Privacy Policy

1. Introduction

HYBRYD ("we," "our," or "us") operates the HYBRYD mobile application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.

2. Information We Collect

We collect information that you provide directly and information collected automatically through connected services:

Account Information: Email address, name, and password when you create an account.

Health & Fitness Data: When you connect third-party services (WHOOP, Strava, Garmin), we access recovery scores, heart rate variability (HRV), sleep data, strain scores, workout activities, and related biometric data as authorized by you.

Training Data: Workout logs, RPE ratings, notes, preferences, and goals you enter into the app.

Usage Data: App interactions, feature usage, and crash reports to improve the service.

3. How We Use Your Information

We use your information to:

• Generate personalized AI-powered training plans based on your biometric data and preferences

• Provide recovery-aware workout recommendations

• Power the AI coaching chat feature

• Track your training progress and goals

• Send notifications about your daily training plan (if enabled)

• Improve and optimize our service

4. Third-Party Services

We integrate with the following third-party services via their official APIs:

WHOOP: Recovery score, strain, sleep, HRV, and workout data (via OAuth 2.0 authorization).

Strava: Activity data including runs, rides, and workouts (via OAuth 2.0 authorization).

Garmin: Sleep, stress, body battery, and heart rate data (via OAuth authorization).

Anthropic (Claude AI): Your biometric data and preferences are sent to Claude's API to generate training plans. Data is processed per Anthropic's data usage policies and is not used to train their models.

You can disconnect any third-party service at any time from the app settings. Upon disconnection, we revoke the access token and stop collecting data from that service.

5. Data Storage & Security

Your data is stored securely using industry-standard encryption. OAuth tokens for connected services are encrypted at rest. We use secure HTTPS connections for all data transmission. Your data is stored on servers located in the United States.

6. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We do not share your health or fitness data with advertisers. Data is only shared with service providers necessary to operate the app (cloud hosting, AI processing) under strict data processing agreements.

7. Your Rights

You have the right to:

• Access: Request a copy of all data we hold about you

• Delete: Delete your account and all associated data from within the app

• Export: Download your data in a machine-readable format

• Disconnect: Revoke access to any connected third-party service at any time

• Opt-out: Disable notifications and optional data collection

8. Account Deletion

You can delete your account at any time from the app settings. Upon deletion, we permanently remove all your personal data, training history, biometric snapshots, AI-generated plans, chat history, and connected device tokens. This action is irreversible and processed immediately.

9. Children's Privacy

HYBRYD is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or your data, contact us at: [email protected]