AthBoost
Privacy Policy
Last updated: May 3, 2026
AthBoost ("we", "our", or "the app") is an AI-powered coaching platform that connects to fitness services to provide personalized training suggestions. This Privacy Policy explains how we collect, use, and protect your information.
1. Information We Collect
When you use AthBoost, we collect:
- Account information: Your name, email address, and profile picture provided through Google Sign-In.
- Fitness data: Activity data (workouts, heart rate, pace, distance) synced from Garmin Connect, Strava, or Apple Health with your explicit authorization.
- Apple Health data (iOS only): If you connect Apple Health, we read the following types: Workouts, Heart Rate, Resting Heart Rate, Heart Rate Variability, Sleep Analysis, Distance (Walking/Running, Cycling, Swimming), Active Energy, Steps, VO2 Max, Body Mass, Height, Apple Exercise Time, Apple Stand Time, and Running Power. We never write to Apple Health.
- Settings and preferences: Your training preferences, race goals, unit preferences, and training schedule.
- Coach-assigned data: Routines, workout assignments, and event participation if you are part of a coaching team.
2. How We Use Your Information
We use your information to:
- Generate personalized AI training suggestions based on your recent activity and goals.
- Display your workout history and performance metrics on your dashboard.
- Send structured workouts to your Garmin device when requested.
- Enable coaches to manage and support their athletes.
- Send training suggestion emails if you opt in.
3. Third-Party Services
AthBoost integrates with the following third-party services:
- Google Sign-In: For authentication. We receive your name, email, and profile picture.
- Garmin Connect: To retrieve your activity data and send workouts to your device. Access is granted via your Garmin credentials and can be revoked at any time.
- Strava: To retrieve your activity data via OAuth2. You can disconnect Strava at any time from the app settings.
- Apple Health (HealthKit): On iOS, we read fitness and health data with your explicit permission per data type. Apple Health data is processed in compliance with Apple's HealthKit policies (App Store Review Guideline 5.1.3): never used for advertising, never sold, only used to improve your training plan. You can revoke access at any time in iOS Settings → Privacy & Security → Health → AthBoost.
- Anthropic (Claude AI): Your activity data, sleep/HR/HRV summaries, training preferences, and journal entries are sent to Anthropic Claude to generate AI coaching suggestions and feedback. We send a subset of your fitness data — including Apple Health data when connected — but we do NOT include personally identifiable information (name, email, exact location). Anthropic processes this data per their Privacy Policy.
- Amazon Web Services (AWS): Our backend infrastructure runs on AWS. Data is stored in DynamoDB and encrypted at rest.
4. Data Storage and Security
Your data is stored securely on AWS infrastructure. We use:
- HTTPS encryption for all data in transit.
- AWS KMS encryption for sensitive tokens and credentials.
- HMAC-SHA256 session tokens for authentication.
- DynamoDB with encryption at rest for all stored data.
5. Data Sharing
We do not sell, rent, or share your personal information with third parties for marketing purposes. Your data is only shared with:
- Third-party services listed above, solely for app functionality.
- Your assigned coach, if you are part of a coaching team (limited to training data and activity history).
6. Your Rights
You have the right to:
- Access your data through the app dashboard and settings.
- Disconnect Garmin Connect, Strava, or Apple Health at any time from app settings, which removes stored tokens and any cached health data on our backend.
- Delete your account and all associated data by contacting us.
- Opt out of email training suggestions at any time.
7. Data Retention
We retain your data for as long as your account is active. If you request account deletion, all associated data (authentication records, fitness data, tokens, training suggestions, and coach assignments) will be permanently removed.
8. Children's Privacy
AthBoost is not intended for children under the age of 13. We do not knowingly collect personal information from children.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top of this page.
10. Contact Us
If you have questions about this Privacy Policy or your data, contact us at: