Privacy Policy
Last updated July 15, 2026
What OnBeet does
OnBeet records your runs and the music you listened to during them, then shows how your music relates to your running. This policy explains what data that takes, where it lives, and what control you have.
Data we collect
Account: your email address and the profile you create (name, handle, bio, avatar color).
Runs: GPS route, distance, pace, elevation, and time — only while you are recording a run.
Heart rate: read from Apple Health during a run, only if you grant Health access. We never write to Health.
Music: the songs that play during your recordings (title, artist, timestamps) from Spotify or Apple Music, plus playlists you choose to import.
Connected apps: when you link Strava, we import the runs and workout laps you authorize.
Diagnostics: anonymous crash reports (via Sentry) so we can fix bugs. These are not linked to your identity.
What we never do
We do not sell your data. We do not share it with advertisers or data brokers. We do not track you across other apps or websites. Your Spotify, Apple, and Strava sign-in tokens are stored server-side only and are never exposed to other users or third parties.
Where your data lives
Your data is stored in our database (Supabase, hosted in the US), protected by row-level security so only your account can read your rows. Share images you create are stored so they can be linked (for example, from a Strava activity description).
Sharing you control
Nothing is posted anywhere without your action. Sharing a run card, adding your soundtrack to a linked Strava activity, or exporting a playlist to Spotify all happen only when you tap them (or explicitly turn on auto-share in Settings, which you can turn off anytime).
Your rights
Export: Profile → Account → “Export my data” downloads everything we hold as a JSON file.
Delete: Profile → Account → “Delete account” permanently deletes your account and all your data (runs, music history, playlists, connections, images). This is immediate and cannot be undone.
Disconnect: you can disconnect Spotify, Apple Music, or Strava at any time in Profile; we stop reading from them immediately.
Permissions we ask for
Location (including background): to record your route while you run, even with the screen locked. Used only during recording.
Apple Health: to read heart rate during a run (optional).
Apple Music / media: to see what is playing so songs can be pinned to your route (optional).
Contact
Questions or requests: support@onbeet.app
Data & Permissions
Last updated July 15, 2026
Location
Used only while recording to draw your route and compute distance, pace, and elevation. Background access lets recording continue with the phone locked. Never used for advertising, never shared.
Music
While you record, we log what plays (song, artist, timing) so your route can be colored by your soundtrack. Importing a playlist reads that playlist’s track list once.
Heart rate
Read from Apple Health during recording, if you allow it, to show live HR and per-song effort. We never write to Health.
Connected apps
Strava: imports the runs you authorize; posting your soundtrack to a Strava activity only happens when you tap it or opt in. Sign-in tokens for all connections are stored server-side only.
Crash reports
Anonymous crash diagnostics (Sentry) help us fix bugs. They are not used for tracking or advertising.
Your controls
Export or permanently delete everything in Profile → Account. Disconnect any linked app in Profile at any time.
Contact: support@onbeet.app