Privacy Policy
Last updated: June 20, 2026
Spiniq ("we", "us", "our") operates the Spiniq mobile application (the "App"). This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information.
1. Data We Collect
1.1 Account Data
When you sign in with Google, we collect:
- Email address and display name from your Google account
- A Firebase UID (a unique identifier generated by Firebase Authentication)
This data is stored in Firebase Authentication and on our backend server.
1.2 Fitness Data
- FTP (Functional Threshold Power): You enter this value manually. It is stored locally on your device and on our backend server.
- Heart rate, power, and cadence: Collected in real time from Bluetooth Low Energy (BLE) fitness devices during workouts. This data is held in memory during your session and written to local log files on your device. It is not sent to our servers.
- Workout configuration: Duration and effort level selections are sent to our backend to produce a personalized workout plan.
1.3 Workout Records
When you start a workout, a record (title, duration, FTP, effort level, status, timestamps) is created on our backend and associated with your account.
1.4 BLE Device Data
During Bluetooth scanning, device names and MAC addresses of nearby BLE fitness devices are read. This data is held in memory and may be written to local log files. It is not sent to our servers.
1.5 Local Log Files
The App writes timestamped log files to your device's cache directory. These logs may include BLE connection events, raw sensor data, device names, and device MAC addresses. Log files are only exported if you explicitly choose to do so using Android's file picker.
1.6 Feedback and Diagnostic Data
When you submit feedback or the App crashes, we collect the feedback message and any attachments you choose to include, plus diagnostic information (device model, OS version, app version, network type, battery and memory status, and a log of recent in-app activity). This data is processed by Shake, our third-party feedback and crash-reporting provider (see Section 4).
2. Data We Do Not Collect
- GPS or location data (fine-location permission is required by Android for BLE scanning only)
- Photos, camera, or microphone data
- Contacts or calendar data
- Device identifiers (IMEI, Android ID, advertising ID)
- Continuous analytics or behavioral usage tracking
3. How We Use Your Data
| Data | Purpose |
|---|---|
| Email and display name | Identify your account and personalize the App |
| FTP | Calculate workout power zones and generate workouts |
| Heart rate, power, cadence | Display real-time metrics during your workout |
| Workout configuration | Generate personalized workout plans on our server |
| Workout records | Maintain your workout history |
4. Third-Party Services
| Service | Provider | Data Shared | Purpose |
|---|---|---|---|
| Firebase Authentication | Google LLC | Email, display name, Google ID token | User sign-in and authentication |
| Google Sign-In | Google LLC | Google account selection | Authentication flow |
| Spiniq Backend API | Spiniq | Account data, FTP, workout configuration | Workout generation and history |
| Shake | shakebugs.com | Feedback messages, screenshots, device diagnostics, crash reports | In-app feedback and crash reporting |
We do not use any third-party advertising or behavioral analytics services.
5. Data Storage and Security
- Backend data is stored on our servers at
api.spiniq.appand transmitted over HTTPS. - Local data is stored on your device. Android's auto-backup may back up local data to your Google Drive; you can disable this in Android settings.
- Authentication tokens are short-lived and handled by Firebase Authentication.
6. Data Retention
Account and workout data is retained on our servers for as long as your account exists. Local log files are stored in the device cache and may be cleared by the operating system or by you at any time.
7. Data Sharing
We do not sell, rent, or share your personal data with third parties for marketing purposes. Data is only shared with the services listed in Section 4, solely for the purposes described.
8. Your Rights
You have the right to access, correct, or delete your data by contacting us. If you are in the European Economic Area (EEA), you may also have additional rights under the GDPR, including the right to data portability and to lodge a complaint with a supervisory authority.
9. Children's Privacy
The App is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe we have collected such data, please contact us so we can delete it.
10. Permissions
| Permission | Reason |
|---|---|
| Internet | Communicate with our servers and Firebase |
| Bluetooth Scan | Discover nearby BLE fitness devices |
| Bluetooth Connect | Connect to BLE fitness devices |
| Fine Location | Required by Android for BLE scanning; no location data is collected or stored |
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top. Continued use of the App after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, contact us at: info@spiniq.app