← Home
Privacy Policy
What we collect
| Data | Storage | Purpose |
|---|---|---|
| Strava athlete ID | SHA-256 hash (first 16 chars only) | Count unique users on homepage |
| Analysis sessions | Activity name, date, results in SQLite | Revisit results & organize into groups |
| Access tokens | Encrypted browser session cookie only | Strava API calls during your visit |
What we do NOT collect
- ❌ Your password (we use Strava OAuth)
- ❌ Your GPS/location data (processed in memory, not stored)
- ❌ Analytics cookies or tracking pixels
- ❌ Your email address
Strava OAuth
When you click "Connect with Strava", you're redirected to Strava where you grant permission. We receive a temporary token (expires in 6 hours). We never see your password. Revoke access anytime at strava.com/settings/apps.
🦈 Shark Mode
The bookmarklet runs in your browser on strava.com and sends stream data (time, speed, cadence, distance) to Rowalyse for analysis. No credentials are transmitted.
Shared links
Shared session links are public — anyone with the link can view results without logging in. Links use random IDs that cannot be guessed.
Contact
Questions? Email ruben.vlieger@ru.nl