Privacy Policy

Effective: May 13, 2026  ·  Contact: support.formbaselabs@gmail.com

This policy describes how FormBase ("we," "us") collects and uses information when you use the FormBase iOS app. It applies whether you use FormBase as an athlete or as a trainer.

1. Information we collect

We collect information you provide directly through the app and information generated as you use it. We do not buy data about you, and we do not collect data from third parties (except when you explicitly link an integration like Strava, see section 5).

Information you provide

• Account information, email address (when you sign in with Apple, Google, or email). You may also use the app anonymously without an account.
• Profile information, name, gender, age, height, body weight, training preferences, available training days. Used to calibrate your programs.
• Fitness data, workout logs (sets, reps, weights, heart-rate zones, durations), one-rep-max estimates, body-flag (injury) information, training programs you create or adopt.
• Trainer profile information (only if you opt into the trainer side), bio, headline, specialties, location, time zone, hourly rate, contact email, optional website URL, and an optional profile photo.
• User-generated content, free-text notes attached to body flags or constraints, plus public bios on trainer listings.
• Reports, when you report a trainer, we record your user ID, the reported user's ID, the selected reason, and any optional note you provide. Reports are not visible to other users.

Information generated automatically

• Authentication identifiers, Firebase Auth assigns each user a stable identifier ("uid") used to scope your data.
• Diagnostic logs, we log the existence and timing of errors locally during development. Production / TestFlight builds do not log error contents to system logs.

Information we do not collect

• We do not use third-party advertising SDKs.
• We do not track you across other apps or websites.
• We do not collect location, contacts, calendar, microphone, or camera data.

2. How we use information

• To provide the app, every piece of information above is used solely to render your training programs, log your sessions, surface progress metrics, and route trainer contact through your email app.
• To authenticate you, Firebase Auth uses Sign in with Apple / Google / anonymous identifier to keep your data scoped to your account.
• To moderate user-generated content, reports help us identify and remove abusive trainer profiles.

We do not use your data for advertising, profiling, ML training, or any purpose other than running the app.

3. How we store information

Your data is stored using Google's Firebase platform (Firebase Authentication, Cloud Firestore, and Cloud Storage). Firebase is operated by Google LLC and complies with industry-standard security practices including encryption at rest and in transit. See Google's Cloud Privacy Notice for Firebase's terms.

We do not sell, rent, or trade your data with any third party.

4. How long we keep information

• Active accounts, we keep your data for as long as your account exists.
• Deleted accounts, when you tap "Delete account" in the app's You tab → Settings → Account → Delete, we remove your profile, programs, workout logs, body flags, training profiles, trainer listing (if any), coaching relationships, and authentication account. Some backups maintained by Firebase may persist for up to 30 days as part of disaster-recovery infrastructure before being purged.
• Anonymous sessions, anonymous accounts you abandon (no Apple / Google / email linked) are removed after 90 days of inactivity.
• Strava data on disconnect, see section 5 below.

5. Strava integration

If you choose to connect Strava through Settings → Integrations, FormBase reads your own Strava data through the official Strava API. This section spells out exactly what we read, where it goes, and how to revoke access.

What we read

• Your athlete summary (username + Strava athlete id).
• Your run activities (distance, duration, average pace, average heart rate, weather summary, start time, location summary, polyline if available).
• Per-run streams when available: pace per kilometer, heart rate per second, altitude per second, time per sample.

We do not read activities from other athletes. We do not read any non-run activity types unless you explicitly request it.

What we do with it

• Display your imported runs in your own activity feed.
• Compute your personal heart-rate / pace zones, run-effort classification, projected race finish for your primary race goal, and a Hyrox 1 km pace estimate.
• Render the per-run analyzer view (charts of pace, HR, elevation, time-in-zone, splits, plateau disclosure).

Where it lives

Synced Strava data is written to your own subtree in our Firestore database (users/<your uid>/workoutLogs/... and users/<your uid>/runDetails/<run id>) under our security rules. No third party, including FormBase staff in normal operation, reads it. Strava-sourced runs are visible only to you. Per Strava's API Agreement (effective November 2024), Strava activity data may only be displayed to the athlete who owns it; FormBase does not share Strava-sourced runs with trainers, coaches, or any other user, regardless of the athlete's other consent settings. Data the athlete logs manually in FormBase or imports from non-Strava sources (e.g., Apple Health) is governed by the trainer share-data toggle described on the trainer page.

