T
TrailSpeak

Privacy Policy

Last Updated: November 20, 2025

1. Introduction

TrailSpeak ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our service to generate AI-powered narratives from your Strava activity data.

By using TrailSpeak, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information from Strava

When you connect your Strava account, we collect the following information:

  • Profile Information: Your name, profile photo, and athlete ID
  • Activity Data: Distance, duration, pace, speed, elevation gain/loss
  • Performance Metrics: Heart rate, power, cadence (when available)
  • Activity Metadata: Activity name, type, date, and location (if public)
  • Activity Context: Achievement count, PR count, kudos count

2.2 Account Information

  • Email address (for account management)
  • Authentication tokens (encrypted)
  • User preferences and settings

2.3 Usage Information

  • Generated narratives and their metadata
  • Narrative style preferences
  • Language preferences
  • Subscription status

3. AI and Machine Learning Usage

🤖 Important AI Disclosure

TrailSpeak uses Artificial Intelligence (AI) to generate personalized narratives from your Strava activity data.

3.1 How We Use AI

When you click "Create Story" on any of your Strava activities:

  • Your activity metrics are sent to our AI provider (Groq, Inc.)
  • Groq's Large Language Model (LLM) processes the data in real-time
  • The AI generates a personalized narrative based on your metrics
  • The narrative is returned to you and stored for your future access
  • The raw activity metrics are discarded immediately after generation

3.2 What We DON'T Do With Your Data

  • We DO NOT use your Strava data to train, fine-tune, or improve AI models
  • We DO NOT create datasets from your activity data
  • We DO NOT sell or license your data to third parties
  • We DO NOT allow our AI providers to train on your data
  • We DO NOT store raw activity metrics permanently

3.3 AI Provider - Groq

Our AI narrative generation is powered by Groq, Inc.:

  • Service: Groq Cloud LLM API (using Llama 3 models)
  • Data Processing: Real-time, in-memory processing only
  • Data Retention: Zero-retention policy - Groq does not store your data
  • Training: Groq does not use customer data for model training
  • Purpose: Generate narrative text only, one-time per request

4. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: To generate AI-powered narratives from your activities
  • Authentication: To manage your account and Strava connection
  • Personalization: To provide personalized narrative styles and preferences
  • Communication: To send service-related notifications (if you opt-in)
  • Improvement: To improve our service quality (using aggregated, anonymized data only)
  • Compliance: To comply with legal obligations

5. Data Storage and Retention

5.1 What We Store

  • Profile Data: Your name, photo, and Strava athlete ID (while connected)
  • OAuth Tokens: Encrypted authentication tokens
  • User Preferences: Language, narrative style preferences
  • Subscription Data: Payment status and subscription tier

Note: We currently do NOT store generated narratives permanently. Each narrative is generated in real-time and displayed to you during your session. We may add optional narrative storage in the future to allow you to save your favorite stories, but this will be opt-in and only store the text output (not raw activity metrics).

5.2 What We DON'T Store

  • Raw activity metrics (distance, pace, heart rate, etc.) after narrative generation
  • GPS coordinates or route data
  • Activity data for activities you haven't generated narratives for
  • Historical activity databases

5.3 Data Lifecycle

During Narrative Generation: Activity data exists in memory for seconds during AI processing, then is immediately discarded after the narrative is generated and displayed.

After Session: Currently, narratives are not persisted after your session ends. Each generation is ephemeral and temporary.

After Disconnection: When you disconnect your Strava account, we delete all your profile data and OAuth tokens immediately.

6. Third-Party Services

🏃 Strava

Purpose: Activity data source via OAuth integration

Data Shared: None - we receive data from Strava, not share data with them

Privacy Policy: strava.com/legal/privacy

🤖 Groq (AI Provider)

Purpose: AI narrative generation

Data Shared: Activity metrics (distance, pace, elevation, heart rate, etc.) during generation only

Data Retention: Zero-retention - data not stored by Groq

Website: groq.com

🔥 Firebase (Google Cloud)

Purpose: Authentication, database, and hosting infrastructure

Data Shared: User ID, profile name, profile photo, encrypted OAuth tokens

Note: NO activity metrics stored in Firebase

Privacy Policy: firebase.google.com/support/privacy

💳 Stripe

Purpose: Payment processing for subscriptions

Data Shared: Payment information only - NO Strava data

Privacy Policy: stripe.com/privacy

7. Your Rights

You have the following rights regarding your personal data:

1

Right to Access

You can request a copy of all data we store about you.

2

Right to Deletion

You can request deletion of all your data at any time by disconnecting your Strava account or contacting us directly.

3

Right to Revoke Consent

You can disconnect TrailSpeak from Strava at any time through your dashboard or Strava settings.

4

Right to Portability

You can export your generated narratives at any time.

5

Right to Object

You can object to AI processing by simply not clicking "Create Story" - we only process data when you explicitly request it.

To exercise any of these rights, contact us at handerson.contreras@gmail.com

8. Data Security

We implement industry-standard security measures to protect your data:

  • HTTPS/TLS encryption for all data transmission
  • OAuth tokens encrypted at rest
  • Server-side API key management
  • Rate limiting to prevent abuse
  • Regular security audits
  • No plaintext storage of sensitive data

9. Children's Privacy

TrailSpeak is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Sending an email notification for significant changes (if you've opted in)
  • Displaying a prominent notice in our application

Your continued use of TrailSpeak after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: handerson.contreras@gmail.com

Support: TrailSpeak Support Page

Service: TrailSpeak - AI Narrative Generator for Strava Activities

📘 Strava API Compliance

TrailSpeak is an independent application and is not affiliated with, endorsed by, or sponsored by Strava, Inc.

We comply with all Strava API Terms of Service, including restrictions on using Strava data to train AI models. All Strava data usage is transparent and in accordance with Strava's policies.

Back to Home