brev.fit← Back home

Legal

Privacy Policy

Last updated: 19 April 2026

brev.fit ("we", "us", "our") builds a gated endurance-fitness competition app. This policy explains what information we collect, why we collect it, and the choices you have. If you don't agree with it, please don't use brev.fit.

1. Information we collect

We collect the following categories:

  • Account information. Your name, email address, and a password hash (or the OAuth identifier from Apple or Google if you sign in with those providers).
  • Fitness activity data. Runs and related workouts imported from the services you connect (Strava, Garmin, Apple Health). This includes distance, duration, pace, heart rate, elevation, calories, device name, and start time.
  • Derived progress data. Your tier, streaks, weekly and monthly totals, crew membership, and challenge results — all computed from the activities above.
  • Device and usage data. Basic technical data such as IP address, app version, operating system, and crash logs, used to diagnose problems.

We do not collect precise GPS coordinates, route maps, photos, or payment details. We do not buy data about you from third parties.

2. How we use your information

  • To create and maintain your account.
  • To calculate tiers, streaks, crew standings, and leaderboard rankings — the core functionality of the app.
  • To keep the service secure and debug technical issues.
  • To send you transactional emails (sign-in confirmations, account-related notices). We don't send marketing emails without your explicit opt-in.

3. How your information is shared

We don't sell your personal data. We share limited information only in these cases:

  • Publicly within the app. Your name, tier, weekly and monthly totals, and streaks appear on leaderboards and crew pages visible to other athletes once you meet the ranking eligibility threshold.
  • With integrations you explicitly connect. When you link Strava, Garmin, or Apple Health, we exchange data with those providers on your behalf. Each provider has its own privacy policy governing data it holds.
  • With infrastructure providers that run our service on our behalf: Convex (database and server runtime), Vercel (web hosting), Expo (mobile build infrastructure), and our email provider. These vendors are bound by confidentiality and use the data only to provide the service.
  • When required by law — a valid legal request, court order, or to protect the rights, safety, and property of brev.fit or our users.

4. Apple Health

Health data read from Apple Health stays on your device except for the summary workout fields we import with your permission (distance, duration, heart rate, pace, etc.). We do not write anything back to Apple Health. We do not use Apple Health data for advertising, and we do not share Apple Health data with any third party other than the infrastructure providers listed above.

5. Data retention

We keep your data for as long as your account is active. When you delete your account, we delete your personal data within 30 days, except for anonymised aggregate metrics and records we're required to retain for tax, fraud, or legal-compliance purposes.

6. Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data; to object to or restrict certain processing; and to withdraw consent at any time. To exercise any of these rights, email us at privacy@brev.fit.

7. Security

We use industry-standard encryption in transit (HTTPS) and at rest, rotate secrets, and follow the principle of least privilege for access to production systems. No system is perfect, so we can't promise absolute security — please use a strong, unique password and enable 2FA on any accounts you connect.

8. Children

brev.fit is not intended for users under 16. We don't knowingly collect personal data from anyone under 16. If you believe a child has given us data, contact privacy@brev.fit and we'll delete it.

9. International data transfers

Our infrastructure is hosted in multiple regions. By using brev.fit you agree that your data may be transferred to and processed in countries outside your own, where data-protection laws may differ.

10. Changes to this policy

We may update this policy from time to time. Material changes will be announced in-app or by email at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.

11. Contact

Questions about this policy? Email privacy@brev.fit.