Privacy Policy

Last updated: March 24, 2026

1. Introduction

Paicer ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services, including our integration with Garmin Connect™.

By using Paicer, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

  • Register for an account
  • Connect your Garmin Connect™ account to our services
  • Upload training plans, workout images, or other content
  • Contact us for customer support or inquiries
  • Subscribe to our newsletter or marketing communications
  • Subscribe to a paid plan or manage your subscription

This information may include:

  • Email address for account identification and communication
  • Profile information and preferences you set within Paicer
  • Training plans and workout data you create or upload
  • Communications with our support team

Billing and Payment Information: When you subscribe to a paid plan, payment details (such as credit card number, billing address, and payment method) are collected and processed directly by our payment provider, Paddle, who acts as the Merchant of Record. We do not collect, store, or have access to your full payment card details. We receive only your email address, subscription status, and transaction identifiers from Paddle to manage your account.

Important: We do not collect or store passwords. All authentication with third-party services (like Garmin Connect™) is handled through secure OAuth tokens.

2.2 Garmin Connect™ Integration Data

When you connect your Garmin Connect™ account to Paicer, we access the following data from Garmin Connect™ through secure OAuth 2.0 authentication:

  • Workout Data: We read your existing workouts and create new workouts in your Garmin Connect™ account
  • Calendar Information: We access your Garmin Connect™ calendar to schedule and manage workouts
  • OAuth Tokens: We store secure OAuth access tokens that allow us to interact with your Garmin Connect™ account on your behalf

What we DO NOT store:

  • Your Garmin Connect™ username or password
  • Permanent copies of your workout data (we access it in real-time via API)
  • Your personal health metrics or activity history beyond what's necessary for the current session

Important: We only store OAuth access tokens (not passwords) that allow us to interact with your Garmin Connect™ account. You can revoke Paicer's access at any time through your Garmin Connect™ account settings.

2.3 Automatically Collected Information

When you access our services, we automatically collect certain technical information:

  • Device information (browser type, operating system, device identifiers)
  • Usage data (pages visited, features used, time spent, click patterns)
  • Log data (IP address, access times, error logs)
  • Cookies and similar tracking technologies (see Section 8)

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

  • Create, schedule, and manage workouts in your Garmin Connect™ calendar
  • Parse and extract workout information from uploaded training plans using AI
  • Synchronize workout data between Paicer and Garmin Connect™
  • Match workout pace zones to your custom training zones
  • Provide personalized training plan management

3.2 Communication and Support

  • Send service-related notifications and updates
  • Respond to your inquiries and support requests
  • Send marketing communications (with your consent)
  • Provide important service announcements

3.3 Service Improvement and Analytics

  • Analyze usage patterns to improve our services
  • Develop new features and functionality
  • Conduct research and analytics
  • Monitor and improve service performance

3.4 Security and Compliance

  • Detect, prevent, and address fraud, security issues, or technical problems
  • Enforce our Terms of Service and other policies
  • Comply with legal obligations and respond to lawful requests
  • Protect the rights, property, and safety of Paicer, our users, and the public

4. Garmin Connect™ Developer Program Integration

Paicer integrates with Garmin Connect™ through the Garmin Connect™ Developer Program to facilitate secure workout synchronization, calendar management, and training analytics. This integration allows us to provide you with a comprehensive view of your training and performance.

4.1 Purpose of Integration

We connect to Garmin Connect™ to provide the following services:

  • Workout Management: Create, schedule, update, and delete structured workouts in your Garmin Connect™ account
  • Calendar Synchronization: Access and manage your Garmin Connect™ workout calendar
  • Training Analytics: Access your activity data, including completed workouts, to provide insights and track your progress
  • Performance Metrics: Access health and fitness data such as heart rate (HR), heart rate variability (HRV), pace, distance, and other performance metrics to offer personalized training recommendations
  • Holistic Training View: Combine workout plans with your actual performance data to give you a complete picture of your training load, recovery, and readiness

Note: Some features may access additional health and fitness data from your Garmin® devices to provide enhanced training insights. You will be informed when enabling features that require access to additional data types.

4.2 Data Access and Permissions

We request only the minimum permissions necessary to provide our services. The data we may access includes:

  • Workout Data: Structured workouts, workout schedules, workout names, descriptions, and step details (duration, distance, pace targets)
  • Calendar Data: Your Garmin Connect™ calendar events and scheduled workouts
  • Activity Data: Completed activities, including runs, rides, and other exercises recorded by your Garmin® devices
  • Health Metrics: Heart rate (HR), heart rate variability (HRV), training load, recovery time, and other performance indicators
  • Performance Data: Pace, distance, elevation, cadence, and other activity-specific metrics
  • Profile Information: Basic user profile data necessary for authentication and personalization

Permissions requested:

  • Read access: To retrieve your workouts, activities, health metrics, calendar events, and profile information
  • Write access: To create, update, and schedule workouts in your Garmin Connect™ account
  • Delete access: To remove workouts that you've created through Paicer (upon your request)

We only access the specific data required for the features you choose to use. All data access occurs through Garmin's secure OAuth 2.0 authentication system.

4.3 How to Disconnect

You can revoke Paicer's access to your Garmin Connect™ account at any time by:

  • Visiting your Garmin Connect™ account settings
  • Navigating to "Connected Apps" or "Third-Party Applications"
  • Removing Paicer from the list of authorized applications
  • Alternatively, you can disconnect through Paicer's settings page

Note: Disconnecting will prevent Paicer from accessing or syncing with your Garmin Connect™ account, but previously synced workouts will remain in your Garmin Connect™ calendar unless you delete them manually.

