Privacy Policy

Controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states:

TreadSync is a Progressive Web App that runs entirely in your browser. We do not operate any user database, do not require accounts, and do not transmit your workout data to our servers. All sessions, settings, and exports are stored locally on your device.

The following data is stored exclusively in your browser's local storage and never leaves your device:

• Workout sessions (start time, duration, distance, speed, calories)
• Active session state (for resuming after a reload)
• Unit preference (km / mi)

You can delete this data at any time by clearing your browser's site data for this domain, or by uninstalling the PWA.

Legal basis: Art. 6 (1) (b) GDPR (performance of the service you requested). Storing this data is technically required to provide the app's core functionality.

This website is hosted on infrastructure provided by Lovable (lovable.dev) and Cloudflare. When you visit the site, your browser automatically transmits the following data to the hosting infrastructure, which is processed in server log files:

• IP address
• Date and time of the request
• Requested URL and HTTP status
• Browser type, version, and operating system
• Referrer URL

This data is required for technical operation and security (e.g. detecting attacks). It is not merged with other data sources.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in a secure and reliable service).

Cloudflare may process data outside the EU (USA). Data transfer is secured via the EU Standard Contractual Clauses and Cloudflare's participation in the EU-U.S. Data Privacy Framework.

Purchases are processed by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Dublin 2, Ireland. When you click the purchase button, you are redirected to Stripe's checkout. We never see or store your payment details.

Stripe processes the following data to complete the transaction: name, email address, payment method details, IP address, and country. Stripe may transfer data to its parent company in the USA under the EU Standard Contractual Clauses and the EU-U.S. Data Privacy Framework.

Legal basis: Art. 6 (1) (b) GDPR (performance of the purchase contract).

Stripe's privacy policy: stripe.com/privacy

TreadSync can generate FIT, GPX, PDF, and CSV files from your sessions. These files are generated on your device. If you choose to upload them to Garmin Connect, Strava, or another platform, that transfer happens directly between you and that platform — TreadSync is not involved. The respective privacy policy of the chosen platform applies.

TreadSync does not set any tracking cookies. We do not use Google Analytics, Facebook Pixel, or any comparable analytics or advertising tool. The app uses browser local storage (technically not a cookie) only to persist your sessions and settings — see Section 3.

Under the GDPR, you have the right to:

• Access (Art. 15) — request information about data processed about you
• Rectification (Art. 16) — request correction of inaccurate data
• Erasure (Art. 17) — request deletion of your data
• Restriction of processing (Art. 18)
• Data portability (Art. 20)
• Object (Art. 21) — object to processing based on legitimate interest
• Lodge a complaint with a supervisory authority (Art. 77), e.g. the data protection authority of Rhineland-Palatinate

To exercise any of these rights, contact: hello@treadsync.app

Locally stored workout data remains on your device until you delete it. Server log data from the hosting provider is automatically deleted after a maximum of 14 days. Payment data at Stripe is retained according to Stripe's policies and applicable tax law (in Germany generally 10 years).

We may update this privacy policy to reflect changes in the service or legal requirements. The current version is always available at this page with the effective date above.