How to disconnect or delete

• Disconnect, Settings → Integrations → Strava → Disconnect. We call Strava's deauthorize endpoint to revoke our access token and clear the stored tokens from our database. At disconnect time you are asked whether to keep your previously imported runs in your FormBase history; if you choose not to, or do not affirmatively opt to keep them, all Strava-sourced runs and streams in your tree are deleted within 48 hours, per the Strava API Agreement.
• Delete imported data, if you want imported Strava runs removed from your FormBase history, email support.formbaselabs@gmail.com from your account email and we'll purge them within 48 hours.
• Delete account, Settings → Account → Delete account also removes every Strava-derived doc in your tree.
• Strava-side deletion, if you delete an activity from Strava, our scheduled sync stops finding it and the corresponding FormBase doc is purged within 48 hours per Strava's API agreement.

Strava usage data

Strava may collect usage data about FormBase's use of the Strava API for its own business purposes, including support and compliance. This is collected by Strava directly, not by FormBase, and is required disclosure under the Strava API Agreement.

What we never do with Strava data

• We do not aggregate it across users.
• We do not use it to train machine-learning models or generate analytics, customer insights, or any derived dataset beyond the per-athlete feedback described above.
• We do not share it with third parties, advertisers, or data brokers.
• We do not display another user's Strava data to anyone.

FormBase complies with the Strava API Agreement.

5b. Garmin Connect integration

If you choose to connect Garmin Connect through Settings → Integrations, FormBase reads your own Garmin Connect data through the official Garmin Health API. This section spells out exactly what we read, where it goes, and how to revoke access. The integration follows the same posture as Strava: read-only, athlete-scoped, no aggregation, no sharing, no ML training.

What we read from Garmin

• Your Garmin user id + display name (for the "Connected as" label).
• Activity summaries (runs, cycling, strength) and per-sample stream data (heart rate, pace, altitude, cadence) for activities you've recorded since you connected.
• Wellness signals where you've granted them: resting heart rate, VO₂ max, sleep summaries. These feed FormBase's adaptive engine and your Progress tab.

Where Garmin data lives

Synced Garmin data is written to your own subtree in our Firestore database under our security rules. Garmin-sourced runs are visible only to you. Per the Garmin Health API agreement, Garmin activity data is not aggregated across users, not used to train any machine-learning model, and not shared with any third party, regardless of your other consent settings. Data you log manually in FormBase or import from non-Garmin sources is governed separately by the trainer share-data toggle described on the trainer page.

How to revoke

• Disconnect, Settings → Integrations → Garmin → Disconnect. We call Garmin's deauthorize endpoint to revoke our access token and clear the stored tokens from our database. At disconnect time you are asked whether to keep your previously imported runs in your FormBase history; if you choose not to, all Garmin-sourced runs and streams in your tree are deleted within 48 hours.
• Garmin-side deletion, if you delete an activity from Garmin Connect, our scheduled sync stops finding it and the corresponding FormBase doc is purged within 48 hours.
• Delete account, Settings → Account → Delete account also removes every Garmin-derived doc in your tree.

What we never do with Garmin data

• We do not aggregate Garmin data across users.
• We do not train any machine-learning model on Garmin data.
• We do not sell, rent, or share Garmin data with third parties.
• We do not display another user's Garmin data to anyone.

FormBase complies with the Garmin Health API Partner Agreement.

5c. Coros integration

If you choose to connect Coros through Settings → Integrations, FormBase reads your own Coros data through the official Coros Open API. The posture is identical to Strava and Garmin: read-only, athlete-scoped, no aggregation, no sharing, no ML training.

What we read from Coros

• Your Coros open id + nickname (for the "Connected as" label).
• Activity summaries (runs, cycling, strength) and per-sample stream data (heart rate, pace, altitude) parsed from FIT files Coros provides for each activity.

Where Coros data lives

Synced Coros data is written to your own subtree in our Firestore database under our security rules. Coros-sourced runs are visible only to you. The data is not aggregated across users, not used to train any machine-learning model, and not shared with any third party.

How to revoke

• Disconnect, Settings → Integrations → Coros → Disconnect. We call Coros's deauthorize endpoint to revoke our access token and clear the stored tokens from our database. Coros-sourced runs are deleted from FormBase within 48 hours unless you affirmatively choose to keep them.
• Coros-side deletion, if you delete an activity in the Coros app, our scheduled sync stops finding it and the corresponding FormBase doc is purged within 48 hours.
• Delete account, Settings → Account → Delete account also removes every Coros-derived doc in your tree.

What we never do with Coros data

• We do not aggregate Coros data across users.
• We do not train any machine-learning model on Coros data.
• We do not sell, rent, or share Coros data with third parties.
• We do not display another user's Coros data to anyone.

FormBase complies with the Coros Open API Developer Agreement.

5d. Apple Health integration

If you choose to connect Apple Health through Settings → Apple Health, FormBase reads from and writes to the Apple Health database on your device using Apple's HealthKit framework. Apple's HealthKit rules require an extra level of consent for health data — those rules are baked into the way this integration works.

What we read from Apple Health

• Resting heart rate, heart rate (workout streams + observed peak), body weight, body-fat percentage, VO₂ max.
• Sleep summaries (total time asleep on the most recent overnight session).
• Completed workouts (HKWorkout records) covering runs, walks, cycling, strength, HIIT, and similar — including the start / end times, distance, energy estimate, and source app.

What we write to Apple Health

• Completed FormBase sessions are saved as HKWorkout records with start / end timestamps, distance (for runs), duration, and an estimated energy burn when available. Each export carries the FormBase log id as HKMetadataKeyExternalUUID so re-syncing never duplicates a record.

Where Apple Health data lives

On your device by default. Apple's HealthKit terms forbid storing HealthKit-derived data on a remote server without explicit, separate user consent. So by default, every value we read from Apple Health is held only in memory on your iPhone / iPad — it is never written to our Firestore database, never aggregated, and never leaves your device.

Optional cloud backup. An opt-in toggle "Back up health data to FormBase Cloud" lives under Settings → Apple Health → Cloud backup. Turning it on starts mirroring future Apple-Health-sourced data into your own Firestore subtree (same security model as Strava / Garmin / Coros). Turning it off stops the mirror and deletes any previously-mirrored Apple-Health data within 48 hours. The toggle is off until you explicitly turn it on.

How to revoke

• Disconnect in FormBase, Settings → Apple Health → Disconnect. FormBase stops reading and writing through HealthKit.
• Revoke in iOS Settings, the only way to fully revoke our HealthKit permissions is iOS Settings → Privacy & Security → Health → FormBase. Toggling FormBase off there is the system-level revocation.
• Delete account, Settings → Account → Delete account removes any Apple-Health-derived data we have stored on our servers (only relevant if cloud backup was turned on).

What we never do with Apple Health data

• We do not store Apple Health data on our servers unless you have turned on the cloud-backup opt-in.
• We do not aggregate Apple Health data across users.
• We do not train any machine-learning model on Apple Health data.
• We do not sell, rent, or share Apple Health data with third parties.
• We do not display another user's Apple Health data to anyone.

FormBase complies with Apple's HealthKit data-storage rules, including App Store Review Guideline 5.1.3 (Health and Health Research).

6. Your choices

• Access, you can view all your stored data within the app. Email us at support.formbaselabs@gmail.com for an exportable copy.
• Correction, edit your profile, training data, and trainer listing directly in the app at any time.
• Deletion, delete your account from Settings → Account → Delete account. This action is permanent.
• Block & report, in the trainer marketplace, the menu (•••) on any trainer profile lets you block or report them.
• Marketing communications, we do not send marketing emails. If we ever start, you'll be opted out by default.

7. EU / UK GDPR & California (CCPA) rights

If you are in the European Economic Area, the United Kingdom, or California, you have specific rights under GDPR, UK GDPR, and the CCPA respectively:

• Right of access, request a copy of the personal data we hold about you.
• Right of rectification, correct inaccurate or incomplete data.
• Right of erasure ("right to be forgotten"), delete your data.
• Right of restriction, limit how we process your data.
• Right of portability, get a machine-readable copy of your data.
• Right to object, object to specific processing activities.
• Right to opt out of "sale" or "sharing" (CCPA), we don't sell or share your personal data for monetary or other valuable consideration. You have nothing to opt out of.
• Right to non-discrimination (CCPA), we will not discriminate against you for exercising any of these rights.

To exercise any of these rights, email support.formbaselabs@gmail.com from the account email tied to your data. We'll respond within 30 days. We may ask for additional verification to make sure the request is genuinely from you.

8. Children's privacy

FormBase is not directed to children under 13 (or under the relevant age threshold in your jurisdiction). We do not knowingly collect information from children. If you believe a child has created an account, contact us and we will delete it.

9. International users

Data is processed on Google Cloud servers, which may be located outside your country. By using FormBase you consent to international data transfer. Standard contractual clauses with Google Cloud cover transfers from the EEA/UK.

10. Changes to this policy

We may update this policy as the app evolves. Material changes will be announced in-app before they take effect. The "Effective" date at the top reflects the current version.

11. Contact

Questions, deletion requests, or abuse reports: support.formbaselabs@gmail.com.

Data controller postal address:
FormBase
Vancouver, BC V5T 0J7
Canada