5. Third-Party Services and Data Sharing

5.1 Third-Party Service Providers

We work with the following third-party service providers:

  • Garmin Connect™: For workout synchronization and calendar management via OAuth 2.0 authentication. Governed by Garmin's Privacy Policy.
  • Anthropic (Claude AI): For parsing and extracting workout information from uploaded images. Image data is processed via their API and is not used for model training. Anthropic retains API data for up to 30 days for trust and safety purposes. See Anthropic's Privacy Policy.
  • Paddle: For subscription billing and payment processing. Paddle acts as the Merchant of Record, meaning Paddle is the entity that processes your payment and is responsible for billing. We share your email address with Paddle to create and manage your subscription. Paddle collects your payment details directly and we never have access to your full card number. See Paddle's Privacy Policy and Paddle's Buyer Terms.
  • Supabase: For secure authentication, database hosting, and file storage. See Supabase's Privacy Policy.
  • Cloud Hosting Providers: For secure application hosting.

5.2 Data Sharing Practices

We do not sell, trade, or rent your personal information to third parties.

We may share your information only in the following circumstances:

  • With your consent: When you explicitly authorize us to share specific information
  • Service providers: With trusted third parties who assist in operating our services, under strict confidentiality agreements
  • Legal requirements: When required by law, court order, or government request
  • Business transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)
  • Aggregated data: We may share anonymized, aggregated statistical data that does not identify individuals

6. Data Storage and Security

6.1 Security Measures

We implement industry-standard security measures to protect your personal information, including:

  • Encryption: Data transmitted between your device and our servers is encrypted using TLS/SSL protocols
  • Secure Authentication: OAuth 2.0 for Garmin Connect™ integration (we never store your Garmin® password)
  • Access Controls: Restricted access to personal data on a need-to-know basis
  • Regular Security Audits: Periodic reviews of our security practices and infrastructure
  • Secure Hosting: Data stored on secure, reputable cloud infrastructure

6.2 Data Storage Location

Your data may be stored and processed in data centers located in various jurisdictions. We ensure that all data transfers comply with applicable data protection laws, including GDPR requirements for international data transfers.

6.3 Limitations

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to maintain and improve our security measures.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

7.1 Retention Periods

  • Account Data: Retained while your account is active and for a reasonable period afterward to comply with legal obligations
  • Garmin Integration Data: Retained while you maintain the connection to Garmin Connect™; deleted when you disconnect
  • Workout and Training Plan Data: Retained until you delete it or close your account
  • Billing and Subscription Data: Transaction records and subscription history are retained by Paddle (as Merchant of Record) in accordance with their retention policy and applicable tax/accounting laws. We retain subscription status and transaction identifiers while your account is active and for the period required by law afterward
  • Usage and Log Data: Typically retained for 12-24 months for analytics and security purposes
  • Marketing Communications: Retained until you unsubscribe or for up to 2 years of inactivity

7.2 Account Deletion

You can delete your account at any time from your Settings page. When you delete your account:

  • All personal data is deleted immediately, including activities, pace zones, settings, and provider connections
  • Any active subscription is cancelled immediately and you will receive a prorated refund for unused time
  • Your fitness tracker connection (e.g. Garmin) is revoked
  • Uploaded files are deleted from storage
  • Some data may be retained in backup systems for up to 90 days
  • Minimal audit records (e.g. billing events, fraud prevention) are anonymized but not deleted, as required for legal compliance
  • Anonymized, aggregated data may be retained indefinitely for analytics purposes

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information under applicable privacy laws, including GDPR (EU), CCPA (California), and other data protection regulations.

8.1 Your Rights Include

  • Right to Access: Request a copy of the personal information we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal information ("right to be forgotten")
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to certain types of processing, including direct marketing
  • Right to Withdraw Consent: Withdraw consent for data processing at any time
  • Right to Disconnect: Revoke Paicer's access to your Garmin Connect™ account

8.2 How to Exercise Your Rights

You can exercise many of these rights directly from your Settings page:

  • Data Export (Portability): Use the "Download My Data" button to download all your data as a JSON file
  • Account Deletion (Erasure): Use the "Delete Account" button to permanently delete your account and all associated data
  • Disconnect Provider: Use the provider connection settings to revoke access to your fitness tracker

For any other requests, please contact us at support@paicer.app. We will respond within 30 days.

You may also have the right to lodge a complaint with a data protection authority in your jurisdiction.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and analyze usage patterns.

9.1 Types of Cookies We Use

  • Essential Cookies: Required for the website to function properly (e.g., authentication, security)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how users interact with our services
  • Performance Cookies: Monitor and improve website performance

9.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit your ability to use some features of our services.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions recognizing equivalent data protection standards
  • Other legally approved transfer mechanisms

11. Children's Privacy

Paicer is not intended for use by individuals under the age of 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children under 13.

If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as soon as possible.

If you believe we have collected information from a child under 13, please contact us immediately at support@paicer.app.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes to this Privacy Policy, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you via email (if you have an account with us)
  • Display a prominent notice on our website
  • Where required by law, obtain your consent to the changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@paicer.app

Data Protection Officer: support@paicer.app

We will respond to all requests, inquiries, or concerns within 30 days.

14. Legal Compliance

Paicer complies with applicable data protection laws and regulations, including:

  • General Data Protection Regulation (GDPR) - European Union
  • California Consumer Privacy Act (CCPA) - California, USA
  • Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
  • Other applicable regional and national privacy laws

This Privacy Policy is designed to comply with the Garmin Connect™ Developer Program requirements and Garmin's data protection standards.