Back to Login

Privacy Policy

Last updated: February 19, 2026

1. Introduction

This Privacy Policy explains how Joey ("we", "us", or "our") collects, uses, and protects your personal data when you use our personal training tracker application. Joey is a personal project operated by Martin Eliason, based in Germany. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR).

By using Joey, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

The data controller responsible for your personal data is:

Martin Eliason

Berlin, Germany

support@coach-vita.com

3. Personal Data We Collect

We collect the following types of personal data:

Account Information

  • Name
  • Email address
  • Password (stored securely using industry-standard hashing)

Workout and Training Data

  • Training programs and exercises
  • Workout session logs (dates, weights, sets, reps)
  • Personal notes on exercises
  • Progress metrics and statistics

Health and Fitness Data (Optional)

  • Weight measurements (via Withings integration)
  • Activity data (via Strava integration)
  • Recovery, HRV, and sleep data (via WHOOP integration)
  • Sleep, HRV, stress, Body Battery, daily summaries, and activity data (via Garmin integration)
  • Daily energy levels (manually entered)

Technical Data

  • Browser type and version
  • Device information
  • IP address
  • Usage data and analytics

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Contract (Art. 6(1)(b)): Processing is necessary to provide you with the training tracker service you have requested.
  • Consent (Art. 6(1)(a)): For optional integrations (Strava, Withings, WHOOP, Garmin), we process data only with your explicit consent.
  • Legitimate Interest (Art. 6(1)(f)): For basic analytics to improve the service and ensure security.

5. How We Use Your Data

We use your personal data to:

  • Provide and maintain the training tracker service
  • Authenticate you and secure your account
  • Store and display your workout history and progress
  • Generate progress charts and statistics
  • Provide AI-powered coaching features (Coach Vita)
  • Sync with third-party fitness services (when you opt in)
  • Improve and optimize the application

6. Third-Party Service Providers

We use the following third-party services to operate Joey:

Vercel

Hosting and deployment platform, including Vercel Analytics

Location: United States

Privacy Policy

Neon (PostgreSQL)

Database hosting for storing your account and workout data

Location: European Union

Privacy Policy

Anthropic (Claude AI)

Powers the Coach Vita AI assistant feature

Location: United States

Privacy Policy

Strava (Optional)

Activity tracking integration (only if you connect your account)

Location: United States

Privacy Policy

Withings (Optional)

Weight and health data integration (only if you connect your account)

Location: France (European Union)

Privacy Policy

WHOOP (Optional)

Recovery, HRV, and sleep data integration (only if you connect your account)

Location: United States

Privacy Policy

Garmin (Optional)

Sleep, HRV, stress, Body Battery, daily health summaries, and activity data integration (only if you connect your account)

Location: United States / Switzerland

Privacy Notice

Note: Some services are located in the United States. Data transfers to the US are conducted in compliance with GDPR requirements, including appropriate safeguards such as Standard Contractual Clauses.

7. Cookies and Tracking

Joey uses only essential cookies required for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

Essential Cookies

  • next-auth.session-token: Maintains your login session
  • next-auth.csrf-token: Security token to prevent cross-site request forgery

8. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, all associated personal data is permanently deleted from our systems. This includes your profile information, workout history, training programs, and any connected service data.

9. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Art. 15): You can request a copy of all personal data we hold about you.
  • Right to Rectification (Art. 16): You can request correction of inaccurate personal data.
  • Right to Erasure (Art. 17): You can request deletion of your personal data ("right to be forgotten").
  • Right to Restrict Processing (Art. 18): You can request that we limit how we use your data.
  • Right to Data Portability (Art. 20): You can request your data in a machine-readable format.
  • Right to Object (Art. 21): You can object to processing based on legitimate interests.
  • Right to Withdraw Consent: You can withdraw consent at any time for optional features.

To exercise any of these rights, please contact us at support@coach-vita.com. We will respond to your request within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encrypted data transmission (HTTPS), secure password hashing, and access controls.

11. Age Requirement

Joey is intended for users who are at least 16 years of age. We do not knowingly collect personal data from anyone under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us so we can delete the information.

12. AI Transparency Statement

Coach Vita, our AI coaching assistant, uses data from connected third-party services — including Garmin — to provide personalized fitness coaching. When you connect a service, the following data may be processed by AI:

  • Sleep scores, duration, and sleep stage breakdowns
  • Heart rate variability (HRV) measurements
  • Stress levels and Body Battery data
  • Activity summaries (type, duration, distance, heart rate)
  • Daily health summaries (steps, resting heart rate)
  • Weight and body composition measurements
  • Recovery scores and strain data

This data is sent to Anthropic's Claude AI API to generate contextual coaching advice, workout adjustments, and recovery recommendations. The AI does not make medical decisions and its output is informational only.

Data sent to the AI is processed per Anthropic's Privacy Policy. Anthropic does not use API inputs/outputs to train its models. Your health data is not stored by the AI beyond the duration of each conversation session.

You can disconnect any third-party service at any time from Settings, which will stop that data from being included in AI coaching context.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

14. Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority. For Germany, the relevant authority is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin
Germany
www.datenschutz-berlin.de

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: support@coach-vita.com

Back to Login