← Back to WatchForward

Privacy Policy

Last updated: April 12, 2025

WatchForward ("we", "us", or "our") operates the WatchForward Poster application (the "Service"). This page explains what data we access, how we use it, and your rights as a user.

1. Who We Are

WatchForward is operated by Pierluigi De Rogatis. For any privacy-related enquiries, contact us at pierluigi.derogatis@live.com.

2. Data We Access

WatchForward connects to your Strava account via OAuth 2.0. With your explicit consent, we access:

• Activity data — name, type (run/ride/etc.), distance, elevation, and duration of your recent activities. This is used solely to pre-fill the post generator so you don't have to type your stats manually.
• Activity write access — used only when you explicitly tap "Update Strava" to save the AI-generated title and description back to a specific activity. We never modify your activities without a direct, user-initiated action.
• Athlete profile — basic profile information (name, athlete ID) used to authenticate your session.

3. How We Use Your Data

We use your Strava data exclusively to provide the core functionality of WatchForward:

• Displaying your recent activities in the activity selector.
• Pre-filling workout metrics to generate AI-powered social post captions.
• Writing AI-generated content back to Strava when you explicitly request it.

We do not use your data for advertising, profiling, training AI models, or any purpose beyond the above.

4. Data Storage & Retention

WatchForward is designed with a minimal data footprint:

• Your Strava OAuth tokens are stored only in your browser's localStorage and are never sent to or persisted on our servers beyond the duration of your authenticated session.
• Activity data fetched from Strava is held in memory for your session only and is discarded when you close or reload the app.
• We do not operate a user database. We do not store your name, email, activity history, or generated posts.
• Server-side (Cloudflare Workers), your Strava access token is used in-flight to proxy API calls and is not written to any persistent storage.

5. Third-Party Services

WatchForward integrates with the following third-party services:

• Strava — activity data source and write destination. Governed by Strava's Privacy Policy.
• Anthropic / Claude AI — used to generate post captions. Only your activity type, metrics, duration, and personal notes are sent to the AI. No identifying information is transmitted. Governed by Anthropic's Privacy Policy.
• Cloudflare Workers — our serverless backend infrastructure. No user data is stored. Governed by Cloudflare's Privacy Policy.

6. Sharing of Data

We do not sell, rent, or share your personal data with any third parties for any commercial purpose. Data is only transmitted to the third-party services listed in Section 5, strictly as needed to operate the Service.

7. Your Rights

You can revoke WatchForward's access to your Strava account at any time by visiting Strava Settings → My Apps and disconnecting WatchForward. This immediately invalidates all tokens and removes our access to your Strava data.

To request deletion of any data we may hold, contact us at pierluigi.derogatis@live.com.

8. Children's Privacy

WatchForward is not directed at children under the age of 13. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by updating the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact

For any questions about this Privacy Policy, contact:
Pierluigi De Rogatis — pierluigi.derogatis@live.com