PRIVACY POLICY
Effective Date: April 22, 2026
1. Privacy by Design
RunCut is built with a “Privacy by Design” philosophy. We believe your fitness data is personal and should remain under your control. Most features of the App operate entirely on your device. We do not upload or store your fitness data on our servers.
2. On-Device Data Processing
RunCut processes your data locally on your device for core functionality:
- Fitness Data: When you grant access to Apple Health, Google Fit, or Garmin, the App reads metrics such as pace, heart rate, and distance solely to generate visual overlays.
- Photos & Videos: Media you select is processed locally.
- Rendering: All video rendering is performed on-device using your device’s GPU (e.g., Metal or Vulkan).
Your fitness data, photos, and videos:
- Are not uploaded to our servers
- Are not stored remotely
- Remain entirely on your device
3. Limited Server Interaction (Strava Integration)
If you connect your Strava account:
- Authentication is handled via OAuth, with tokens stored securely on your device
- RunCut operates a minimal server to receive “New Activity” notifications from Strava
This server acts solely as a stateless relay. It temporarily processes only metadata, sends a push notification, and deletes all data immediately after processing.
4. Push Notifications
RunCut uses push notification services (APNs/FCM) to deliver activity updates. These services may process device push tokens. We do not use notifications for advertising or tracking.
5. Analytics and Crash Reporting
To improve RunCut’s performance and stability, we may use third-party analytics tools (such as Sentry or Firebase Analytics). These services:
- Collect anonymous technical data (e.g., app crash logs, device model, OS version)
- Do not collect personal fitness data or media
- Are used solely to identify and fix technical issues
6. Data Use Summary
We do not:
- Store fitness or health data on our servers
- Upload photos or videos
- Sell or share personal data for advertising
7. Data Retention & Control
- All sensitive data remains on your device
- You can revoke permissions at any time via device settings
- You can disconnect Strava at any time
- Deleting the App removes all local data
8. Security
We use industry-standard safeguards, including encrypted communication (HTTPS/TLS), secure on-device storage, and minimal data architecture.
9. Children’s Privacy
RunCut is not intended for children under 13.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected by updating the Effective Date.
For questions or concerns:
hi@runcut.app