Privacy Policy

Last updated: March 15, 2026

1. What is Rolig Tur?

Rolig Tur is an AI-powered running coach that connects to your Garmin device to provide personalized training suggestions and push structured workouts to your watch.

2. Data We Collect

Data you provide

  • Fitness profile: fitness level, weekly distance, comfortable pace
  • Goals: goal type (freeform or race), race distance, target date

Data from Garmin

When you connect your Garmin account, we receive the following via Garmin's APIs:

  • Activity data: distance, duration, pace, heart rate (average and max), cadence, elevation gain, calories, device name
  • Health and readiness data: body battery, sleep duration, sleep score, resting heart rate, HRV (heart rate variability), stress level

Data collected automatically

  • Session data: IP address and user agent string for session management
  • OAuth tokens: Garmin access and refresh tokens to maintain your connection

3. How We Use Your Data

PurposeData used
Generate personalized training suggestionsActivity history, health metrics, fitness profile, goals
Provide post-run coaching feedbackActivity data compared to suggested workout
Push workouts to your Garmin deviceAccepted training suggestions
Maintain your login sessionOAuth tokens, session data

We use Anthropic's Claude API to generate coaching feedback. When generating a coach comment, we send a summary of your run performance (not your identity) to this service.

4. Data We Do NOT Collect

  • We do not collect your name or email from Garmin (Garmin's OAuth does not provide these)
  • We do not use analytics, tracking, or advertising services
  • We do not use cookies for tracking purposes

5. Data Storage

  • Your data is stored in a PostgreSQL database hosted by Neon (a cloud database provider)
  • On your device, session tokens are stored in encrypted platform-native secure storage
  • Cached data on your device (runs, suggestions) is stored locally and expires after 24 hours

6. Data Sharing

We do not sell, rent, or share your personal data with third parties.

Your data is only transmitted to:

  • Garmin — to read your activity/health data and push workouts back to your device
  • Anthropic (Claude API) — anonymized run performance summaries to generate coaching comments
  • Neon — as our database hosting provider

No other third parties receive your data.

7. Data Retention

  • Your data is retained as long as your account is active
  • If you disconnect your Garmin account from within Garmin Connect, your account data is automatically deleted from our system
  • You may request full deletion of your data at any time by contacting us

8. Your Rights

You have the right to:

  • Access your data — all your data is visible within the app
  • Delete your data — disconnect Garmin from Garmin Connect or contact us for full deletion
  • Export your data — contact us for a copy of your data
  • Withdraw consent — revoke Garmin permissions at any time from your Garmin Connect account

9. Security

  • OAuth 2.0 with PKCE for Garmin authentication
  • Encrypted token storage on your device
  • Garmin webhook requests are verified via client ID header
  • Tokens are automatically refreshed and old tokens invalidated

10. Children's Privacy

Rolig Tur is not intended for children under 16. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this policy from time to time. Changes will be reflected by updating the "Last updated" date above.

12. Contact

For questions about this privacy policy or to exercise your data rights:

Filip Johansen AB