Privacy Policy

ActivePath ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using ActivePath, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

Personal Information

When you create an account, we collect:

• Email address (required for authentication)
• Full name and username
• Profile picture (optional)
• Date of birth and gender (optional)
• Height and weight (optional, for calorie calculations)

Location Data

To provide our core services, we collect:

• Your home/default location for route generation
• Exploration locations you choose to save
• Real-time GPS coordinates during active workouts (including timestamp, altitude, accuracy, speed, and heading)
• Complete GPS track data for workout history

Fitness and Activity Data

• Workout type (running, walking, cycling, hiking)
• Duration, distance, pace, and calories burned
• Heart rate data (if Apple HealthKit integration is enabled)
• Elevation gain/loss during workouts
• Fitness level, goals, and activity preferences
• Route preferences (scenic, flat, hilly, loop, etc.)

Technical Data

• Device information and identifiers
• IP address and user agent
• Login attempt records for security purposes
• App usage and interaction data

We use the information we collect to:

• Generate personalized AI-powered routes based on your preferences and fitness level
• Track and record your workouts and fitness progress
• Provide real-time navigation and route guidance
• Calculate statistics like calories burned, pace, and distance
• Enable voice-controlled route creation
• Sync workout data with Apple HealthKit (if enabled)
• Display your achievements on leaderboards (if profile is public)
• Send you notifications about workouts, routes, and updates
• Improve our Service and develop new features
• Ensure the security and integrity of our Service

We share your data with the following third-party service providers:

Supabase (Database & Authentication)

We use Supabase to store your account information, workout data, and route history. All data is encrypted in transit and at rest.

Mapbox (Mapping & Navigation)

Mapbox receives your location coordinates to render maps and generate route directions. This includes your start/end points and activity type for optimal routing.

VAPI (Voice AI)

When you use voice commands to create routes, your voice data is processed by VAPI. This includes voice recordings and transcripts of your route generation requests.

Apple HealthKit

With your permission, we read and write workout data to Apple Health. This integration is bidirectional and includes heart rate, distance, duration, and calorie data. Health data is never shared with other third parties.

Your data is stored and protected as follows:

• Cloud Storage: User data is stored in secure Supabase PostgreSQL databases
• File Storage: Profile pictures are stored in encrypted Supabase Storage buckets
• Local Storage: Authentication tokens are stored securely on your device
• Encryption: All data transmission uses HTTPS/TLS encryption
• Authentication: We use passwordless magic link authentication for enhanced security

We retain your personal information for as long as your account is active or as needed to provide you services. Workout history and GPS tracking data are stored indefinitely unless you request deletion.

If you delete your account, all associated data will be permanently removed from our systems, including your profile, workouts, routes, and statistics.

Depending on your jurisdiction (GDPR, CCPA, etc.), you have the following rights:

• Access: Request a copy of all personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Deletion: Request permanent deletion of your data ("Right to be Forgotten")
• Data Portability: Receive your data in a machine-readable format
• Restrict Processing: Request limitation of how we use your data
• Withdraw Consent: Opt out of data processing at any time

To exercise these rights, contact us at privacy@activepath.ai. We will respond within 30 days.

ActivePath provides the following privacy controls within the app:

• Public Profile Toggle: Choose whether your profile is visible to other users
• Workout Sharing: Control if completed workouts appear on your public profile
• Notification Preferences: Manage email, push, and marketing notifications
• Data Export: Download a complete copy of your data (profile, workouts, routes)
• Account Deletion: Permanently delete your account and all associated data

ActivePath requires location access to function. We request the following permissions:

• When In Use: Show your position on the map and track active workouts
• Always (Optional): Enable background tracking during workouts so you can use other apps

You can manage location permissions at any time in your device settings. Disabling location access will limit core functionality.

ActivePath can integrate with Apple HealthKit to enhance your fitness tracking:

• Read: We may read your workout history, heart rate data, and health statistics
• Write: We save completed workouts including distance, duration, calories, and heart rate

HealthKit data is never shared with third parties or used for advertising. This integration is optional and can be disabled at any time.

ActivePath is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our Service, you consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Privacy Inquiries: privacy@activepath.ai
• General Support: support@activepath.ai