Privacy Policy

Last Updated: March 12, 2026

Your privacy is important to us. This Privacy Policy explains how Trayne ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our application and services (collectively, the "Services").

1. Information We Collect

We collect information necessary to provide and improve our Services, which may include:

Account and Profile Information

When you register or create a profile, we collect basic contact details and any other information you choose to provide, such as demographic, fitness, or personal preferences. This may include a profile image or similar optional content.

Usage and Activity Data

We collect information related to how you use our Services, including your activity history, training plans, progress updates, session details, and interactions with features or content. If you connect third-party services, we may collect relevant data with your permission.

Health and Wellness Data

With your explicit consent, we may collect information related to your health or fitness status to help personalize your experience.

Device and Technical Data

We automatically collect technical data such as your IP address, device type, operating system, browser, and system logs to ensure the functionality and security of the Services.

Preferences and Settings

We store your preferences related to notifications, session settings, and other configurable aspects of the Services.

Payment Information

If you purchase a subscription or premium feature, your payment will be processed by a third-party provider. We do not store your full payment details directly.

2. How We Use Your Information

We use the information we collect to:

Deliver and Improve Our Services

Enable personalized features, manage your account, and continuously improve our offerings.

Communicate with You

Send service-related updates, respond to inquiries, and deliver notifications, which you can manage in your settings.

Maintain Security and Integrity

Protect against unauthorized access, enforce policies, and prevent misuse.

Conduct Research and Analytics

Analyze how users engage with our Services to enhance performance and inform product decisions. When possible, we use aggregated or anonymized data.

3. How We Share Your Information

We do not sell your personal data. However, we may share it under the following conditions:

With Trusted Service Providers

We work with third parties who help us operate, support, and improve the Services (e.g., hosting, analytics, payments). These providers access only the data necessary to perform their roles.

With Other Users

Depending on your privacy settings, some basic profile details may be visible to other users. You control how much is shared.

With Your Consent

When you choose to connect to third-party services or apps, we share relevant information as authorized by you.

To Meet Legal Obligations

We may share information when required to comply with applicable laws, regulations, or legal processes.

4. Mobile App Data Collection

Trayne iOS App Specific Information

When you use the Trayne mobile app for iOS, we collect and process additional data to provide personalized training experiences:

Health and Fitness Data (Apple HealthKit)

Data Collected:

  • Workout history
  • Activity levels
  • Sleep patterns
  • Heart rate
  • Heart rate variability (HRV)
  • VO2 max
  • Step count
  • Distance walked/run
  • Active energy burned

Purpose:

We use this health data to automatically adjust your daily training sessions based on your recovery, sleep quality, and activity levels. For example, if you had poor sleep last night, Trayne will recommend lighter training today.

How It's Used:

  • Personalizing training plan intensity and volume
  • Providing real-time coaching recommendations
  • Analyzing recovery patterns to prevent overtraining
  • Tracking training progress over time

Data Written to Apple Health:

When you complete a workout in Trayne, we can save it to Apple Health so it counts toward your Activity rings and appears in your workout history. This includes the workout type, duration, and distance. You can enable or disable this in the Apple Health integration settings within the app.

Third-Party Processing:

To deliver AI-powered training plans, your health data is securely transmitted to:

  • Our backend servers (hosted by Supabase) for processing and storage
  • AI service providers — including OpenAI (plan editing, session generation), Anthropic/Claude (weekly plan generation, onboarding, daily adjustments), xAI/Grok (health insight summarization, memory system), Google/Gemini (web research, session creation, memory contextualization), Qwen (text embeddings via OpenRouter), and Perplexity (deep research) — for generating personalized training recommendations. Embeddings are stored in Pinecone (vector database) and long-term training facts in Neo4j (knowledge graph). See Section 10: AI Transparency Statement for full details.

All third-party processors:

  • Operate under strict data processing agreements
  • Use your data ONLY to provide fitness coaching services
  • Are prohibited from using your data for advertising or other purposes
  • Maintain enterprise-grade security standards

What We Don't Do With Your Health Data:

  • Never sell your health data
  • Never use it for advertising or marketing
  • Never share it with data brokers or information resellers
  • Never use it for purposes beyond fitness coaching

Important: You can use Trayne without connecting Apple Health. Health data integration is completely optional.

