Data We Access
Athlete Signal connects to third-party APIs using OAuth to read your fitness and recovery data:
- Strava: Running activities including distance, pace, heart rate, cadence, and activity timestamps. We request read-only access — Athlete Signal cannot modify or delete your Strava data.
- Oura Ring: Daily sleep stages, sleep score, and readiness score. Access is read-only.
We never ask for or store your Strava or Oura passwords. Authentication is handled entirely through OAuth, and you can revoke access at any time from your Strava or Oura account settings.
How Data Is Stored
Your data is temporarily cached in Redis (an in-memory data store) solely to improve performance and reduce repeated API calls to Strava and Oura. This cache is short-lived:
- Cached data is set with an automatic expiration and is regularly cleared.
- Data lives only in memory — it is not written to disk or backed up.
- When the cache expires or the server restarts, all cached data is permanently gone.
- Session data (used to keep you logged in) is also stored in Redis with the same short-lived expiration.
There is no persistent database. Athlete Signal does not store your fitness, sleep, or recovery data long-term in any form.
Miles (AI Coach)
Athlete Signal includes Miles, an AI-powered training coach that analyzes your performance and recovery data to provide personalized recommendations. Here's how your data is handled in that context:
- Your data is sent to the AI provider only when you actively use Miles.
- Your data is never used to train, fine-tune, or improve any AI or large language model (LLM).
- Conversations with Miles are not stored after your session ends.
What We Don't Do
- We do not sell, share, or rent your data to any third party.
- We do not use your data for advertising or marketing purposes.
- We do not use your data to train machine learning models or LLMs.
- We do not track you across other websites or services.
- We do not collect personal information beyond what Strava and Oura provide through their APIs.
Cookies & Sessions
Athlete Signal uses a session cookie to keep you logged in during your visit. This cookie contains only a session identifier — no personal data. It expires when your session ends. We do not use analytics cookies, advertising trackers, or any third-party tracking scripts.
Your Control
You are in full control of your data at all times:
- Revoke Strava access from Strava Settings → My Apps.
- Revoke Oura access from your Oura account's connected applications page.
- Once access is revoked, Athlete Signal can no longer retrieve your data, and any cached data will expire automatically.
Contact
If you have questions about this privacy policy or how your data is handled, you can reach the developer through the About page.
Last updated: April 2026