Pulsekit

Privacy Policy

Last updated: March 31, 2026

1. Introduction

Pulsekit ("we", "our", or "us") operates the Pulsekit application and website (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using Pulsekit, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you sign up through a third-party provider (e.g., Google), we receive your name and email from that provider.

Health & Fitness Data

You may voluntarily provide health metrics such as weight, heart rate, HRV, sleep data, body composition, and other wellness measurements. You may also log meals and nutritional information. This data is stored to provide you with tracking, analysis, and dashboard features.

Activity Data

When you upload activity files (FIT, GPX) or connect a third-party provider such as Strava, we collect activity details including duration, distance, heart rate streams, power data, GPS coordinates, cadence, elevation, and computed metrics (TSS, NP, IF, zone analysis). GPS data is used solely for map display and is not shared with third parties.

Third-Party Connections (Strava)

If you connect your Strava account, we request read-only access to your activity data via OAuth. We store your Strava access and refresh tokens solely to sync your activities. We do not post to your Strava account or access data beyond what is needed for activity syncing. You can disconnect Strava at any time from your Settings page, which revokes our access.

Payment Information

Payments are processed by Stripe. We do not store your credit card number or banking details. We retain your Stripe customer ID and subscription status to manage your plan.

AI Interactions

If you use AI-powered features (Coach, meal analysis), your prompts and relevant context are sent to our AI provider to generate responses. Conversation history is stored to maintain context within sessions. AI providers may process but do not retain your data for their own training purposes.

Usage Data

We collect basic usage data such as feature usage credits and session activity to operate the Service and enforce plan limits.

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Display your dashboard, charts, and training analytics
  • Compute derived metrics (CTL, ATL, TSB, calorie summaries)
  • Sync activities from connected providers
  • Process AI-powered meal analysis and coaching
  • Manage your subscription and process payments via Stripe
  • Send transactional emails (e.g., account verification)
  • Diagnose technical issues and prevent abuse

4. Data Sharing

We do not sell your personal data. We share data only with the following categories of service providers, solely to operate the Service:

  • Stripe — payment processing
  • AI providers — meal analysis and coaching (prompts and relevant context only)
  • Strava — OAuth token exchange for activity syncing (initiated by you)
  • Cloud infrastructure — hosting, database, and file storage providers

We may disclose information if required by law or to protect the rights, safety, or property of Pulsekit or its users.

5. Data Storage & Security

Your data is stored in secure, encrypted databases. Authentication tokens for third-party services are stored server-side and are never exposed to the browser. We use HTTPS for all data in transit. While no system is 100% secure, we implement industry-standard practices to protect your information.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law. Anonymized, aggregated data that cannot identify you may be retained indefinitely for analytics purposes.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for optional data processing
  • Disconnect third-party services at any time

To exercise any of these rights, contact us at the email address below.

8. Cookies

We use essential cookies to maintain your authentication session and preferences (e.g., theme, unit preference). We do not use third-party tracking cookies or advertising pixels.

9. Children's Privacy

Pulsekit is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at privacy@pulsekit.fit.