Privacy Policy
Your training data is yours. We protect it with enterprise-grade security and never sell it to third parties.
Data Protection
Enterprise-grade security for your training data
Never Sold
Your data is never sold to third parties
Full Transparency
Complete visibility into data usage
Your Control
Delete your data anytime, no questions
Last updated: September 29, 2025 · Effective date: September 29, 2025
1. Introduction
Gijima ('we', 'our', or 'us') is committed to protecting your privacy and being transparent about how we handle your training data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our intelligent training platform.
By using Gijima, you consent to the data practices described in this policy. If you do not agree with our policies and practices, please do not use our service.
2. Information We Collect
Personal Information
- Account information: Name, email address, and profile details
- Athletic profile: Age, fitness goals, training preferences, and race targets
- Payment information: Billing details processed securely through Stripe
- Communication data: Support requests and AI coaching interactions
Training Data
- Activity data: Running, cycling, and other activities from Strava or manual entry
- Performance metrics: Pace, distance, heart rate zones, power data, and cadence
- Advanced analytics: Threshold pace detection, training load, and fitness scores
- GPS data: Location information for outdoor activities (if permitted)
Third-Party Integrations
- Strava: Activity history, segments, and athlete profile (with your permission)
- Other platforms: Data from connected fitness devices and apps
3. How We Use Your Information
Training Intelligence
- Generate personalized training insights and AI coaching recommendations
- Detect threshold pace and create personalized training zones
- Optimize workout schedules based on your fitness and recovery
- Analyze performance trends and provide predictive insights
- Calculate fitness scores using our multi-component system
Service Operations
- Maintain your account and subscription
- Provide customer support and respond to inquiries
- Send training reminders and progress updates
- Improve our algorithms and develop new features
4. Data Sharing and Disclosure
We Never Sell Your Data
Your personal information and training data are never sold, rented, or traded to third parties for marketing or any commercial purposes.
Service Providers
We share data with trusted providers who help us operate:
- Neon Database: Secure cloud database for data storage
- Vercel: Platform hosting and infrastructure
- Stripe: Payment processing (PCI compliant)
- OpenAI: AI services for training insights (anonymized data only)
Legal Requirements
We may disclose information when required by law, court order, or to protect rights and safety.
5. Data Security
We implement industry-standard security measures:
- Encryption: TLS/SSL for data in transit, encryption at rest
- Authentication: Secure login with Clerk Auth
- Access controls: Role-based permissions and restricted access
- Infrastructure: Secure cloud hosting with Vercel
- Compliance: PCI DSS standards for payment processing
6. Your Rights and Control
You Can Always:
- Access and download your complete training data
- Update or correct your personal information
- Delete your account and all associated data
- Export your data in standard formats (TCX, FIT, GPX, CSV)
- Disconnect third-party integrations like Strava
- Opt-out of marketing communications
Data Deletion
You can request complete deletion of your data at any time. We'll process your request within 30 days and send confirmation once complete.
7. Data Retention
We retain your data only as long as necessary:
- Active account data is kept while your account remains open
- After account deletion, data is removed within 30 days
- Some anonymized, aggregated data may be retained for analytics
- Legal compliance may require retention for up to 7 years
8. International Data Transfers
Your data may be processed in countries other than your residence. We ensure appropriate safeguards through standard contractual clauses and compliance with GDPR and other data protection laws.
9. Children's Privacy
Our service is not intended for children under 16. We do not knowingly collect data from children under 16. If you believe a child has provided us with personal information, please contact us immediately.
10. Regional Privacy Rights
California Residents (CCPA)
- Right to know what personal information is collected
- Right to know if information is sold (we never sell data)
- Right to opt-out and delete personal information
- Right to non-discrimination for exercising privacy rights
European Residents (GDPR)
- Right to access, rectification, and erasure
- Right to data portability and restriction of processing
- Right to object and withdraw consent
- Right to lodge complaints with supervisory authorities
11. Cookies and Tracking
We use cookies to:
- Maintain your session and authentication
- Remember your preferences and settings
- Analyze usage patterns to improve our service
- Provide personalized training recommendations
You can control cookies through browser settings, though some features may be limited without them.
12. Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. We'll notify you of material changes via email or platform notification. Continued use after changes indicates acceptance.
13. Contact Us
For privacy questions, to exercise your rights, or report concerns:
Email: justin@gijimaendurance.com
Support: justin@gijimaendurance.com
Response Time: Within 30 days for privacy requests
This Privacy Policy is effective as of September 29, 2025