Wearable Integration Data (WHOOP, Garmin, Oura, COROS)

Data Collected (with your consent):

When you connect a wearable device through our app, we collect data provided by your wearable's API, which may include:

  • Recovery scores and readiness metrics
  • Heart rate variability (HRV) and resting heart rate
  • Sleep duration, efficiency, and sleep stage data
  • Daily strain and training load
  • Blood oxygen (SpO2) and skin temperature
  • Workout activity and energy expenditure

How Wearable Data Is Processed:

  • Wearable data is stored securely on our servers (hosted by Supabase)
  • To generate AI coaching insights, de-identified health metrics (with personal identifiers removed) are sent to OpenAI, Anthropic/Claude, xAI/Grok, Google/Gemini, and Qwen (via OpenRouter)
  • AI service providers process data transiently via API — they do not store, retain, or use your health metrics for training AI models
  • Physiological embeddings (mathematical representations, not raw health values) are stored in Pinecone vector database for long-term coaching personalization, and deleted upon account deletion
  • AI providers use your data solely to generate coaching recommendations for you, under strict data processing agreements

Connecting and Disconnecting:

  • Wearable connections are initiated by you through an OAuth authorization flow
  • You can disconnect any wearable at any time from your account settings
  • When you disconnect, we stop receiving new data from that wearable and AI processing of that wearable's data ceases

Strava Integration

Data Flow:

The Strava integration is outbound-only. Trayne sends completed workout summaries to your Strava account when you finish a workout. We do not import or read data from Strava.

What Data Is Sent to Strava:

  • Activity type (e.g., run, swim, strength training)
  • Workout duration
  • Distance (when applicable)
  • Activity title and description

AI/ML Processing:

Strava data is NOT used for AI or machine learning processing. The integration exists solely to post your completed workouts to your Strava activity feed.

Connecting and Disconnecting:

  • You connect Strava through an OAuth authorization flow initiated by you
  • You can disconnect Strava at any time from Menu → Account Settings → Integrations
  • When you disconnect, Trayne stops posting activities to Strava. Previously posted activities remain on Strava and must be removed directly from Strava if desired.

Garmin AI Transparency

Data Collected (with your consent):

When you connect your Garmin device, we collect the following data via the Garmin Connect API:

  • Activity data (workouts, GPS routes, pace, heart rate during exercise)
  • Daily summaries (steps, calories, active minutes, intensity minutes)
  • Sleep data (duration, sleep stages, sleep score)
  • Stress levels and body battery
  • Heart rate variability (HRV) and resting heart rate
  • VO2 max estimates

How Garmin Data Is Processed by AI:

  • Garmin data is processed through our context pipeline to generate personalized training adjustments. De-identified metrics are sent to AI providers (primarily xAI/Grok for health insight summarization) to produce coaching recommendations.
  • Physiological embeddings derived from Garmin metrics are stored in Pinecone for long-term coaching personalization.
  • Training facts extracted from Garmin data may be stored in Neo4j (knowledge graph) for pattern recognition across your training history.
  • AI providers process data transiently via API and do not store or train on your Garmin data.

How to Disconnect Garmin:

  1. Open the Trayne app
  2. Navigate to Menu → Account Settings → Integrations
  3. Tap "Disconnect" next to Garmin

When you disconnect, we stop receiving new data from Garmin and AI processing of Garmin data ceases immediately. Previously collected data remains until you delete your account.

Push Notifications

Data Collected: Device push notification token

Purpose: To deliver weekly training plans and daily workout adjustments directly to your device

Storage: Tokens are stored securely and only used for sending you notifications about your training

SMS Text Messaging (Trayne AI Coaching SMS)

Data Collected: Phone number, SMS message content, and SMS opt-in status/timestamps

Purpose: To deliver optional AI coaching text messages including coaching replies, workout reminders, and plan updates

Processing: SMS delivery is handled by Twilio. Message content is processed by Trayne's AI pipeline to generate coaching responses

Opt-In Flow: Users opt in inside the Trayne iOS app at Menu → Settings → Text Coaching by entering a phone number, checking an unchecked-by-default consent box, and verifying the number with a one-time code

Message Frequency: Varies based on user-initiated interactions and account-related coaching notifications

Rates: Standard message and data rates may apply

Opt Out: Reply STOP to any message, or disconnect SMS coaching in the Trayne app

Help: Reply HELP or contact support@trayne.ai

Public Opt-In Details: See trayne.ai/sms-coaching for the public opt-in workflow summary and sample messages

Retention: We retain SMS linkage data while your SMS coaching connection is active. It is deleted or deactivated when you opt out or delete your account.

Mobile Information Sharing: No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Device Information

Data Collected:

  • Device identifier (for authentication)
  • iOS version
  • App version

Purpose: To maintain your session, ensure compatibility, and troubleshoot technical issues

Not Used For: Tracking or advertising purposes

Background Data Sync

The Trayne iOS app uses background data sync to:

  • Update your training sessions based on newly recorded health data
  • Deliver weekly training plans when they're generated
  • Read your workout history, activity data, and health metrics from Apple Health to personalize your training plans

Third-Party Services (Mobile App)

Supabase: Provides authentication and secure database hosting for your account and training data

AI Service Providers: We use multiple AI providers to generate personalized training plans and coaching insights, including OpenAI (plan editing, context processing), Anthropic/Claude (weekly planning, onboarding, daily adjustments), xAI/Grok (health insight summarization, memory system), Google/Gemini (web research, session creation, memory contextualization), Qwen (text embeddings), and Perplexity (deep research). Health data is de-identified (personal identifiers removed) before being sent to these providers. AI service providers process data transiently via API and are contractually prohibited from storing or training on your health data. Physiological embeddings are stored in Pinecone (vector database) and long-term training facts in Neo4j (knowledge graph) until account deletion. See Section 10: AI Transparency Statement for full details.

Apple HealthKit: Provides access to your health data (you control what data you share)

Google Sign-In SDK: Enables Google authentication option (optional)

PostHog (Product Analytics): We use PostHog to understand how users interact with the app, including feature usage events, screen views, and session recordings. Session recordings automatically mask text inputs to protect sensitive information. User identifiers are anonymized. PostHog helps us identify usability issues and improve the product. You can opt out of analytics tracking from Menu → Account Settings → Privacy. See PostHog's Privacy Policy.

Firebase Crashlytics (Google): We use Firebase Crashlytics to monitor app stability and detect crashes. Crashlytics collects crash reports (including stack traces, device model, and OS version), app performance metrics, and anonymized diagnostic data. This service is automatically enabled for all users as it is essential for maintaining app reliability. See Firebase Privacy Policy.

WisprFlow (Voice Transcription): When you use voice input to create or modify training sessions, your audio is processed by WisprFlow for transcription. Audio recordings are only captured when you actively initiate voice input, and audio is processed transiently — it is not stored after transcription is complete. You can always type instead of using voice input, and microphone access can be revoked at any time via iOS Settings → Privacy & Security → Microphone → Trayne.

Data Security: All data transmitted between your device and our servers is encrypted using industry-standard HTTPS/TLS protocols.

Your Data Rights

Access Your Data

You can view all your training plans, workout history, and account information within the app.

Delete Your Data

You have the right to delete your account and all associated data at any time:

  1. Open the Trayne app
  2. Navigate to Menu → Account Settings
  3. Tap "Delete Account"
  4. Confirm deletion

When you delete your account:

  • All your training plans, workout history, and personal data will be permanently deleted within 30 days
  • Your health data stored on our servers will be deleted
  • Physiological embeddings stored in Pinecone (vector database) will be deleted
  • Training facts stored in Neo4j (knowledge graph) will be deleted
  • Activities posted to Strava will remain on Strava and must be removed directly from Strava if desired
  • Your Apple Health data remains in Apple Health (we never delete data from Apple Health)
  • OAuth tokens (Google, Apple Sign-In) will be revoked
  • This action cannot be undone

Revoke Health Data Access

You can revoke Trayne's access to Apple Health at any time:

  1. Open iPhone Settings → Privacy & Security → Health → Trayne
  2. Turn off access for specific data types or all data
  3. Trayne will continue to work, but won't receive health data updates

Disconnect Wearable Integrations

You can disconnect any wearable integration (WHOOP, Garmin, Oura, COROS) at any time:

  1. Open the Trayne app
  2. Navigate to Menu → Account Settings → Integrations
  3. Tap "Disconnect" next to the wearable you want to remove

When you disconnect a wearable:

  • We stop receiving new data from that wearable
  • AI processing of that wearable's data ceases immediately
  • Previously collected data remains until you delete your account

Data Retention

  • Active accounts: We retain your data for as long as your account is active
  • Deleted accounts: Data is permanently deleted within 30 days of account deletion request
  • Health data: Deleted immediately when you revoke HealthKit permissions or delete your account

5. Your Privacy Controls and Rights

Manage Your Settings

Control visibility, notifications, and data sharing preferences through your account settings.

Access and Deletion Requests

You can request access to your data or ask us to delete your account and associated personal information.

Withdraw Consent

Where consent is required, you can withdraw it at any time (e.g., for health data collection).

6. Data Retention and Security

We retain your information only as long as necessary to provide the Services or as required by law. We take reasonable technical and organizational measures to safeguard your data from unauthorized access, disclosure, or misuse.

7. Children's Privacy

Our Services are not intended for children under the age of 13 (or as defined by applicable law). We do not knowingly collect personal data from children. If we become aware of such data, we will delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy periodically. If we make material changes, we will notify you through the Services or via email. Continued use of the Services after an update constitutes your acceptance of the revised policy.

9. Contact Us

For questions about this Privacy Policy or our privacy practices, please contact:

Trayne

302-668-0717

liam@trayne.ai

10. AI Transparency Statement

Trayne uses artificial intelligence to generate personalized training plans, coaching recommendations, and health insights. This section describes how your data is processed by AI systems, in compliance with wearable partner data usage requirements and Apple App Store guidelines.

AI Service Providers

We use the following third-party AI services to process your data:

  • Anthropic / Claude — Weekly plan generation, onboarding questionnaire analysis, and daily training adjustments. Claude processes your training goals, fitness background, and recovery data to create and adapt personalized training plans.
  • OpenAI (GPT) — Plan editing, context pipeline processing, and session generation. Handles workout modifications, structured data extraction, and real-time session adjustments.
  • xAI / Grok (via OpenRouter) — Health insight summarization from wearable data (Garmin, WHOOP, Oura, Apple Health), automated weekly planning, and memory system fact extraction and classification.
  • Google / Gemini (via OpenRouter) — Web research for training methodologies, manual session creation from freeform input, memory contextualization, and exercise help descriptions.
  • Qwen (via OpenRouter) — Creates text embeddings (mathematical vector representations) for semantic search across your training data and memory system.
  • Perplexity (via OpenRouter) — Deep research for training science, exercise methodologies, and evidence-based coaching recommendations.
  • Pinecone — Vector database that stores physiological embeddings (mathematical representations only, not raw health values) and memory embeddings for coaching personalization and semantic retrieval. All data is deleted upon account deletion.
  • Neo4j — Knowledge graph database that stores long-term training facts and patterns (e.g., injury history, training preferences, goal progression) with temporal validity tracking. All data is deleted upon account deletion.

What Data Is Sent to AI Providers

When generating training plans or coaching insights, we send de-identified health metrics to AI providers. This includes data such as HRV, sleep scores, recovery scores, training load, and workout history. We never send your name, email address, account credentials, or other personally identifying information to AI providers.

How Your Data Is Used by AI Providers

  • AI providers process your data transiently via API — data is processed and discarded, not stored on their servers.
  • Your data is NOT used for AI model training. We use API-only access, which is contractually excluded from training data pipelines.
  • All AI providers operate under strict data processing agreements that prohibit storing, retaining, or repurposing your health data.

Data Retention

  • AI providers (Anthropic, OpenAI, xAI, Google, Qwen, Perplexity): Process data transiently via API. No health data is retained after the API response is returned.
  • Pinecone: Stores physiological and memory embeddings until you delete your account. Embeddings are mathematical vectors and cannot be reverse-engineered into raw health data.
  • Neo4j: Stores training facts and patterns until you delete your account. Facts include temporal validity tracking and are permanently deleted upon account deletion.

Your Control Over AI Processing

You control whether and how your data is processed by AI systems:

  • Disconnect individual integrations: Disconnecting a wearable (Garmin, WHOOP, Oura, COROS) or Strava from Menu → Account Settings → Integrations immediately stops AI processing of that integration's data and ceases any outbound data flow.
  • Revoke Apple HealthKit access: Go to iPhone Settings → Privacy & Security → Health → Trayne to stop health data from being sent to AI providers.
  • Stop all AI processing: Disconnecting all integrations and revoking HealthKit access stops all health-data-based AI processing. Training plan generation and coaching will continue based on your profile information and manually entered data.
  • Delete your account: Deleting your account permanently removes all stored data — including Pinecone embeddings, Neo4j training facts, and all personal data — within 30 days. Navigate to Menu → Account Settings → Delete Account.

Medical Disclaimer

AI-generated training plans and coaching recommendations are for informational and fitness purposes only. They do not constitute medical advice. Always consult a qualified healthcare professional before starting or modifying an exercise program, especially if you have any medical conditions or concerns.

Partner Privacy Policies

If you connect a wearable device or third-party service, your data is also subject to that provider's privacy policy: