← Back to Home

Privacy Policy

Last updated: March 21, 2026

1. Information We Collect

Account Data: Name, email address, and encrypted password when you create an account.

Training Data: Athlete profiles, session logs, performance metrics, readiness check-ins, and coaching notes entered by coaches and athletes.

Video Uploads: Training and competition videos uploaded for analysis.

Usage Data: Page views and feature usage to improve the platform.

2. How We Use Your Data

We use your data solely to operate the Podium Throws coaching platform — delivering training management, performance tracking, and video analysis features. We do not sell or share your personal data for advertising purposes.

3. Data Storage & Security

Account and training data are stored in a PostgreSQL database hosted by Vercel. Video files are stored on Cloudflare R2 object storage. All data is encrypted in transit via TLS. Passwords are hashed using bcrypt with industry-standard salt rounds.

4. Cookies

We use a minimal set of cookies: auth-token for authentication and theme for your display preference. No third-party tracking cookies are used.

5. Wearable Device Integrations

You may optionally connect wearable devices (such as WHOOP) to enhance your readiness data with physiological metrics. When you connect a wearable device:

  • We request access only to specific data categories (recovery, sleep, workouts, profile, body measurements) via OAuth 2.0 authorization.
  • Access tokens are encrypted at rest using AES-256-GCM and are only decrypted when making authorized API calls on your behalf.
  • Data we may access includes: recovery scores, heart rate variability (HRV), resting heart rate, sleep duration and stages, blood oxygen levels (SpO2), daily strain, and body measurements (height, weight).
  • You can disconnect your wearable at any time from your account settings, which immediately revokes our access. Previously synced data is retained as part of your training history unless you request its deletion.
  • Wearable data is shared with your assigned coach as part of your readiness metrics, following the same coach-athlete data sharing rules described below.

6. Third-Party Services

Stripe — processes subscription payments. Stripe's privacy policy governs payment data.

Resend — sends transactional emails (invitations, password resets).

WHOOP — optional wearable integration for recovery and sleep data. WHOOP's privacy policy governs data collected by their device. We only access data you explicitly authorize.

7. Data Ownership & Deletion

Coaches own all training data they create. You may request a full export or deletion of your data at any time by contacting us.

8. Contact

For privacy-related questions, contact us at privacy@podiumthrows.com.