Privacy Policy

Last updated: April 20, 2026

Mənimlə Qaç (“we”, “our”, or “us”) operates a mobile application that helps runners track their workouts, discover routes, and connect with like-minded buddies. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

1. Information we collect

• Account: name, email address, hashed password.
• Running profile: preferred locations, pace, goals, listening preferences, frequency — all self-reported during onboarding.
• Run data: GPS coordinates, distance, duration, calories, pace, and route polylines recorded while you use the app.
• Heart-rate & recovery data (optional): when you connect WHOOP, we access the scopes you authorize (read:profile, read:recovery, read:cycles, read:sleep, read:workout, read:body_measurement) to enrich your running experience.
• Device identifiers & logs: crash logs and minimal diagnostic data to keep the service reliable.

2. How we use your data

• Authenticate you and keep your account secure.
• Record and display your running history.
• Match you with nearby runners who share your pace and goals (only when Open to new buddies is enabled).
• Show recovery and strain insights when you connect WHOOP.
• Improve reliability and performance of the service.

3. WHOOP integration

When you choose to connect WHOOP, we use WHOOP’s official OAuth 2.0 flow. We store a short-lived access token and a refresh token so the app can continue to pull your latest recovery, sleep, strain, and workout data. Data stays inside Mənimlə Qaç; we do not sell or share it with third parties. You can disconnect WHOOP at any time from Profile → WHOOP → Disconnect, which immediately removes the tokens and stops further sync.

4. Sharing & disclosure

We do not sell your personal data. We only share data with:

• Our hosting provider (DigitalOcean, Frankfurt EU region) to operate the service.
• WHOOP, when you explicitly authorize the integration.
• Law enforcement, only when required by a valid legal request.

5. Data retention

We keep your run history and profile data while your account is active. Deleting your account removes your data within 30 days, except for records we must keep for legal or accounting reasons.

6. Your rights

• Access, correct, or delete your data at any time.
• Disconnect WHOOP or disable buddy matching without losing other data.
• Export your running history (email us).

7. Children

Mənimlə Qaç is not intended for users under 13. We do not knowingly collect data from children.

8. Security

We use encrypted transport (HTTPS), hashed passwords (bcrypt), and access-token rotation. No system is perfectly secure, so we recommend using a unique password for your account.

9. Changes to this policy

We will update this page when the policy changes and notify active users via the app or email if the change is material.

10. Contact

Questions or requests? Email us at [email protected].