Privacy Policy

Effective Date: March 8, 2026

BurnRate (“we,” “our,” or “us”) is a nutrition and performance coaching app designed for endurance athletes. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. By using BurnRate, you agree to the practices described in this policy.

1. Information We Collect

1.1 Account & Profile Information

When you create an account and complete onboarding, we collect:

• Name (first and last)
• Email address
• Age
• Height and weight
• Gender
• Sport type (e.g. cycling, running, triathlon)
• Weekly training hours
• Performance goals (performance, body composition, or maintenance)
• Upcoming race name and date

1.2 Nutrition & Training Data

As you use the app, we collect:

• Meals and food logs, including foods, portions, and macros
• Workout data (type, duration, scheduled time)
• Body weight logs
• Macro targets and daily nutrition plans
• Meal adherence data

1.3 AI Coach Conversations

When you interact with the BurnRate AI coach, your chat messages are processed by OpenAI to generate responses. Messages are stored to maintain conversation history and improve your coaching experience.

1.4 Strava Integration (Optional)

If you connect your Strava account, we receive and store your Strava athlete ID and OAuth tokens in order to sync your workout data. We access only the workout data needed to provide nutrition recommendations. You can disconnect Strava at any time from Settings.

1.5 Meal Photos (Optional)

The app may request access to your camera and photo library if you choose to photograph meals for nutrition tracking. Photos are used solely for this purpose and are not shared with third parties.

1.6 Push Notifications

With your permission, we send push notifications for workout reminders, weekly nutrition reviews, and weight logging reminders. You can manage notification preferences in the app or your device settings.

1.7 Technical & Crash Data

We use Sentry to automatically collect crash reports and error logs. This data includes device type, operating system version, and stack traces. It is used exclusively for diagnosing and fixing bugs and does not include personal nutrition or health data.

2. How We Use Your Information

We use the information we collect to:

• Generate personalized daily macro targets and meal plans based on your profile and training load
• Power the AI coaching experience and respond to your messages
• Sync and incorporate workout data from Strava
• Send reminders and weekly review notifications
• Maintain your meal and workout history
• Diagnose technical issues and improve app stability

We do not use your data for advertising, and we do not sell your personal information to third parties.

3. Third-Party Services

BurnRate relies on the following third-party services to operate:

• Supabase — our backend database and authentication provider. Your data is stored on Supabase’s infrastructure. Supabase is SOC 2 Type 2 compliant.
• OpenAI — powers the AI coach. Chat messages are sent to OpenAI’s API to generate responses. OpenAI’s data use is governed by their API data usage policies.
• Strava — optional workout integration. Data shared with Strava is governed by Strava’s Privacy Policy.
• Sentry — crash reporting and error monitoring. Sentry receives anonymized technical error data only.
• Apple Sign In / Google Sign In — optional authentication methods. We receive only your email address and name from these providers.

4. Data Storage & Security

Your data is stored securely on Supabase’s infrastructure with encryption in transit (TLS) and at rest. We implement industry-standard practices to protect your information from unauthorized access. Authentication sessions are stored locally on your device using secure storage.

5. Data Retention

We retain your account data for as long as your account is active.

When you delete your account: We permanently delete your personal data within 30 days after you confirm your deletion request. This includes: account and profile information, nutrition and training data, AI coach conversation history, Strava connection data (if connected), and meal photos stored by the app. We do not retain copies of this data after deletion. We may keep anonymized or aggregated data that cannot identify you, and we may retain certain information where required by law (e.g. legal or tax) for an additional period as permitted or required by applicable law.

For details on how to request account deletion and exactly what data is deleted or kept, see our Delete your data page.

6. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your account and associated data
• Withdraw consent for optional integrations (e.g. Strava)
• Export your data

How to request account deletion: To request that BurnRate (the app name as shown on the App Store and Google Play) delete your account and data, go to our Delete your data page, enter the email address linked to your account, and follow the steps shown there. We will confirm by email and complete deletion within 30 days.

For other requests, contact us at the email address below.

7. Children’s Privacy

BurnRate is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or email. Continued use of BurnRate after changes are posted constitutes your acceptance of the updated policy.

9. Contact Us

If you have questions or requests regarding this Privacy Policy, please contact us at:

BurnRate
Email: privacy@burnrate.fit
Website: burnrate.fit