Privacy Policy

Introduction

RØUT (“we,” “our,” or “the App”) is developed by David Capp, an independent developer committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our iOS and watchOS application and our website (collectively, the “Service”).

RØUT is designed with a privacy-first, local-first approach. We collect only the minimum data necessary to record your runs, let you race your personal best as a ghost, and generate a post-run coaching debrief. We do not require account creation, and your run history is stored in Apple Health and on your device.

What RØUT Does

RØUT is an iPhone and Apple Watch app that:

• Records your run using GPS and heart-rate data on Apple Watch
• Races you against a ghost of your best effort over the same distance
• Generates a post-run audio debrief using the RØUT Coach Engine, which analyses your pacing, splits, heart-rate zones, and performance versus your ghost
• Optionally uploads your run to Strava if you choose to connect your Strava account

RØUT does not generate AI running routes, and it does not provide turn-by-turn navigation.

Information We Collect

Location Data

We collect GPS coordinates on your Apple Watch during active run recording to calculate distance, pace, and your route.

• Foreground: When you start a run.
• Background (during active workouts only): Once a run is in progress, Apple Watch continues to collect location in the background via workout-processing until you finish the run. This does not require “Always” location permission.

Route coordinates are saved to Apple Health as part of the workout (see HealthKit section below). A copy is held on the Watch in encrypted local storage until it has been synced to Apple Health.

Apple HealthKit Data (on-device)

RØUT integrates tightly with Apple Health. All HealthKit data stays on your device and in your iCloud Health store — it is never transmitted to our servers.

We READ the following from the Health app (with your permission):

• Running workouts (HKWorkoutType) — used to find your personal best as the target for your next ghost race
• Workout routes (HKWorkoutRoute) — GPS tracks associated with past workouts
• Heart rate (HKQuantityType.heartRate)
• Running distance (HKQuantityType.distanceWalkingRunning)
• Active energy burned (HKQuantityType.activeEnergyBurned)
• Advanced running metrics, when supported by your Apple Watch: running speed, running power, stride length, ground-contact time, vertical oscillation, and step count

We WRITE the following to the Health app (with your permission) when you finish a run:

• A complete workout record (HKWorkout) tagged as “RØUT Run”
• The GPS route associated with the workout (HKWorkoutRoute)
• Distance, active energy, and heart-rate samples for the workout
• Advanced running metrics collected during the workout (speed, power, stride length, ground-contact time, vertical oscillation, step count)
• Ghost-race metadata (target time, target distance, actual time, and whether you beat your ghost)

You can grant or revoke any of these permissions at any time in Settings → Privacy & Security → Health → RØUT Run.

Run Data (Pre-Sync Storage on Apple Watch)

Before a workout is saved to Apple Health, the Watch app temporarily stores the workout on-device in AES-256-GCM encrypted local storage, using a key held in the iOS Keychain. Encrypted records are cleared once the workout is successfully written to Apple Health. Failed syncs are auto-deleted after 7 days.

Run Data Sent to Our Coaching Backend

To generate your post-run audio debrief, your completed run summary is sent to the RØUT AI Coaching Backend (hosted on Railway in the United States). The data sent includes:

• Run distance and duration
• Splits and pace data
• Heart-rate summary (zones and averages)
• Ghost-race result (target vs. actual)
• Weather conditions at the time of the run

The coaching response is returned to your device and cached locally using SwiftData so you can replay the debrief. The backend does not permanently store your run data beyond the time needed to generate and return the coaching response.

Strava Connection Data (Optional)

If you choose to connect your Strava account to RØUT, we store the following on your device to enable activity uploads:

• Strava access token (short-lived, refreshes approximately every 6 hours)
• Strava refresh token
• Token expiry timestamp
• Strava athlete ID (your numeric Strava user identifier)
• Strava upload records (the activity ID returned after a successful upload, stored locally so the same run is not uploaded twice)

All Strava tokens and identifiers are stored in the iOS Keychain (kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly) and are protected by iOS device encryption. They are never transmitted to RØUT servers, stored in the cloud, or synced across devices. Connecting Strava is entirely optional — RØUT works fully without it.

