Privacy Policy
Last updated: January 2025
Introduction
RaceIQ Live ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our real-time race intelligence platform for indoor cycling.
By using RaceIQ Live, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies, please do not use our service.
Information We Collect
Account Information
When you sign in with Strava, we receive and store:
- Your Strava athlete ID
- Your name and profile picture
- Your email address (if provided by Strava)
- OAuth tokens to access your Strava data
Activity Data from Strava
With your permission, we access your Strava activities to build your power profile:
- Historical cycling activities with power data
- Power streams and metrics from your rides
- Activity metadata (date, duration, type)
We only access activities that contain power meter data. We do not post to your Strava account or access your social features.
Real-Time Sensor Data
During live sessions, we collect data from your connected Bluetooth sensors:
- Power meter readings (watts)
- Heart rate monitor readings (BPM)
- Cadence data (RPM)
- Timestamps for each measurement
Derived Metrics
We calculate and store performance metrics including:
- Critical Power (CP) and W' (W-prime) estimates
- Functional Threshold Power (FTP)
- Mean Maximal Power (MMP) curves
- Session summaries and fatigue model data
Technical Data
We automatically collect:
- Browser type and version
- Device information
- IP address (for security and rate limiting)
- Usage patterns and feature interactions
How We Use Your Information
We use the collected information to:
- Provide real-time race intelligence during your cycling sessions
- Calculate your power profile and fatigue models
- Track W'bal, effective CP, and other race metrics
- Improve the accuracy of our predictions over time
- Authenticate your account and maintain your session
- Send service-related communications (if you opt in)
- Improve and optimize our platform
- Detect and prevent fraud or abuse
Data Storage and Security
Your data is stored securely using industry-standard practices:
- All data is encrypted in transit using TLS/HTTPS
- Sensitive data (OAuth tokens) is encrypted at rest
- Passwords are hashed using Argon2 (industry-leading algorithm)
- We use secure, access-controlled database systems
- Real-time sensor data is processed in memory and only aggregated metrics are stored
While we implement strong security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.
Data Retention
We retain your data as follows:
- Account data: Retained while your account is active
- Power profile data: Retained to provide accurate predictions
- Session data: Aggregated metrics retained for 90 days
- Raw sensor data: Not stored; processed in real-time only
When you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.
Third-Party Services
Strava
We integrate with Strava for authentication and activity data. When you connect your Strava account, you are also subject to Strava's Privacy Policy. You can disconnect your Strava account at any time from your profile settings.
Analytics
We may use analytics services to understand how users interact with our platform. These services collect anonymized usage data to help us improve the user experience.
Cookies and Local Storage
We use minimal cookies and local storage:
- Authentication cookies: Essential for keeping you logged in
- Theme preference: Stored locally to remember your dark/light mode choice
We do not use advertising cookies or tracking pixels.
Your Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data
- Portability: Request your data in a portable format
- Objection: Object to certain processing of your data
- Withdraw consent: Withdraw consent where processing is based on consent
To exercise these rights, please contact us at privacy@raceiq.live.
Children's Privacy
RaceIQ Live is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.
Contact Us
If you have any questions about this Privacy Policy, please contact us:
- Email: privacy@raceiq.live