Privacy Policy

Last updated: April 2026 · Effective date: April 2026

WattLog.pro ("we", "us", or "our") operates the wattlog.pro website, the WattLog macOS application, and the Wattlog Smart Trainer iOS application (collectively, the "Service"). This policy explains what data we collect, how we use it, and your rights regarding it.

1. Data we collect

When you create an account and use the Service we collect:

• Account data — your email address, chosen display name, and password (stored as a salted hash).
• Athlete profile data — name, age, weight, sex (all optional except name), and avatar colour.
• Training data — power (watts), heart rate (bpm), cadence (RPM), and elapsed time recorded during each session, plus derived metrics (TLS, WAP, RI, FTP estimates, cardiac drift).
• Device data — the Bluetooth device name and type of your smart trainer and heart rate monitor. We do not collect device serial numbers or persistent hardware identifiers.
• Usage events — anonymous, aggregated events such as "session started" and "workout completed". These contain no personal identifiers and are used solely to understand which features are used.

We do not collect location data, payment card details (handled entirely by our payment processor), or data from third-party fitness platforms unless you explicitly connect them in the future.

2. How we use your data

• To provide and personalise the Service (power zones, FTP, Performance Management Chart).
• To store your session history so it is available across devices.
• To send transactional emails (account confirmation, password reset). We do not send marketing email without your explicit consent.
• To improve the Service based on aggregated, anonymised usage patterns.

We never sell your data, share it with advertisers, or use health and fitness data to train third-party AI models.

3. Data storage and security

Your data is stored on servers in the EU (AWS eu-central-1). We use HTTPS for all data in transit and encrypt sensitive fields at rest. Access to production data is restricted to authorised personnel only.

4. Data retention

We retain your data for as long as your account is active. You can delete your account at any time from the Account Settings page; this permanently removes all associated personal data within 30 days.

5. Your rights (GDPR)

If you are in the European Economic Area you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate data.
• Erasure — ask us to delete your data ("right to be forgotten").
• Portability — export all your training data as TCX or FIT files at any time from within the app.
• Objection — object to processing based on legitimate interests.

To exercise any of these rights, email us at contact@wattlog.pro. We will respond within 30 days.

6. Cookies

The Service uses a single session cookie to keep you logged in. We do not use tracking cookies, third-party analytics cookies, or advertising pixels.

7. Third-party services

We use the following sub-processors:

• Amazon Web Services (AWS) — cloud hosting and storage (EU region).
• Payment processor — when billing is active, card data is handled entirely by our payment provider and never touches our servers.

8. Children

The Service is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has registered, contact us and we will delete the account promptly.

9. Changes to this policy

We will notify registered users by email of any material changes at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.

10. Contact

Questions about this policy? Email contact@wattlog.pro.