AthleteArcBack to sign-in
Legal

Privacy Policy

Last updated: 2026-04-15
Preview version. This privacy policy is a placeholder while our legal text is being finalized. For a copy of the working draft or to ask a specific privacy question, contact privacy@athletearc.io.

What we collect

AthleteArc collects information you provide directly (account details, athlete profiles, daily check-ins, training data, goals, notes) and technical information about how you use the service (device type, browser, timestamps, IP address). We collect this to power the features you use and to keep the service secure.

How we use it

We use your data to provide the performance-monitoring features, generate AI recommendations, show you your training history, and keep your account secure. We do not sell your data. We do not share it with advertisers. We do share aggregated, anonymized data with our AI provider (Anthropic, via Vercel AI Gateway) only when you trigger a feature that uses AI — never proactively.

Your rights

Under GDPR and similar privacy laws, you have the right to:

  • Access — download everything we hold about you via Settings → Account → Download my data.
  • Erasure — permanently delete your account and all associated data via Settings → Account → Delete account.
  • Rectification — update your profile, athlete details, and check-in history at any time via the app.
  • Portability — the data export is a machine-readable JSON file you can take to another service.
  • Complain — if we don't resolve a concern, you can contact your local data protection authority.

Sub-processors

We use these providers to run AthleteArc:

  • Supabase — database, authentication, file storage
  • Vercel — application hosting, serverless functions
  • Vercel AI Gateway (Anthropic) — AI recommendations, coaching content
  • Resend — transactional email (sign-in codes, password resets, account notifications)
  • PostHog — product analytics (if you accept optional cookies)
  • Sentry — error tracking
  • Axiom — server log aggregation

Youth athletes

AthleteArc is designed for athletes aged 14 and older. If you are under 13, you cannot create an account yourself — a parent or guardian must provide verifiable consent before any data is collected. The COPPA consent flow is currently in development; if you are under 13, please do not sign up until we have launched it.

Data Protection Officer

Our Data Protection Officer is Andrew Silva. Contact the DPO at privacy@athletearc.io.

Changes to this policy

When we update this policy materially, we'll notify you in-app and by email. Continued use of AthleteArc after the change constitutes acceptance of the updated policy.

Terms of Service··Sign in·Home