Privacy Policy

Effective Date: 4/8/2026

At Firmin.coach (referred to as "we", "us", or "our"), we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services.

1. Information We Collect

  • Identity Data: Name, email address, and profile picture (via Google Authentication).
  • Health & Fitness Data: Through integration with Garmin Connect or other fitness platforms, we collect:
    • Activity files (cycling, running, etc.) covering duration, distance, heart rate, power, speed, location (GPS), and cadence.
    • Daily health metrics including sleep duration and quality, Heart Rate Variability (HRV), Resting Heart Rate (RHR), Stress levels, and Body Battery.
    • User profile metrics such as age, weight, gender, and Functional Threshold Power (FTP) for training customization.
  • Usage Data: Information about how you interact with our application, generated training plans, and feedback.

2. How We Use Your Information

We use your data strictly to provide and improve our AI-powered coaching services:

  • To generate personalized training plans tailored to your fitness level and goals using AI models (Google Vertex AI / Gemini).
  • To analyze your workout performance and provide detailed feedback (compliance, intensity, physiological adaptation).
  • To track your progress over time (Fitness/Fatigue/Form modeling).
  • To facilitate account creation, authentication, and customer support.

We do NOT sell your personal data to third parties, advertisers, or data brokers.

3. Data Sharing and Processors

Your data may be processed by trusted third-party service providers who assist us in operating our application:

  • Google Cloud Platform (GCP): For secure cloud hosting, database storage (BigQuery, Firestore), and AI processing (Vertex AI).
  • Langfuse: For monitoring and debugging AI model performance (anonymized or strictly necessary trace data).
  • Firebase (Google): For authentication and real-time database services.

These providers are bound by strict confidentiality agreements and data protection obligations.

4. Data Security

We implement robust security measures to protect your data, including encryption in transit (HTTPS/TLS) and at rest (Google Cloud encryption). Access to sensitive health data is restricted to automated processes required for service delivery.

5. Your Rights (RGPD & CNIL)

In accordance with the General Data Protection Regulation (RGPD) and the French "Informatique et Libertés" law, you have the following rights:

  • Right of Access: You can request a copy of all personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete data directly in the app or via support.
  • Right to Erasure ("Right to be Forgotten"): You can request the deletion of your account and all associated data.
  • Right to Data Portability: You can receive your data in a structured, commonly used format (JSON/CSV).
  • Right to Withdraw Consent: You can disconnect your Garmin account at any time.

If you believe that your rights are not being respected, you have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés) in France.

6. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:
privacy@firmin.coach