Privacy Policy

Last updated: March 15, 2026

What we collect

Hypla collects the minimum data needed to provide your training plan and track your workouts:

  • Your email address (for sign-in via Google or magic link email)
  • Training profile information you provide (goals, fitness level, race targets)
  • Workout logs and completion data you enter

Strava integration

If you connect your Strava account, Hypla accesses your recent activities (distance, pace, heart rate, lap data) to auto-log workouts in your training plan. We request the activity:read_all scope, which gives read-only access to your activities.

We do not store raw Strava activity data. We extract summary metrics (pace, heart rate, duration, distance) and discard the rest. We never post to Strava or modify your Strava data in any way.

You can disconnect Strava at any time from Settings, which immediately deletes your stored Strava access and refresh tokens.

How we use your data

  • Generate and adjust your personalised training plans
  • Display your workout history and progress
  • Predict race times based on your logged training

Third-party services

We use the following third-party services to operate Hypla:

  • Anthropic (Claude API) — your training profile, workout history, and feedback are sent to generate and adjust training plans. Anthropic does not use this data for model training.
  • Stripe — handles subscription payments. We do not store your payment details; Stripe manages this directly.
  • Strava — if connected, we read your activity data as described above.
  • Google / Resend — used for authentication (Google OAuth sign-in and magic link emails).

We do not sell or provide your data to any third party for marketing or advertising purposes.

Data storage

Your data is stored in a PostgreSQL database on a server in Germany (Hetzner). All communication is encrypted via HTTPS. Strava OAuth tokens are stored in the database and automatically refreshed or deleted on disconnect.

Data deletion

You can delete your account and all associated data at any time from Settings → Danger Zone within the app. This is immediate and permanent. Alternatively, you can email and we will delete your data within 30 days.

Contact

For questions about this privacy policy, contact .