Pacenotes ("we", "our", "the app") is a fitness tracking and coaching application developed by Matteo Majnoni. Your privacy matters to us. This policy explains what data we collect, how we use it, and your rights.
Account information: When you sign up, we collect your email address and a password (stored securely using bcrypt hashing). We do not collect your real name, phone number, or payment information.
Fitness data from Strava: If you connect your Strava account, we import your activity data (distances, durations, pace, routes, sport type). This data is stored on our servers to power your dashboard, stats, and training plans. We access only the data you authorise through Strava's OAuth flow.
Apple Health data (HealthKit): If you grant permission, we read workout data from Apple Health. This data is processed on your device and is not transmitted to our servers. We do not sell, share, or store your HealthKit data remotely.
Training plans and studio routines: Plans and routines you create are stored on our servers, associated with your account.
We use your data solely to provide the Pacenotes service: displaying your activities, generating training plans, tracking personal bests, and showing your training territory. We do not use your data for advertising, profiling, or any purpose beyond the app's functionality.
Your data is stored on a private server hosted by Hetzner Online GmbH in Helsinki, Finland. Access is restricted to SSH key-only authentication. Passwords are hashed with bcrypt. Data is transmitted over HTTPS.
Strava: We use the Strava API to import your activities. When you connect Strava, you are subject to Strava's privacy policy. You can disconnect Strava at any time from within the app.
Apple HealthKit: HealthKit data is read locally on your device. We comply with Apple's HealthKit guidelines and do not store HealthKit data on external servers.
OpenStreetMap: Maps and route data use OpenStreetMap tiles and services. No personal data is shared with OpenStreetMap.
We do not sell, rent, or share your personal data with any third parties. We do not display advertisements. We do not use analytics or tracking services.
You can delete your account and all associated data directly from the app in Settings. Under GDPR (as a France-based service), you have the right to access, rectify, and erase your personal data.
We retain your data for as long as your account is active. If you delete your account, all associated data is permanently removed from our servers.
Pacenotes is not intended for children under 13. We do not knowingly collect data from children under 13.
We may update this policy from time to time. Changes will be posted on this page with an updated date.
For any privacy questions or data requests, contact us at: hello@pacenotes.run