Privacy Policy

Last updated: 4/18/2026

Fitboite Running ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Model Context Protocol (MCP) server integrated with ChatGPT.

1. Information We Collect

When you connect your Strava account to Fitboite Running, we collect the following data through the Strava API:

• Profile Information: Your Strava athlete ID, name, and profile details.
• Activity Data: Details of your runs, including distance, duration, pace, heart rate, and elevation gain.
• Authentication Tokens: Secure tokens required to access your Strava data on your behalf.

2. How We Use Your Information

We use the collected information solely to provide you with personalized coaching insights, including:

• Analyzing your training history and patterns.
• Calculating training load, fatigue, and recovery metrics.
• Identifying potential injury risk factors.
• Generating customized weekly training plans.

AI Training Disclosure: We explicitly do not use your Strava data, even in an aggregated or de-identified manner, for the purposes of training artificial intelligence, machine learning models, or similar internal or external applications.

3. Data Storage and Retention

Your data is stored securely in our database using industry-standard encryption. In compliance with the Strava API Agreement:

• 7-Day Caching: No Strava data, including aggregated summaries, remains in our cache for longer than seven (7) days.
• Security: Strava authentication tokens are encrypted at rest using AES-256-GCM.

4. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties. Your data is only used within the ChatGPT session where you have authorized the Fitboite Running tool.

5. Your Choices & Data Deletion

You have full control over your data:

• Revocation: You can revoke Fitboite Running's access at any time via your Strava settings.
• Manual Deletion: You can request immediate deletion of all your data from our systems by contacting us at aswinvb.aswin6@gmail.com or by using the disconnect feature within the application.
• Auto-Deletion: Upon revocation of access or account termination, all your personal data is permanently deleted from our servers within 48 hours.

6. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.