Privacy Policy

Strava Data Trailume May Access

When you connect Strava, Trailume may access athlete and profile information, activities selected by you through the app, and activity metrics when Strava provides them.

• Activity metrics may include distance, time, elevation, route or map data, heart rate, and calories when available.
• Trailume requests Strava scopes for profile read access (read), activity read access (activity:read), and optional private activity read access (activity:read_all) when you grant it.
• Private activities are only available to Trailume if you grant Strava's private activity scope.

How Trailume Uses Strava Data

Trailume uses structured activity data to generate activity recaps, narrative summaries, maps, stats, comparisons, exports, and snapshots. Generated narratives are based on the activity fields available for the selected recap period.

By default, recap narrative text is generated by Trailume's deterministic writer. Deterministic recap generation does not send recap content to an external AI provider.

AI writer is optional. You can generate full recaps without AI writer and keep narrative generation fully deterministic.

When you enable AI writer, Trailume sends structured recap evidence to the configured narrative provider to generate narrative wording for that recap. From Trailume's perspective, this use is inference-only for the recap you requested.

Trailume does not use Strava data to train, fine-tune, or build AI or machine-learning models.

Third-party provider data handling depends on the provider, deployment setup, billing tier, and provider terms. Some paid plans may offer stricter data-handling commitments than unpaid tiers. Review your provider terms before enabling AI writer for sensitive recap content.

If the provider is unavailable, Trailume falls back to deterministic text.

If Gemini is configured, unpaid Gemini API usage may allow Google to use submitted content and responses to provide, improve, and develop Google products, services, and machine-learning technologies, and human reviewers may process API input and output. Do not enable AI writer with a Gemini free-tier configuration for sensitive, confidential, or personal recap content.

Server-Side Storage

Trailume stores the minimum server-side auth records needed to keep your Strava connection working and to reopen temporary account-saved recaps.

Server-side saved Strava-derived recaps are temporary. Account-saved recaps expire after 7 days, and expired recaps are no longer available from account history.

A saved recap payload may include generated narrative output, stats, maps, comparisons, and other recap content until the recap expires or is deleted.

• A user record linked to your Strava identity.
• Connected Strava account metadata, such as athlete id, display name, profile image URL when available, and granted scopes.
• Encrypted Strava access and refresh tokens.
• Durable session records that keep you connected between visits.
• Sanitized saved recap payloads associated with your Trailume user when you are connected.

Browser Storage

Browser-local saved recap history remains available as a fallback. These local saved recaps are copies of recap output and may include stats, narrative text, and trimmed map or elevation data used to reopen the recap later.

Local saved recaps do not sync across devices. Connected users may also have server-side saved recaps in their Trailume account.

Trailume does not currently store persistent local UI preferences beyond saved recap history, though the browser may use session storage for short-lived auth or UI messages.

Browser-local saved recaps may be cleared by your browser, by private browsing settings, by clearing site data, by using Trailume's saved recap delete controls, or by choosing to clear local recaps during profile deletion.

Sharing and Exports

Public share links are not currently supported. Snapshot PNG exports and map PNG exports are generated for user-controlled sharing, so you decide where those downloaded files go. Trailume cannot delete PNG files after they have been downloaded to your device.

Deleting Your Trailume Profile

Authenticated users can delete their Trailume profile from the account settings page. This removes server-side Trailume profile data, server-side saved recaps, stored Strava token records, Strava connection records, sessions, and OAuth state records tied to the user's sessions.

Disconnecting Strava deletes stored Strava token rows and server-side saved recaps associated with the Trailume profile. Deauthorizing Trailume from Strava also removes server-side Strava-derived saved recaps for the affected account or user, but does not delete the Trailume user row.

Deleting your Trailume profile signs you out of Trailume. It does not delete activity data from Strava, and it does not remove downloaded files or copies you shared elsewhere.

Data Practices

Trailume does not sell user data. Trailume does not expose Strava access or refresh tokens to the frontend.

Strava may monitor and collect usage data related to Trailume's access to the Strava API for purposes such as API operation, support, security, compliance, and service improvement, as described in Strava's API Agreement.

Support email: [email protected].