Privacy Policy

1. Introduction

Welcome to Chase The Zones ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

This Privacy Policy applies to all users of our service, regardless of location. However, as a UK-hosted service, we comply with UK data protection legislation.

2. Information We Collect

2.1 Information You Provide

• Account registration information (email address, username, password)
• Profile information (name, fitness goals, preferences)
• Fitness data you manually enter (weight, FTP values, pace entries)
• Communication data when you contact us

2.2 Information from Peloton API

2.3 Automatically Collected Information

• IP address and browser information
• Device information and operating system
• Usage data and website interaction patterns
• Cookies and similar tracking technologies

3. How We Use Your Information

We use your information for the following purposes:

• To provide and maintain our service
• To process your account registration and manage your profile
• To sync and display your Peloton workout data
• To calculate fitness metrics and provide analytics
• To communicate with you about your account and our services
• To improve our website and services
• To comply with legal obligations under UK law

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on the following legal bases:

• Consent: When you register and connect your Peloton account
• Contract: To fulfill our service agreement with you
• Legitimate Interests: To improve our services and ensure security
• Legal Obligation: To comply with UK laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

• Peloton API: We access your Peloton data through their API, but we do not share your data back to Peloton
• Service Providers: With trusted third-party service providers who assist in operating our website (hosting, analytics)
• Legal Requirements: When required by UK law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)

6. Data Storage and Security

Your data is stored on servers located in the United Kingdom. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

7. Your Rights Under UK GDPR

As a UK-hosted service, you have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by UK law.

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal purposes.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

Types of cookies we use:

• Essential Cookies: Required for the website to function properly
• Preference Cookies: Remember your settings (e.g., dark mode preference)
• Analytics Cookies: Help us understand how visitors use our website

10. Third-Party Services

Our service integrates with Peloton's API to retrieve your workout data. When you connect your Peloton account, you are subject to Peloton's own privacy policy and terms of service. We are not responsible for Peloton's data practices.

We may use third-party analytics services to help us understand website usage. These services may collect information about your use of our website.

11. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. International Data Transfers

Your data is primarily stored and processed in the United Kingdom. If we transfer your data outside the UK, we will ensure appropriate safeguards are in place to protect your data in accordance with UK GDPR requirements.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights under UK GDPR, please contact us: