Privacy Policy for Your Trainer
Last Updated: May 31, 2026 (newsletter disclosure added)
Your Trainer ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how your information is handled within the Your Trainer Android application.
1. Our "Local-First" Commitment
Your Trainer is designed with Data Sovereignty as a core principle. Unlike many fitness applications, Your Trainer does not use centralized cloud servers to store your personal fitness data, workout history, or identity profiles. Your data remains on your device.
2. Information Collection and Use
A. Personal Data
When you create a rider profile, you may provide information such as your name, weight, and Functional Threshold Power (FTP).
- Storage: This data is stored strictly in a local database on your device.
- Purpose: This information is used to scale workout intensity to your fitness level and calculate performance metrics (e.g., Watts per Kilogram).
B. Fitness and Sensor Data
The app connects to your indoor cycling equipment (Smart Trainers and Heart Rate Monitors) via Bluetooth Low Energy (BLE).
- Data Collected: Real-time power (Watts), cadence (RPM), heart rate (BPM), speed, and distance.
- Storage: This data is recorded locally as part of your workout history.
- Sharing: We do not automatically upload or share this data with any third party.
C. Permissions
- Bluetooth/Location: Required to scan for and connect to your fitness hardware. On older Android versions, Location permission is required by the system to perform Bluetooth scans. We do not track your physical GPS location.
3. Third-Party Services
Your Trainer integrates with external services only when explicitly initiated by you:
- Google Play Billing: We use Google Play Services for in-app purchases. Google collects transaction data according to their own privacy policy.
- Strava / External Platforms: If you choose to export a ride to Strava, the app will transmit the selected workout file to Strava's servers. This only happens upon your manual request.
- AI Workout Coach (BYOK): If you use the AI Workout Builder, the app sends your text prompt to the AI provider (Google Gemini, OpenAI, or Anthropic) using your own API key. No personal identifiers are sent with these prompts unless you include them in the text.
- Your Trainer MCP Service: We operate an MCP (Model Context Protocol) service at
mcp.your-applications.com/your-trainer. It is used by some in-app AI features (workout authoring, history queries, post-ride analysis) to handle deterministic format work that AI providers shouldn't be asked to do directly. The service is stateless — no data is retained after a request completes — and is only invoked when you explicitly use a feature that requires it. Calls send the minimum data needed for the request (e.g. a workout intent for the AI Workout Builder, dated TSS values for training-load context) and never include personal identifiers. - Buttondown — newsletter (website only, not in the app): The newsletter sign-up form on our website (not in the Android app) posts your email address to Buttondown, the email service we use to send launch announcements and occasional product updates. Buttondown stores your email address and standard opt-in metadata (timestamp + IP for consent record-keeping per their terms); no other data is shared from us. Newsletter signup uses Buttondown's standard double-opt-in: you submit the form, Buttondown sends a confirmation email, and you're added to the list only after you click the confirmation link. You can unsubscribe at any time via the link at the bottom of every newsletter, or email [email protected] and we'll remove your address from Buttondown on your behalf. Buttondown's own privacy policy: buttondown.com/privacy. This surface is separate from in-app data — subscribing to the newsletter does not link your email address to any ride data on your tablet.
4. Data Security
We use industry-standard encryption (Android's Security-Crypto library) to protect sensitive information like your private API keys on your device. However, because your data is stored locally, the security of your data also depends on the security of your physical device.
5. Data Retention and Deletion
Since we do not store your data on our servers, we cannot delete it for you. You have full control:
- You can delete individual workouts or user profiles within the app settings.
- Uninstalling the app will remove all locally stored data.
6. Changes to This Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.
7. Contact Us
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us: