Privacy Policy

Who we are

Zenith is operated by Jordi Nuno (individual developer). Contact: jordi.nuno@gmail.com

Data we collect

• Account information (email address)
• Training activity data from Strava (activities, distance, heart rate, pace)
• Voice notes and their transcriptions that you record in the app
• Wearable data from connected devices (Garmin, Polar, Oura, etc.) via Junction

How we use your data

• To provide personalised coaching responses grounded in your training history
• To retrieve relevant past sessions semantically when you ask a question
• Your data is never shared with third parties, sold, or used to train AI models

Third-party services

• Strava — activity data via their API. Strava Privacy Policy
• Google Gemini — processes your queries and training context to generate coaching responses. Data is not used for model training.
• Supabase — secure database storage hosted in the EU.

Data retention

Your data is retained while your account is active. You can request deletion at any time by contacting us or by disconnecting your account from the app settings. Strava activity data is removed from our systems within 48 hours of you revoking Strava access.

Your rights (GDPR)

• Right to access your data
• Right to correct inaccurate data
• Right to erasure ("right to be forgotten")
• Right to data portability
• Right to withdraw consent at any time

To exercise any of these rights, contact jordi.nuno@gmail.com.

Security

All data is encrypted in transit (HTTPS). Access tokens from connected services are stored server-side and never exposed to the browser.