Privacy Policy

Effective Date: March 1, 2025

Endur ("we," "our," or "us") operates the Endur mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

1. Information We Collect

Account Information

• Phone number (used for authentication via SMS verification)

Profile Information

• Body metrics you provide (weight, age)
• Activity level and training goals
• Dietary restrictions and fueling preferences
• Unit preferences (metric or imperial)

Health & Fitness Data

• Workout data from Apple HealthKit (workout type, start time, duration, pause/resume events)
• Activity data from Garmin Connect (activity type, start time, duration, distance, heart rate)

Product & Nutrition Data

• Products you scan or add to your inventory (product name, brand, nutritional information)
• Fueling plan data and consumption tracking during activities

Usage Data

• App interactions and feature usage for improving the service
• Device type and operating system version

2. How We Use Your Information

• To create and manage your account
• To generate personalized fueling plans using AI based on your profile, event details, and product inventory
• To deliver real-time fueling reminders during workouts
• To detect workout start times from your connected devices
• To track your fueling during activities
• To improve and optimize our service

3. Third-Party Services

We use the following third-party services to operate the App:

• Supabase — Database hosting, authentication, and serverless functions. Your data is stored on Supabase's infrastructure.
• Apple HealthKit — We read workout data from HealthKit with your permission. We do not write data to HealthKit or share your HealthKit data with third parties, advertising platforms, or data brokers.
• Garmin Connect — With your authorization, we access your recent activity data via the Garmin Connect API to detect workouts and import activity details.
• Anthropic (Claude API) — Your profile information, activity details, and product inventory are sent to the Claude AI to generate personalized fueling plans. No health data from HealthKit or Garmin is sent to the AI.

4. HealthKit Data

We comply with Apple's HealthKit guidelines. Specifically:

• HealthKit data is not used for advertising or marketing purposes
• HealthKit data is not sold to third parties
• HealthKit data is not shared with third parties for their marketing purposes
• HealthKit data is only used for the core functionality of providing fueling reminders during workouts

5. Data Storage & Security

Your data is stored securely on Supabase's cloud infrastructure with encryption at rest and in transit. OAuth tokens for Garmin Connect are stored in our database and used only to authenticate API requests on your behalf.

While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it.

7. Your Rights

You have the right to:

• Access your personal data stored in our systems
• Correct inaccurate information in your profile
• Delete your account and associated data
• Disconnect linked devices (Apple Watch, Garmin) at any time from the Settings screen
• Revoke HealthKit or Garmin permissions at any time through your device settings

To exercise any of these rights, contact us at the email below or use the in-app settings.

8. Children's Privacy

Our App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the App. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

[email protected]