See “Strava Integration” below for the full detail.

Email Address (Website)

When you join our TestFlight waitlist on rout.run, we collect your email address. This is used to:

• Send a waitlist confirmation email
• Notify you when TestFlight access is available
• Send product launch updates

Emails are sent via Resend, a transactional email service. We do not sell or share your email address with third parties for marketing purposes. You can unsubscribe at any time.

Usage Analytics

We use PostHog, a privacy-focused analytics platform hosted in the European Union, to understand how the App is used and improve your experience.

• Anonymous device identifier (not linked to your identity)
• App feature usage (screens viewed, buttons tapped, ghost-race outcomes)
• Run-completion events (aggregate)
• Session replays in wireframe mode (visual layout only)

All text inputs are automatically masked and not recorded. No personally identifiable information is collected. Data is processed in EU data centres under GDPR protections.

Website Analytics

Our website uses Vercel Analytics to understand how visitors interact with the site.

Cookies (Website)

Our website uses cookies and localStorage. You can manage your preferences via our cookie consent banner:

• Essential: Required for the site to function (always enabled)
• Analytics: Help us understand site usage and improve the experience
• Marketing: Used for personalised content (optional)

Subscription Information

If you subscribe to RØUT Premium, transactions are processed entirely by Apple through the App Store (StoreKit). We receive only transaction status (active/expired) and product identifiers. We do not receive or store your payment details, Apple ID, or billing address.

Information We Do Not Collect

RØUT is designed to respect your privacy. We explicitly do not collect or access:

• Personal accounts or login credentials (no RØUT account required)
• Your name, age, sex, height, weight, resting heart rate, or VO2 max from HealthKit (we do not request these read permissions)
• Photos, camera, or media library
• Contacts or address book
• Calendar or reminders
• Microphone or audio recordings (the Coach Engine audio is generated from text on-device)
• Browsing history
• Advertising identifiers
• Data from other apps

How We Use Your Information

Third-Party Services

RØUT integrates with the following third-party services:

RØUT AI Coaching Backend (Railway-hosted, United States)

• Purpose: Generate post-run audio coaching debriefs
• Data shared: Run summary (distance, duration, splits, heart-rate zones, ghost-race result, weather)
• Privacy: Data processed only to generate the coaching response; not permanently stored

Apple HealthKit

• Purpose: Read and write your workouts, routes, and health metrics on your device
• Data shared: Stays on your device and your iCloud Health store; never sent to our servers
• Privacy: Subject to Apple's Privacy Policy

Apple WeatherKit

• Purpose: Display current weather and forecasts for your runs
• Data shared: Location coordinates
• Privacy: Subject to Apple's Privacy Policy

Strava (Optional)

• Purpose: Upload runs you record in RØUT to your Strava account
• Data shared: GPS track (GPX), distance, duration, elevation, timestamps, and activity metadata (pace, target, result, weather). The GPX is sent via an authenticated call to https://www.strava.com/api/v3/uploads.
• Scopes requested: activity:write, activity:read (the read scope is used only to verify whether an activity has already been uploaded, to avoid duplicates)
• Connection method: OAuth 2.0 via the official Strava iOS app, with ASWebAuthenticationSession as fallback
• Token storage: iOS Keychain on your device only — never on our servers
• User control: Disconnect at any time in RØUT Settings
• Privacy: Subject to Strava's Privacy Policy

PostHog Analytics (EU)

• Purpose: Anonymous product analytics
• Data shared: Usage events, anonymous device ID, wireframe session replays
• Location: European Union
• Privacy: GDPR compliant. PostHog Privacy Policy

Apple App Store / StoreKit

• Purpose: In-app subscriptions
• Data shared: Transaction verification only
• Privacy: Subject to Apple's Privacy Policy

Resend (Website only)

• Purpose: Transactional email delivery (TestFlight waitlist confirmation, launch updates)
• Data shared: Email address
• Privacy: Subject to Resend's Privacy Policy

Vercel Analytics (Website only)

• Purpose: Website visitor analytics
• Data shared: Page views, anonymous usage data
• Privacy: Subject to Vercel's Privacy Policy

Strava Integration (Optional)

RØUT offers an optional integration with Strava so you can mirror runs you record in RØUT to your Strava training log.

