Effective Date: April 25, 2026

1. Introduction

Welcome to RunFlow. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we handle your personal data when you use our application.

RunFlow is designed to work entirely on your device. The vast majority of your data never leaves your iPhone. When data is shared with a third party (Strava, RevenueCat, Firebase), this is always clearly indicated below.

2. Data Collection (Health & Fitness)

RunFlow is designed to help you track your workouts and monitor your heart rate using external heart rate monitors (via Bluetooth) or Apple Watch.

• HealthKit: If you grant permission, RunFlow reads heart rate data from Apple's HealthKit framework or directly from your heart rate monitor. RunFlow may also write completed workout sessions and active calories to Apple Health.
• Storage: All heart rate and fitness data (sessions, duration, intervals, personal records, hydration) are processed and stored locally on your device only. We do not store your health data on any external server.
• Legal basis (GDPR): Explicit consent (Art. 6(1)(a) and Art. 9(2)(a)).
• You can revoke HealthKit access at any time in iPhone Settings → Health → Data Access & Devices → RunFlow.

3. Location Data (GPS)

RunFlow requests access to your location only during outdoor workout sessions.

• Location is used to calculate your real-time pace, distance, and to draw your route on the map.
• GPS coordinates are stored locally on your device only — they are never sent to our servers.
• We use the "While Using the App" permission only. RunFlow never tracks your location in the background when no session is active.
• You can export your GPS route as a GPX file from the session detail screen. This export is entirely optional and initiated by you.
• Legal basis (GDPR): Explicit consent (Art. 6(1)(a)).