Privacy Policy

    Effective Date: April 2026

    1. Introduction

    At Singlet ("we," "our," or "us"), we are committed to protecting your privacy. This Privacy Policy explains what personal data we process, why we process it, which third parties receive data, and how cookie consent works across our product and marketing website.

    2. Who We Are and What We Provide

    Singlet provides training planning and workout management features for runners, including Garmin sync and AI-assisted planning.

    This policy applies to:

    3. Categories of Data We Process

    • Account and identity data (e.g. email, sign-in identifiers, account IDs)
    • Workout and training data (e.g. planned workouts, activity details, distances, durations, route/course files)
    • Technical and device data (e.g. IP address, browser metadata, log/error events)
    • Usage and marketing data (e.g. page views and campaign attribution, when consented)
    • Support communications (e.g. chat messages if you contact support via Crisp)

    4. How and Why We Use Data (Legal Bases)

    • Provide the service (contract necessity): account authentication, workout planning, Garmin sync, route/course handling, subscription management, and core product delivery.
    • Operate securely (legitimate interests): reliability, fraud/abuse prevention, debugging, and service monitoring.
    • Comply with legal obligations: financial, tax, and compliance records.
    • Analytics/advertising/support cookies (consent): Google Analytics, Meta Pixel, and Crisp where applicable.
    • Marketing communications (consent / opt-in): newsletters and product updates where you have opted in.

    We do not sell your personal data.

    5. Cookies and Consent

    We use a consent model that separates strictly necessary processing from optional analytics/marketing processing.

    • Required processing: needed for authentication, subscriptions, Garmin sync, storage, and security.
    • Optional processing: analytics, advertising, support chat, and marketing tools that can be declined.

    You can change your cookie choices at any time through the consent controls when available.

    6. Third-Party Processors and Tools

    We use trusted processors to operate our services.

    Required (service delivery)

    • Neon (managed PostgreSQL database hosting)
    • Stripe (subscriptions and billing)
    • Garmin Connect APIs (activity/training sync)
    • Resend (transactional authentication emails)
    • Upstash QStash and Upstash Redis (job processing, rate limiting, and caching)
    • Vercel Blob (activity file storage)
    • TensorLake (document parsing for plan import)
    • Mapbox (activity map rendering)
    • Google Drive Picker and Google OAuth (import and sign-in flows)
    • Sentry and Langfuse (error monitoring and AI observability)

    Optional (consent-based)

    • Google Analytics (website and product analytics)
    • Meta Pixel (advertising attribution on marketing site)
    • Crisp (support chat widget)
    • MailerLite (marketing email subscriptions)

    We do not sell personal data to third parties.

    7. Garmin-Specific Disclosures

    When you connect Garmin, we access only the scopes needed to deliver Singlet features.

    • Data sent to Garmin: structured workouts/training plans and course files.
    • Data retrieved from Garmin: completed activity details needed for progress and planning workflows.
    • You can revoke Garmin access at any time from your account settings.

    Garmin's privacy terms are available at https://www.garmin.com/privacy/connect.

    8. Data Security

    We use encryption in transit, access controls, secure authentication flows (including OAuth 2.0), and logging/monitoring safeguards to protect personal data. Access is limited to authorized personnel and processors that need it to provide the service.

    9. Data Retention

    We retain personal data only for as long as needed to provide the service, meet legal obligations, resolve disputes, and enforce agreements. You can request deletion of your account and associated data by contacting us.

    10. International Data Transfers

    Some of our processors are located outside your country (including outside the UK/EEA). Where required, we use appropriate safeguards for cross-border transfers, such as contractual protections and equivalent transfer mechanisms.

    11. Your Privacy Rights

    Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, or request portability of your personal data. You may also withdraw consent for optional processing at any time.

    To exercise your rights, contact support@singlet.app.

    12. Changes to This Policy

    We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide notice where required.

    13. Contact Information

    VGML Ltd

    Email: support@singlet.app

    Website: https://singlet.app