Privacy Policy

Last updated: 26 March 2026

1. About this Policy

We Jog ("we", "us", "our") operates the We Jog web application. This Privacy Policy explains how we collect, use, disclose and protect your personal information when you use our service. We are committed to complying with the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable international privacy laws including the EU General Data Protection Regulation (GDPR) and UK GDPR where they apply.

2. Information We Collect

Account Information

  • Email address (used for authentication via magic link)
  • Display name (optional)

Training & Fitness Data

  • VDOT scores and race results you enter
  • Planned workouts and training schedules you create
  • Activity data synced from third-party services (e.g. Strava), including distance, duration, pace, heart rate, and activity type

Technical Data

  • Browser type and version
  • IP address
  • Device information
  • Usage patterns and page views (via privacy-respecting analytics)

3. How We Use Your Information

We use your personal information to:

  • Provide, maintain and improve the We Jog service
  • Authenticate your identity and manage your account
  • Calculate training paces and display your fitness data
  • Sync data with connected third-party services at your request
  • Send service-related communications (e.g. authentication emails)
  • Ensure security and prevent misuse of the service

We do not use your data for advertising or sell your personal information to third parties.

4. Third-Party Services

We Jog integrates with the following third-party services when you choose to connect them:

  • Strava — When you connect your Strava account, we receive activity data (distance, duration, pace, heart rate) via the Strava API. You can disconnect at any time from Settings.
  • Garmin Connect — When you connect your Garmin account, we may send planned workouts to your Garmin device and receive activity data. You can disconnect at any time from Settings.
  • Supabase — Provides our database and authentication infrastructure. Your data is stored securely in Supabase's cloud infrastructure.
  • Vercel — Hosts our application. Standard server logs may be collected.

5. Data Storage & Security

Your data is stored in secure cloud infrastructure provided by Supabase, with servers located in regions that comply with applicable data protection standards. We implement appropriate technical and organisational measures to protect your personal information, including:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest for stored data
  • Row-level security policies restricting data access to authorised users
  • Secure token storage for third-party service connections

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. If you delete your account, we will delete or anonymise your personal information within 30 days, unless we are required by law to retain it.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access — Request a copy of the personal information we hold about you
  • Correction — Request correction of inaccurate or incomplete information
  • Deletion — Request deletion of your personal information
  • Portability — Request your data in a structured, machine-readable format
  • Objection — Object to the processing of your personal information
  • Withdrawal of Consent — Withdraw consent at any time where processing is based on consent

Australian residents: Under the Privacy Act 1988, you have the right to access and correct your personal information. You may also complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

EU/UK residents: Under the GDPR, you have additional rights including the right to restrict processing and to lodge a complaint with your local data protection authority.

8. International Data Transfers

Your data may be transferred to, and processed in, countries other than your country of residence. Where we transfer personal information internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection laws, including standard contractual clauses where required.

9. Cookies & Local Storage

We use essential cookies and browser local storage to maintain your authentication session and store user preferences (such as your last calculator input). We do not use tracking cookies or third-party advertising cookies.

10. Children's Privacy

We Jog is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

11. Changes to this Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: hello@we-jog.com