Privacy Policy
Activity Sync (Android app)
Effective date:
Summary
- Activity Sync reads your activity data from Fitbit and uploads it to Strava at your request.
- No activity data is stored on our servers.
- No activity data is permanently stored on your device; it is processed transiently to perform the sync.
- Fitbit access is limited to activity read access, and Strava access is limited to upload/write access.
Who we are (Data Controller)
Controller: Christian Herzog
Address: Am Waldeck 12, 88074 Meckenbeuren, Germany
Email: info@activity-sync.app
What data we access
When you connect Fitbit and Strava, Activity Sync may access and process:
- Fitbit activity data (e.g., start time, duration, distance, steps, calories, sport type; and, if available in the activity, route/location-related data).
- Strava upload/activity creation endpoints to create an uploaded activity in your Strava account.
- Technical identifiers required for OAuth (authorization codes, access tokens, refresh tokens).
How we use your data
- To fetch your activities from Fitbit so you can select or sync them.
- To transform activity fields into a format Strava accepts (for example mapping activity type and timestamps).
- To upload the activity to Strava only when you initiate a sync.
- To troubleshoot errors (only via on-device logs you choose to share; see "Diagnostics" below).
Data storage
Activity Sync does not store your activity data on any backend servers. Activity data is processed in-memory and sent directly to the Fitbit and Strava APIs.
To keep you signed in, the app may store OAuth tokens securely on the device (for example in Android secure storage). These tokens are used only to access Fitbit activities and upload to Strava on your behalf.
Legal bases (GDPR/EEA)
- Consent: You choose to connect accounts and grant permissions, and you can revoke access at any time.
- Contract / requested service: Processing is necessary to provide the sync functionality you request.
- Legitimate interests: Limited technical processing for app security and reliability (for example preventing abuse).
Sharing of data
We do not sell your data.
We share data only with: (a) Fitbit, to read your activities, and (b) Strava, to create your uploaded activities, as required to provide the service.
Diagnostics
Activity Sync does not automatically send analytics or crash reports to us by default. If you contact support, you may choose to share diagnostic information (for example, error messages or logs).
Your choices and rights
- Disconnect Fitbit or Strava at any time (revoking access from within the respective service settings).
- Request deletion of any support emails you have sent us (contact us at the email above).
- If applicable under GDPR, you may have rights of access, rectification, erasure, restriction, and objection.
Security
We use industry-standard OAuth authorization flows and HTTPS connections to Fitbit and Strava. No method of transmission or storage is 100% secure, but we aim to protect data with appropriate safeguards.
Children
Activity Sync is not directed to children. Do not use the app if you are not allowed to use Fitbit or Strava under their respective terms.
Changes to this policy
We may update this Privacy Policy from time to time. The "Effective date" above indicates the latest revision.