How it works

1. Opt-in. Tap Connect with Strava in RØUT Settings. You'll be taken to Strava's official OAuth screen to review and approve the permissions RØUT is requesting.
2. Scopes. RØUT requests activity:write (to upload new activities) and activity:read (to check whether a run has already been uploaded, preventing duplicates). RØUT does not read your Strava followers, segments, routes, or profile.
3. Upload. When you finish and save a run, the GPS track and run metadata are sent directly from your iPhone to Strava over HTTPS. The upload goes to https://www.strava.com/api/v3/uploads as a GPX file.
4. Nothing stored by us. RØUT does not keep a copy of the uploaded activity on any server. Only the Strava upload/activity ID is kept locally to prevent duplicate uploads.
5. Token refresh. Strava access tokens expire every ~6 hours. RØUT refreshes the token on-device using the stored refresh token. This happens silently.

Disconnecting Strava

You can disconnect Strava from RØUT at any time:

• In-app: Settings → Strava → Disconnect. This calls Strava's POST /oauth/deauthorize endpoint to revoke RØUT's access on Strava's side, then deletes all stored Strava tokens and identifiers from your device's Keychain.
• On Strava: You can also revoke RØUT's access directly in your Strava account under Settings → My Apps.

What we do not do with Strava data

• We do not sell Strava data.
• We do not share Strava data with any third party.
• We do not use Strava data for advertising or analytics.
• We do not import your existing Strava activities into RØUT's own storage.
• We do not store Strava tokens on our servers.

Data Storage and Security

Local Storage

• Pending workouts on the Watch are stored in AES-256-GCM encrypted local storage, with the encryption key held in the iOS Keychain
• Strava tokens and athlete identifiers are stored in the iOS Keychain (kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly)
• Coaching debriefs and weather data are cached locally using SwiftData
• Workouts are permanently stored in Apple Health once synced — Apple Health data is protected by iOS device encryption and iCloud end-to-end encryption (when iCloud Health is enabled)

Data Retention

Security Measures

• All network communications use HTTPS/TLS encryption
• Location permissions follow the iOS WhenInUse model; background location is only available during active workouts via WKBackgroundModes: workout-processing
• Strava tokens held in Keychain with hardware-backed encryption
• No sensitive data stored in plain text
• Session replays (PostHog) automatically mask all text inputs

Your Rights and Controls

HealthKit Permissions

You can control HealthKit access per-data-type in Settings → Privacy & Security → Health → RØUT Run.

Location Permissions

You control location access through iOS Settings:

• While Using: Required for run recording
• Never: The app cannot record runs
• Change at: Settings → Privacy & Security → Location Services → RØUT

Delete Your Data

• Delete individual runs: Remove them from the Apple Health app
• Clear coaching/weather cache: Available in RØUT Settings
• Reset analytics ID: Reinstall the app
• Disconnect Strava: In-app Settings → Strava → Disconnect. This revokes RØUT's access via Strava's POST /oauth/deauthorize endpoint and deletes all stored Strava tokens from your Keychain.
• Request data deletion: Contact us at the email below

Your Rights Under GDPR (EU Users)

• Access: Request a copy of any data we hold
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data
• Portability: Export your workouts as GPX from Apple Health, or via RØUT's export function
• Object: Opt out of analytics (contact us)

Your Rights Under CCPA (California Users)

• Know: What personal information is collected
• Delete: Request deletion of your data
• Non-discrimination: Equal service regardless of privacy choices

International Data Transfers

Your data may be processed in:

• United States: RØUT AI Coaching Backend (Railway) and, if you connect Strava, Strava Inc.
• European Union: PostHog analytics

Where data is transferred outside your region, we ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

Children's Privacy

RØUT is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, the “Last Updated” date will be revised and material changes will be communicated via App Store update notes. Continued use of the Service constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact:

David Capp

Email: inforoutrun@gmail.com

We aim to respond to all privacy inquiries within 30 days.