Groundwork is a conversational running coach operated by Hearne Idea Works LLC. This policy explains what we collect, what we do with it, what we don't do with it, and what rights you have over your data.
Account information. When you sign in with Google, we receive your email address and basic profile information (name, profile photo). We use your email to identify your account. We never receive your Google password.
Conversations. We store the messages you send to Groundwork and Groundwork's responses. If you upload training files or images, those are processed to generate a response and stored as part of the conversation record.
Training data you provide. When you describe runs, paste workout details, or upload activity files, that information becomes part of your conversation record and informs Groundwork's analysis of your aerobic development.
Derived metrics. As you use Groundwork, the system computes training metrics from your data — a working aerobic ceiling, an efficiency measure at that ceiling, a governance state, and a trend direction. These are stored with your account so the coaching relationship persists across sessions.
Strava data (if you connect). If you choose to connect Strava, we request permission to read your activity data (runs, heart rate streams, pace streams, timestamps). We use this data to interpret your training and compute the derived metrics described above. Strava data handling is described in full below.
Your data is used for one purpose: to run Groundwork and give you a persistent coaching experience across sessions. Conversation history lets Groundwork remember where you left off. Activity data lets Groundwork interpret your training. Derived metrics let Groundwork govern your progression over time.
During beta, we may review individual conversations to understand how the product is performing and where it needs to improve. This review is done only by the Groundwork team and only on the data of users who have accepted the beta terms.
If you connect your Strava account to Groundwork, the following applies:
What we collect from Strava. Activity records (runs, including date, duration, distance, pace, heart rate, and location data where available) and basic profile information required to identify the connection.
How we collect it. Through Strava's official API, only after you authorize the connection through Strava's own authorization screen. We never see your Strava password.
How we store it. Raw activity data from Strava is cached on our servers for up to seven days, then automatically deleted. During that window, the data may be reprocessed to refine Groundwork's interpretation or support troubleshooting. After seven days, only the derived metrics we've computed remain — your aerobic ceiling, efficiency measure, governance state, trend direction, and related summaries. These derived metrics are Groundwork's own interpretation of your training and are retained with your account.
How to withdraw consent. You can disconnect Strava from within Groundwork or by revoking Groundwork's access directly from your Strava account settings. When you disconnect, we delete all Strava-sourced data (both cached raw data and the access tokens) from our systems. Derived metrics that Groundwork computed remain part of your Groundwork account unless you also request account deletion.
How to request deletion. Email hello@groundworkrun.com and we'll delete your account and all associated data, including all Strava-sourced data.
Strava-side deletions. If you delete an activity from Strava, we will remove it from Groundwork within 48 hours.
Garmin attribution. Some activity data accessed through Strava originates from Garmin devices. Where required, we display attribution to Garmin alongside that data.
Strava monitoring. Strava may monitor and collect usage data related to our use of the Strava API in connection with Groundwork, and may use that data for Strava's own business purposes. This is standard for applications built on the Strava platform.
Supabase. Account information, conversations, derived metrics, and cached Strava data are stored in Supabase, a managed database service.
Anthropic. Your messages are processed by Anthropic's Claude API to generate responses. Under Anthropic's commercial API terms, this data is never used to train Anthropic's models. Anthropic retains API inputs and outputs for up to seven days for abuse monitoring, then deletes them.
Both services maintain their own privacy and security practices, available at supabase.com and anthropic.com.
We do not sell your data. We do not share it with advertisers, marketers, or data brokers. We do not use your data to train AI models, and we do not permit our providers to train on it either. We do not combine data across users for analytics, research, or product insights.
Raw Strava activity data: up to seven days, then automatically deleted.
Conversations and derived metrics: retained as long as your account is active.
After you delete your account: all associated data is removed from our active systems within 30 days. Backup copies are overwritten on our standard backup rotation.
You can request access to, correction of, or deletion of your data at any time by emailing hello@groundworkrun.com. If you're in the EU, UK, or California, you have additional rights under the GDPR, UK GDPR, and CCPA respectively, including the right to data portability and the right to object to certain processing. We honor those requests.
For the purposes of the GDPR and UK GDPR, Hearne Idea Works LLC is the data controller for information processed through Groundwork. Where you connect a third-party service like Strava, that service acts as a separate and independent controller for its own data.
We use reasonable technical and organizational measures to protect your data, including encrypted connections (HTTPS), authenticated access to our database, and limited access to production systems. No system is perfectly secure, and we can't guarantee absolute protection.
If we learn of a security incident affecting your data, we'll notify you without undue delay and, where the incident involves Strava-sourced data, notify Strava within 24 hours as required by their developer agreement.
Groundwork is intended for athletes 16 and older. We don't knowingly collect information from anyone under 16. Groundwork's analysis depends on heart rate data, which Strava doesn't make available for users under 16, so the product isn't built to serve younger users in any case. If you believe someone under 16 has provided information to us, contact us and we'll delete it.
If we make material changes to this policy, we'll update the effective date at the top and notify active users by email before the changes take effect.
Questions about this policy, or requests to access, correct, or delete your data: hello@groundworkrun.com
Hearne Idea Works LLC · Atlanta, Georgia, USA