FE26

Privacy Policy

Effective date: March 11, 2026

1. Who We Are

FE26 - Endurance Training (“FE26,” “we,” “our,” or “us”) operates fe26.org and the FE26 training plan application. This Privacy Policy explains how we collect, use, store, disclose, and protect personal data when you use our website, application, and related services (collectively, the “Services”).

If you have questions about this Privacy Policy or would like to exercise your privacy rights, contact us at privacy@fe26.org.

2. Data We Collect

We may collect the following categories of data:

  • Account data: your email address, display name, and profile photo from your Google sign-in or other supported authentication methods.
  • Profile data: information you provide about yourself and your training, such as age, gender, weight, event goals, fitness preferences, and onboarding responses.
  • Training plan data: your training goals, event dates, workout preferences, generated plans, plan adjustments, and related notes or settings.
  • Strava data: if you connect your Strava account, we may collect Strava profile data and activity data made available to us through the Strava API, such as workout title, sport type, date, distance, duration, speed, heart rate, and route polyline, to provide Strava-connected features inside FE26.
  • Usage and device data: pages visited, app interactions, approximate device/browser information, feature usage, diagnostics, crash reports, and error logs.
  • Payment and billing data: subscription and billing details processed by Stripe. We do not store full payment card numbers.
  • Support communications: information you send us when you contact support or otherwise communicate with us.

3. How We Use Your Data

  • To create, display, and manage your personalized training plans.
  • To sync and display your Strava activity data on your personal dashboard and compare your activities against your plan.
  • To authenticate your account and keep the Services secure.
  • To send transactional and service-related communications, such as account notices, activity notifications, and subscription updates.
  • To process payments and manage subscriptions.
  • To respond to support requests and troubleshoot issues.
  • To maintain, monitor, improve, and secure the reliability and performance of the Services.
  • To comply with legal obligations and enforce our Terms and other policies.

We do not use your Strava data or other personal data to train general-purpose AI or machine learning models. We do not sell, license, rent, or otherwise monetize your personal data to advertisers, data brokers, or other third parties.

4. Legal Bases for Processing (EEA / UK / Similar Jurisdictions)

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we generally process your personal data on one or more of the following bases:

  • Performance of a contract: to provide the Services you request, such as account access, training plan generation, subscription management, and Strava-connected features.
  • Legitimate interests: to secure, maintain, and improve the Services; prevent fraud; provide support; and operate our business responsibly, where those interests are not overridden by your rights.
  • Consent: where required by law, including when you choose to connect third-party services such as Strava or when we request consent for specific processing.
  • Legal obligations: where processing is necessary to comply with applicable law, regulation, or lawful requests.

5. Strava Integration

FE26 integrates with the Strava API to enable Strava-connected features. By connecting your Strava account, you authorize FE26 to access and process the Strava data you permit through Strava’s authorization flow.

  • Your Strava data is displayed only to you within your FE26 account, unless you separately choose to share something outside the Services.
  • We use Strava data only to provide Strava-connected functionality within FE26, such as importing activity history, displaying your activities, and comparing completed workouts against your training plan.
  • We do not use Strava data for advertising, data brokerage, or AI model training.
  • You can disconnect Strava at any time from your profile settings. If you disconnect Strava, we will delete associated Strava-derived data from our active systems, subject only to limited retention in backups as described below.
  • If you revoke FE26’s access from within Strava, we will treat that as a disconnection request and delete associated Strava-derived data from our active systems, subject only to limited retention in backups as described below.
  • We may periodically re-validate Strava-derived data and remove activities or related records that no longer exist or are no longer accessible through Strava.
  • Strava notice: Strava may independently collect usage data related to FE26’s access to the Strava API. Please review Strava’s Privacy Policy for details about Strava’s own privacy practices.

6. Data Retention

We retain personal data only for as long as reasonably necessary to provide the Services, fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, enforce our agreements, and maintain appropriate business and financial records.

  • Account and training data: retained while your account remains active and for a reasonable period afterward as needed for legitimate business and legal purposes.
  • Strava-derived data: retained while your Strava connection is active and while needed to provide Strava-connected features. If you disconnect Strava, revoke access, or delete your account, we will delete associated Strava-derived data from our active systems.
  • Backups: deleted data may remain in encrypted backups for up to 7 days before those backups are overwritten or purged in the normal backup rotation cycle.
  • Usage logs and diagnostics: retained for a limited period as needed for security, debugging, abuse prevention, and service reliability.

Where technically feasible and legally required, we will honor deletion requests sooner. We may retain limited information where necessary to comply with law, resolve disputes, prevent fraud or abuse, collect amounts owed, or enforce our agreements.

7. How We Share Data

We share personal data only as reasonably necessary to operate the Services, comply with law, or protect our rights.

We do not sell your personal data, and we do not share it with advertisers or data brokers for their own independent marketing or commercial use.

8. International Data Transfers

FE26 and our service providers may process personal data in countries other than the country where you live. Those countries may have data protection laws that differ from the laws of your jurisdiction.

Where required by applicable law, we take appropriate steps to protect personal data transferred internationally, including by relying on contractual protections, provider commitments, and other safeguards recognized under applicable law.

9. Security

We use commercially reasonable technical, administrative, and organizational safeguards designed to protect personal data, including HTTPS encryption in transit, access controls, and protection of sensitive credentials and tokens. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your personal data
  • Object to or restrict certain processing
  • Request portability of certain personal data
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with your local data protection authority, where applicable

To exercise these rights, contact privacy@fe26.org. We will respond within a reasonable period and, where required by law, within the timeframe required by applicable law.

11. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to us, contact privacy@fe26.org and we will take appropriate steps to investigate and, if necessary, delete the information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make a material change, we will update the effective date above and may also provide additional notice, such as by email or in-product notice, where appropriate or required by law. Where required by law, we will seek your consent before applying material changes to how we process your personal data.

13. Contact

If you have questions, support requests, or privacy-related concerns, contact us at privacy@fe26.org or support@fe26.org.