Privacy & Cookie Policy

Last updated: July 21, 2025

Welcome to AlgoRun! This page explains how we collect, use, and protect your personal data. As a user of this website, you are entrusting us with your information. We take this responsibility seriously.

1. Who We Are (Data Controller)

This website is a personal project developed and maintained by a private individual. For any privacy-related questions or to exercise your rights, you can contact the data controller at:

  • Contact Email: privacy@algorun.it

2. What Personal Data We Collect

We collect the following types of personal data to provide and improve our services:

  • Account Information: When you sign up, we collect your email address and a hashed version of your password for authentication purposes.
  • User Profile Data: Any information you voluntarily add to your profile, such as your name, fitness level, or personal goals.
  • Workout Data: We store all the data you log for your workouts, including but not limited to: distance, duration, perceived effort, heart rate, location name, weather conditions, and any notes you provide.
  • AI-Generated Data: We store the personalized feedback and reports generated by our AI coach based on your workout history.
  • Technical Data: Like most web servers, ours may automatically log technical information such as your IP address, browser type, and access times. This is used for security and operational purposes.

Our primary purpose for processing your data is to provide you with the services offered by this website. The legal basis for this processing is the "performance of a contract" with you (the terms of service you agree to upon signing up).

Specifically, we use your data to:

  • Authenticate and manage your user account.
  • Store, track, and visualize your workout history.
  • Provide personalized AI-driven coaching feedback.
  • Ensure the security and stability of the application.

4. Third-Party Services (Data Processors)

We rely on a few trusted third-party services to run this website. These companies are our "data processors" and are legally bound to protect your data. We use:

  • Supabase: For our database hosting, user authentication, and backend infrastructure. All your workout and profile data is stored with Supabase.
  • Vercel: For hosting our web application.
  • External AI Provider: Google Gemini API (a service by Google LLC):
    • Purpose: We use Google's Gemini large language models to analyze your training goals, fitness level, and schedule to generate personalized training plans and weekly reports.
    • Data Shared: The information sent to the Google API includes the anonymized parameters you provide, such as your running goal (e.g., "Marathon"), performance target (e.g., "Sub 4-hours"), current fitness data (e.g., weekly mileage, recent race times), age, and gender. We never send your name, email address, or other directly identifying information in these prompts.
    • Google's Privacy Policy: The data is processed by Google in accordance with their privacy policy, which you can review here: https://policies.google.com/privacy. As per Google's terms for their AI services, they do not use this data to train their models without explicit permission

5. Data Retention

We will retain your personal data for as long as you maintain an account on our website. If you choose to delete your account, all your personal data will be permanently deleted from our systems within 30 days.

6. Your Rights Under GDPR

As a user, you have several rights over your personal data under the GDPR. These include:

  • The right to access: You can request a copy of the personal data we hold about you.
  • The right to rectification: You can request that we correct any inaccurate or incomplete data.
  • The right to erasure (the "right to be forgotten"): You can request that we delete your personal data.
  • The right to restrict processing: You can request that we limit how we use your data.
  • The right to data portability: You can request a copy of your data in a machine-readable format.
  • The right to object: You can object to us processing your data.

To exercise any of these rights, please contact us at the email address provided in the "Data Controller" section.

You also have the right to lodge a complaint with a supervisory authority, such as the Italian Data Protection Authority (Garante per la protezione dei dati personali), if you believe we have not processed your data in a compliant manner.

This website uses cookies to provide essential functionality. Cookies are small text files stored on your device.

  • Strictly Necessary Cookies: We use cookies provided by Supabase to manage your authentication and keep you logged in. These are essential for the website to function and cannot be disabled.
  • Analytics & Performance Cookies: At present, we do not use any analytics or performance cookies. If this changes, this policy will be updated, and a cookie consent banner will be implemented to request your permission.

You can control and manage cookies through your browser settings.