health data, and receiving certain communications.
- Contract: to deliver the service you request and manage your account.
- Legitimate interests: to secure our services, prevent misuse, and improve features in a way that does not override your rights.
How We Share Information
- Service providers (data hosting, analytics, customer support, AI infrastructure) under data processing agreements.
- Integrations you choose to connect (e.g., Garmin, Strava). We share or receive data strictly to provide the requested functionality.
- Coach–athlete collaboration: data you explicitly share within a space (e.g., plans, comments, metrics) is visible to invited members according to your settings.
- Legal compliance or to protect rights, safety, and security when required by law or to prevent fraud or abuse.
Data Retention
We keep personal data only as long as necessary to provide the service, comply with legal obligations, resolve disputes, and enforce agreements. You may request deletion; some records may be retained as required by law or for legitimate business purposes.
Security
We apply administrative, technical, and organizational measures to protect personal data, including encryption in transit, access controls, and monitoring. No system is 100% secure; we continuously improve our safeguards.
International Data Transfers
If data is transferred internationally, we rely on lawful mechanisms (e.g., Standard Contractual Clauses) and implement appropriate safeguards.
Your Rights
- Access, correction, deletion, and portability of your data.
- Restriction or objection to certain processing, including withdrawals of consent at any time.
- Right to lodge a complaint with a data protection authority.
Children’s Privacy
OpenAthlete is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided personal data, contact us and we will take appropriate action.
Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. We will post updates with a new effective date.
Contact Us
If you have questions or requests regarding privacy, contact us at contact@openathlete.org.